MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-12-02 11:47:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #167 from Delta-Sierra/master

Browse source 
update some clusters
This commit is contained in:
Alexandre Dulaunoy 2018-03-12 11:57:35 +01:00 committed by GitHub
commit f0655587a5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
clusters/threat-actor.json
View file

@ -523,14 +523,17 @@
"GREF", "GREF",
"Playful Dragon", "Playful Dragon",
"APT 15", "APT 15",
"APT15",
"Metushy", "Metushy",
"Lurid", "Lurid",
"Social Network Team" "Social Network Team",
"Royal APT"
], ],
"country": "CN", "country": "CN",
"refs": [ "refs": [
"https://www.fireeye.com/blog/threat-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html", "https://www.fireeye.com/blog/threat-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html",
"http://arstechnica.com/security/2015/04/elite-cyber-crime-group-strikes-back-after-attack-by-rival-apt-gang/" "http://arstechnica.com/security/2015/04/elite-cyber-crime-group-strikes-back-after-attack-by-rival-apt-gang/",
"https://github.com/nccgroup/Royal_APT"
] ]
}, },
"value": "Mirage", "value": "Mirage",
@ -2488,5 +2491,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 34 "version": 35
} }

11
clusters/tool.json
View file

@ -10,7 +10,7 @@
], ],
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.", "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f", "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
"version": 55, "version": 56,
"values": [ "values": [
{ {
"meta": { "meta": {
@ -1138,6 +1138,9 @@
"Hoarde", "Hoarde",
"Phindolp", "Phindolp",
"BS2005" "BS2005"
],
"refs": [
"https://github.com/nccgroup/Royal_APT"
] ]
}, },
"value": "Hoardy", "value": "Hoardy",
@ -3839,7 +3842,8 @@
"refs": [ "refs": [
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Turla%20group%20using%20Neuron%20and%20Nautilus%20tools%20alongside%20Snake%20malware_0.pdf" "https://www.ncsc.gov.uk/content/files/protected_files/article_files/Turla%20group%20using%20Neuron%20and%20Nautilus%20tools%20alongside%20Snake%20malware_0.pdf"
] ]
} },
"uuid": "5c2eeaec-25e3-11e8-9d28-7f64aba5b173"
}, },
{ {
"value": "Nautilus", "value": "Nautilus",
@ -3848,7 +3852,8 @@
"refs": [ "refs": [
"https://www.ncsc.gov.uk/content/files/protected_files/article_files/Turla%20group%20using%20Neuron%20and%20Nautilus%20tools%20alongside%20Snake%20malware_0.pdf" "https://www.ncsc.gov.uk/content/files/protected_files/article_files/Turla%20group%20using%20Neuron%20and%20Nautilus%20tools%20alongside%20Snake%20malware_0.pdf"
] ]
} },
"uuid": "73cb7ecc-25e3-11e8-a97b-c35ec4e7dcf8"
} }
] ]
} }