mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add Storm-1575
This commit is contained in:
parent
a42dc67fb6
commit
e497ec2b38
1 changed files with 11 additions and 0 deletions
|
@ -14717,6 +14717,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "2da09284-be56-49cd-ad18-993a6eb17af2",
|
"uuid": "2da09284-be56-49cd-ad18-993a6eb17af2",
|
||||||
"value": "Storm-0835"
|
"value": "Storm-0835"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Storm-1575 is a threat actor identified by Microsoft as being involved in phishing campaigns using the Dadsec platform. They utilize hundreds of Domain Generated Algorithm domains to host credential harvesting pages and target global organizations to steal Microsoft 365 credentials.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.bridewell.com/insights/blogs/detail/analysing-widespread-microsoft365-credential-harvesting-campaign",
|
||||||
|
"https://twitter.com/MsftSecIntel/status/1712936244987019704?lang=en"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "2485a9cb-b41c-43bd-8b1c-c64e919c0a4e",
|
||||||
|
"value": "Storm-1575"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 298
|
"version": 298
|
||||||
|
|
Loading…
Reference in a new issue