From afc4972e251b3016e54d355d66b94291d018fa28 Mon Sep 17 00:00:00 2001 From: Fredrik Borg Date: Tue, 7 Nov 2017 14:04:04 +0100 Subject: [PATCH 1/2] fix iso codes --- clusters/threat-actor.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 0cf072d..b48f689 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -1186,7 +1186,7 @@ "synonyms": [ "FruityArmor" ], - "country": "UAE" + "country": "AE" }, "value": "Stealth Falcon", "description": "Group targeting Emirati journalists, activists, and dissidents." @@ -1471,7 +1471,7 @@ "synonyms": [ "StrongPity" ], - "country": "TU" + "country": "TR" } }, { @@ -1526,7 +1526,7 @@ "value": "Sath-ı Müdafaa", "description": "A Turkish hacking group, Sath-ı Müdafaa, is encouraging individuals to join its DDoS-for-Points platform that features points and prizes for carrying out distributed denial-of-service (DDoS) attacks against a list of predetermined targets. Their DDoS tool also contains a backdoor to hack the hackers. So the overarching motivation and allegiance of the group is not entirely clear.", "meta": { - "country": "TU", + "country": "TR", "motive": "Hacktivists-Nationalists" } }, @@ -1534,7 +1534,7 @@ "value": "Aslan Neferler Tim", "description": "Turkish nationalist hacktivist group that has been active for roughly one year. According to Domaintools, the group’s site has been registered since December 2015, with an active Twitter account since January 2016. The group carries out distributed denial-of-service (DDoS) attacks and defacements against the sites of news organizations and governments perceived to be critical of Turkey’s policies or leadership, and purports to act in defense of Islam", "meta": { - "country": "TU", + "country": "TR", "synonyms": [ "Lion Soldiers Team", "Phantom Turk" @@ -1546,7 +1546,7 @@ "value": "Ayyıldız Tim", "description": "Ayyıldız (Crescent and Star) Tim is a nationalist hacking group founded in 2002. It performs defacements and DDoS attacks against the websites of governments that it considers to be repressing Muslim minorities or engaged in Islamophobic policies.", "meta": { - "country": "TU", + "country": "TR", "synonyms": [ "Crescent and Star" ], @@ -1557,7 +1557,7 @@ "value": "TurkHackTeam", "description": "Founded in 2004, Turkhackteam is one of Turkey’s oldest and most high-profile hacking collectives. According to a list compiled on Turkhackteam’s forum, the group has carried out almost 30 highly publicized hacking campaigns targeting foreign government and commercial websites, including websites of international corporations. ", "meta": { - "country": "TU", + "country": "TR", "synonyms": [ "Turk Hack Team" ], @@ -1642,7 +1642,7 @@ }, { "meta": { - "country": "CHN", + "country": "CN", "synonyms": [ "Cloudy Omega" ], @@ -1656,7 +1656,7 @@ }, { "meta": { - "country": "UKR", + "country": "UA", "refs": [ "http://www.welivesecurity.com/2016/05/18/groundbait" ] From 72d8bfc28a6f7bd682d99f342e905f82bf42c16a Mon Sep 17 00:00:00 2001 From: Fredrik Borg Date: Tue, 7 Nov 2017 14:15:40 +0100 Subject: [PATCH 2/2] fix-iso-code-3 --- clusters/threat-actor.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index b48f689..1d7e622 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -1376,7 +1376,7 @@ }, { "meta": { - "country": "LBY" + "country": "LY" }, "description": "Libyan Scorpions is a malware operation in use since September 2015 and operated by a politically motivated group whose main objective is intelligence gathering, spying on influentials and political figures and operate an espionage campaign within Libya.", "value": "Libyan Scorpions"