mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
Merge pull request #718 from Mathieu4141/ta/ransom-house
Add `RansomHouse` group
This commit is contained in:
commit
ff280a9b44
1 changed files with 13 additions and 1 deletions
|
@ -2689,7 +2689,6 @@
|
||||||
"https://dragos.com/blog/crashoverride/CrashOverride-01.pdf",
|
"https://dragos.com/blog/crashoverride/CrashOverride-01.pdf",
|
||||||
"https://www.us-cert.gov/ncas/alerts/TA17-163A",
|
"https://www.us-cert.gov/ncas/alerts/TA17-163A",
|
||||||
"https://ics.sans.org/blog/2016/01/09/confirmation-of-a-coordinated-attack-on-the-ukrainian-power-grid",
|
"https://ics.sans.org/blog/2016/01/09/confirmation-of-a-coordinated-attack-on-the-ukrainian-power-grid",
|
||||||
"https://www.cfr.org/interactive/cyber-operations/black-energy",
|
|
||||||
"https://web.archive.org/web/20141016132823/https://www.symantec.com/connect/blogs/sandworm-windows-zero-day-vulnerability-being-actively-exploited-targeted-attacks",
|
"https://web.archive.org/web/20141016132823/https://www.symantec.com/connect/blogs/sandworm-windows-zero-day-vulnerability-being-actively-exploited-targeted-attacks",
|
||||||
"https://ics.sans.org/blog/2015/12/30/current-reporting-on-the-cyber-attack-in-ukraine-resulting-in-power-outage",
|
"https://ics.sans.org/blog/2015/12/30/current-reporting-on-the-cyber-attack-in-ukraine-resulting-in-power-outage",
|
||||||
"https://blog.trendmicro.com/trendlabs-security-intelligence/timeline-of-sandworm-attacks/",
|
"https://blog.trendmicro.com/trendlabs-security-intelligence/timeline-of-sandworm-attacks/",
|
||||||
|
@ -9319,6 +9318,19 @@
|
||||||
},
|
},
|
||||||
"uuid": "7ab283ac-b78f-42db-b564-0550b9637b0b",
|
"uuid": "7ab283ac-b78f-42db-b564-0550b9637b0b",
|
||||||
"value": "TA579"
|
"value": "TA579"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "This group started operating during the first quarter of 2022. They published samples of alleged stolen data from companies on their site on Tor. It is unclear if they conducted the attacks themselves, or if they bought leaked databases from third parties.",
|
||||||
|
"meta": {
|
||||||
|
"cfr-target-category": [
|
||||||
|
"Private sector"
|
||||||
|
],
|
||||||
|
"refs": [
|
||||||
|
"https://webz.io/dwp/new-ransomware-group-ransomhouse-is-it-real-or-fake/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "4d522fad-452c-46be-94ea-5803aec9b709",
|
||||||
|
"value": "RansomHouse"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 227
|
"version": 227
|
||||||
|
|
Loading…
Reference in a new issue