mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add UNC5537
This commit is contained in:
parent
b317c4ff6b
commit
e7bb6de04a
1 changed files with 11 additions and 0 deletions
|
@ -16110,6 +16110,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "75cc313a-6a95-4ab8-b7f8-bfd7e4a7fe00",
|
"uuid": "75cc313a-6a95-4ab8-b7f8-bfd7e4a7fe00",
|
||||||
"value": "Gitloker"
|
"value": "Gitloker"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UNC5537 is a financially motivated threat actor targeting Snowflake customer databases. They use stolen credentials obtained from infostealer malware to access and exfiltrate large volumes of data. The compromised accounts lack multi-factor authentication, allowing UNC5537 to conduct data theft and extortion.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://research.checkpoint.com/2024/17th-june-threat-intelligence-report/",
|
||||||
|
"https://cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "b8c6da46-4c9a-4075-b9f3-3b5ef7bd3534",
|
||||||
|
"value": "UNC5537"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 310
|
"version": 310
|
||||||
|
|
Loading…
Reference in a new issue