mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
adding targeted sectors
This commit is contained in:
parent
214ac5d329
commit
db23d6eb4c
1 changed files with 74 additions and 2 deletions
|
@ -2982,6 +2982,11 @@
|
||||||
"https://www.kaspersky.com/blog/financial-trojans-2019/25690/",
|
"https://www.kaspersky.com/blog/financial-trojans-2019/25690/",
|
||||||
"https://www.welivesecurity.com/2015/04/09/operation-buhtrap/",
|
"https://www.welivesecurity.com/2015/04/09/operation-buhtrap/",
|
||||||
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
|
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Bank",
|
||||||
|
"Payment",
|
||||||
|
"Finance"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "b737c51f-b579-49d5-a907-743b2e6d03cb",
|
"uuid": "b737c51f-b579-49d5-a907-743b2e6d03cb",
|
||||||
|
@ -3002,6 +3007,11 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"FIN4",
|
"FIN4",
|
||||||
"G0085"
|
"G0085"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Health",
|
||||||
|
"Finance",
|
||||||
|
"Pharmacy"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57",
|
"uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57",
|
||||||
|
@ -3020,7 +3030,10 @@
|
||||||
"description": "This group's activity was first observed in November 2013. It leverages a banking Trojan more commonly known as Shylock which aims to compromise online banking credentials and credentials related to Bitcoin wallets.",
|
"description": "This group's activity was first observed in November 2013. It leverages a banking Trojan more commonly known as Shylock which aims to compromise online banking credentials and credentials related to Bitcoin wallets.",
|
||||||
"meta": {
|
"meta": {
|
||||||
"attribution-confidence": "50",
|
"attribution-confidence": "50",
|
||||||
"country": "RU"
|
"country": "RU",
|
||||||
|
"targeted-sector": [
|
||||||
|
"Bank"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"uuid": "7dd7a8df-9012-4d14-977f-b3f9f71266b4",
|
"uuid": "7dd7a8df-9012-4d14-977f-b3f9f71266b4",
|
||||||
"value": "SHARK SPIDER"
|
"value": "SHARK SPIDER"
|
||||||
|
@ -3032,6 +3045,10 @@
|
||||||
"country": "RU",
|
"country": "RU",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://docs.huihoo.com/rsaconference/usa-2014/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries-final.pdf"
|
"https://docs.huihoo.com/rsaconference/usa-2014/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries-final.pdf"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Manufacturing",
|
||||||
|
"Industrial"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "db774b7d-a0ee-4375-b24e-fd278f5ab2fd",
|
"uuid": "db774b7d-a0ee-4375-b24e-fd278f5ab2fd",
|
||||||
|
@ -3264,6 +3281,10 @@
|
||||||
"APT-C-35",
|
"APT-C-35",
|
||||||
"SectorE02",
|
"SectorE02",
|
||||||
"Orange Kala"
|
"Orange Kala"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Government, Administration",
|
||||||
|
"Security Service"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3364,6 +3385,14 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"SyrianElectronicArmy",
|
"SyrianElectronicArmy",
|
||||||
"SEA"
|
"SEA"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Country",
|
||||||
|
"Defense",
|
||||||
|
"Opposition",
|
||||||
|
"Political party",
|
||||||
|
"News - Media",
|
||||||
|
"Government, Administration"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "4265d44e-8372-4ed0-b428-b331a5443d7d",
|
"uuid": "4265d44e-8372-4ed0-b428-b331a5443d7d",
|
||||||
|
@ -3403,6 +3432,11 @@
|
||||||
"TMP.Lapis",
|
"TMP.Lapis",
|
||||||
"Green Havildar",
|
"Green Havildar",
|
||||||
"COPPER FIELDSTONE"
|
"COPPER FIELDSTONE"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Activists",
|
||||||
|
"Civil society",
|
||||||
|
"Military"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3447,6 +3481,12 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"FruityArmor",
|
"FruityArmor",
|
||||||
"G0038"
|
"G0038"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Activists",
|
||||||
|
"Dissidents",
|
||||||
|
"Journalist",
|
||||||
|
"Civil society"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3516,6 +3556,10 @@
|
||||||
"G0040",
|
"G0040",
|
||||||
"Orange Athos",
|
"Orange Athos",
|
||||||
"Thirsty Gemini"
|
"Thirsty Gemini"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Finance",
|
||||||
|
"Diplomacy"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3558,6 +3602,9 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"G0029",
|
"G0029",
|
||||||
"Golfing Taurus"
|
"Golfing Taurus"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Activists"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3683,6 +3730,9 @@
|
||||||
"Sauron",
|
"Sauron",
|
||||||
"Project Sauron",
|
"Project Sauron",
|
||||||
"G0041"
|
"G0041"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Intelligence"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3727,6 +3777,9 @@
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"G0036"
|
"G0036"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Bank"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -3825,7 +3878,10 @@
|
||||||
"description": "Libyan Scorpions is a malware operation in use since September 2015 and operated by a politically motivated group whose main objective is intelligence gathering, spying on influentials and political figures and operate an espionage campaign within Libya.",
|
"description": "Libyan Scorpions is a malware operation in use since September 2015 and operated by a politically motivated group whose main objective is intelligence gathering, spying on influentials and political figures and operate an espionage campaign within Libya.",
|
||||||
"meta": {
|
"meta": {
|
||||||
"attribution-confidence": "50",
|
"attribution-confidence": "50",
|
||||||
"country": "LY"
|
"country": "LY",
|
||||||
|
"targeted-sector": [
|
||||||
|
"Intelligence"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"uuid": "815cbe98-e157-4078-9caa-c5a25dd64731",
|
"uuid": "815cbe98-e157-4078-9caa-c5a25dd64731",
|
||||||
"value": "Libyan Scorpions"
|
"value": "Libyan Scorpions"
|
||||||
|
@ -3911,6 +3967,15 @@
|
||||||
"ATK40",
|
"ATK40",
|
||||||
"G0049",
|
"G0049",
|
||||||
"Evasive Serpens"
|
"Evasive Serpens"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Chemical",
|
||||||
|
"Energy",
|
||||||
|
"engineering",
|
||||||
|
"Finance",
|
||||||
|
"Government, Administration",
|
||||||
|
"Telecoms",
|
||||||
|
"Other"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -4059,6 +4124,10 @@
|
||||||
],
|
],
|
||||||
"suspected-victims": [
|
"suspected-victims": [
|
||||||
"Ukraine"
|
"Ukraine"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Think Tanks",
|
||||||
|
"Government, Administration"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "3d5192f2-f235-46fd-aa68-dd00cc17d632",
|
"uuid": "3d5192f2-f235-46fd-aa68-dd00cc17d632",
|
||||||
|
@ -4069,6 +4138,9 @@
|
||||||
"meta": {
|
"meta": {
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://blogs.technet.microsoft.com/mmpc/2016/12/09/windows-10-protection-detection-and-response-against-recent-attacks/"
|
"https://blogs.technet.microsoft.com/mmpc/2016/12/09/windows-10-protection-detection-and-response-against-recent-attacks/"
|
||||||
|
],
|
||||||
|
"targeted-sector": [
|
||||||
|
"Energy"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
|
Loading…
Reference in a new issue