MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

JQ all the things

Browse source
This commit is contained in:
Raphaël Vinot 2017-03-16 17:31:43 +01:00
parent bc78bdde33
commit e1b5701351
1 changed files with 22 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
clusters/threat-actor.json
View file

@ -257,14 +257,14 @@
"Tailgater", "Tailgater",
"Ragebeast", "Ragebeast",
"Blackfly", "Blackfly",
"Lead", "Lead",
"Wicked Spider" "Wicked Spider"
], ],
"country": "CN", "country": "CN",
"refs": [ "refs": [
"http://securelist.com/blog/research/57585/winnti-faq-more-than-just-a-game/", "http://securelist.com/blog/research/57585/winnti-faq-more-than-just-a-game/",
"http://williamshowalter.com/a-universal-windows-bootkit/", "http://williamshowalter.com/a-universal-windows-bootkit/",
"https://blogs.technet.microsoft.com/mmpc/2017/01/25/detecting-threat-actors-in-recent-german-industrial-attacks-with-windows-defender-atp" "https://blogs.technet.microsoft.com/mmpc/2017/01/25/detecting-threat-actors-in-recent-german-industrial-attacks-with-windows-defender-atp"
] ]
}, },
"value": "Axiom" "value": "Axiom"
@ -365,7 +365,7 @@
"menuPass", "menuPass",
"happyyongzi", "happyyongzi",
"POTASSIUM", "POTASSIUM",
"DustStorm" "DustStorm"
], ],
"country": "CN" "country": "CN"
}, },
@ -1053,7 +1053,7 @@
], ],
"synonyms": [ "synonyms": [
"Skipper", "Skipper",
"Popeye" "Popeye"
], ],
"country": "RU" "country": "RU"
}, },
@ -1281,7 +1281,7 @@
"Gaza Hackers Team", "Gaza Hackers Team",
"Operation Molerats", "Operation Molerats",
"Extreme Jackal", "Extreme Jackal",
"Moonlight" "Moonlight"
] ]
} }
}, },
@ -1417,10 +1417,10 @@
] ]
} }
}, },
{ {
"meta": { "meta": {
"country": "CHN", "country": "CHN",
"synonyms": [ "synonyms": [
"Zhenbao" "Zhenbao"
], ],
"refs": [ "refs": [
@ -1430,23 +1430,23 @@
"value": "Hammer Panda", "value": "Hammer Panda",
"description": "Hammer Panda is a group of suspected Chinese origin targeting organisations in Russia." "description": "Hammer Panda is a group of suspected Chinese origin targeting organisations in Russia."
}, },
{ {
"meta": { "meta": {
"country": "CHN", "country": "CHN",
"refs": [ "refs": [
"https://blogs.technet.microsoft.com/mmpc/2017/01/25/detecting-threat-actors-in-recent-german-industrial-attacks-with-windows-defender-atp" "https://blogs.technet.microsoft.com/mmpc/2017/01/25/detecting-threat-actors-in-recent-german-industrial-attacks-with-windows-defender-atp"
] ]
}, },
"value": "Barium", "value": "Barium",
"description": "Barium is one of the groups using Winnti." "description": "Barium is one of the groups using Winnti."
}, },
{ {
"meta": { "meta": {
"country": "IRN", "country": "IRN",
"synonyms": [ "synonyms": [
"Operation Mermaid" "Operation Mermaid"
], ],
"refs": [ "refs": [
"https://www.blackhat.com/docs/us-16/materials/us-16-Guarnieri-Iran-And-The-Soft-War-For-Internet-Dominance-wp.pdf" "https://www.blackhat.com/docs/us-16/materials/us-16-Guarnieri-Iran-And-The-Soft-War-For-Internet-Dominance-wp.pdf"
] ]
}, },
@ -1455,8 +1455,8 @@
}, },
{ {
"meta": { "meta": {
"country": "IRN", "country": "IRN",
"refs": [ "refs": [
"https://www.blackhat.com/docs/us-16/materials/us-16-Guarnieri-Iran-And-The-Soft-War-For-Internet-Dominance-wp.pdf" "https://www.blackhat.com/docs/us-16/materials/us-16-Guarnieri-Iran-And-The-Soft-War-For-Internet-Dominance-wp.pdf"
] ]
}, },
@ -1465,11 +1465,11 @@
}, },
{ {
"meta": { "meta": {
"country": "CHN", "country": "CHN",
"synonyms": [ "synonyms": [
"Cloudy Omega" "Cloudy Omega"
], ],
"refs": [ "refs": [
"https://securelist.com/blog/research/71876/new-activity-of-the-blue-termite-apt/" "https://securelist.com/blog/research/71876/new-activity-of-the-blue-termite-apt/"
] ]
}, },
@ -1478,8 +1478,8 @@
}, },
{ {
"meta": { "meta": {
"country": "UKR", "country": "UKR",
"refs": [ "refs": [
"http://www.welivesecurity.com/2016/05/18/groundbait" "http://www.welivesecurity.com/2016/05/18/groundbait"
] ]
}, },