Rony
72402ce38b
chg: [threat-actor] STORM ->> Storm
2024-04-26 19:15:47 +00:00
Rony
e71398bbd5
Merge branch 'main' into fix
2024-04-27 00:31:16 +05:30
Rony
3d5c61a8ef
fix: resolve conflict
2024-04-26 18:56:46 +00:00
Mathieu4141
dd14938a49
[threat-actors] Add USDoD
2024-04-26 09:01:34 -07:00
Mathieu4141
2bf2bad2a9
[threat-actors] Add STORM-1849
2024-04-26 09:01:34 -07:00
Delta-Sierra
3c20f87966
add Cisco Talos and more producers
2024-04-26 12:30:25 +02:00
Delta-Sierra
0e3bab72d9
Fix uuid
2024-04-26 11:39:43 +02:00
Delta-Sierra
177fadbc10
Add Arcane Door
2024-04-26 10:36:26 +02:00
Delta-Sierra
de0b4145c9
Merge https://github.com/MISP/misp-galaxy
2024-04-24 14:56:01 +02:00
Delta-Sierra
9a2ec1c7e4
creation new galaxy entity
2024-04-24 14:51:59 +02:00
8c334c8f12
chg: [tidal] updated to the latest version
2024-04-24 08:43:19 +02:00
bac3ba7f49
chg: [sigma] Updated to the latest version
2024-04-24 08:34:56 +02:00
29f419d590
chg: [mitre-attack] updated to the latest version ATT&CK v15
2024-04-24 08:19:40 +02:00
Christophe Vandeplas
285892c854
chg: [interpol] add Abuses together with Entities
2024-04-23 11:20:22 +02:00
Christophe Vandeplas
1651787577
Merge remote-tracking branch 'MISP/main'
2024-04-23 10:26:52 +02:00
Christophe Vandeplas
83ffa6fa6f
new: [interpol] Addition of INTERPOL Darknet- and Cryptoasset Ecosystems taxonomy
2024-04-23 10:22:48 +02:00
Mathieu4141
2de3357ec0
[threat-actors] Add UAC-0149
2024-04-22 07:48:44 -07:00
Mathieu4141
337c21be5b
[threat-actors] Add UTA0218
2024-04-22 07:48:44 -07:00
Mathieu4141
6ca498872a
[threat-actors] Add GhostR
2024-04-22 07:48:44 -07:00
Christophe Vandeplas
fbc6cfcac0
[UKHSA] fix: addressed duplicate issue
2024-04-22 09:09:57 +02:00
Christophe Vandeplas
d7f25da68c
Merge branch 'main' of https://github.com/cvandeplas/misp-galaxy
2024-04-22 08:24:26 +02:00
Rony
dd8b317912
chg: [threat-actor] Earth Freybug
added
...
Tracking it seperately for now though TM identified it as subset of APT41
2024-04-21 06:35:56 +00:00
Rony
07cc6be922
chg: [threat-actor] UNC3236 removed
2024-04-20 18:42:27 +00:00
ea5800d028
Merge branch 'main' of github.com:MISP/misp-galaxy into main
2024-04-19 16:19:13 +02:00
af51b636ec
chg: [ransomware] Akira added
2024-04-19 16:18:54 +02:00
Delta-Sierra
b132279a59
fix typo tool silver ->Sliver
2024-04-19 14:15:38 +02:00
Delta-Sierra
ab863a04fb
fix forgotten meta
2024-04-19 13:53:00 +02:00
Delta-Sierra
f9e40fc309
merge
2024-04-19 13:28:05 +02:00
Delta-Sierra
ad5992ff3d
Feeding with Cutting Edge, Part 4 data
2024-04-19 13:23:59 +02:00
Mathieu Beligon
eed81e9a72
[threat-actors] r0ny123 review
2024-04-18 12:35:10 +02:00
Mathieu Beligon
b68e08de63
Merge branch 'main' into threat-actors/666b2554-9bea-42e8-9e11-299597de70b3
2024-04-18 12:31:41 +02:00
94aa7e20a2
new: [target-information] Sahrawi Arab Democratic Republic added
2024-04-18 06:44:13 +02:00
2a6bf0010c
chg: [threat-actor] APT44 added
...
Ref: https://services.google.com/fh/files/misc/apt44-unearthing-sandworm.pdf
2024-04-18 06:20:48 +02:00
Mathieu4141
148ff926c0
[threat-actors] Add APT41 aliases
2024-04-17 10:09:09 -07:00
Mathieu4141
640018599a
[threat-actors] Add Starry Addax
2024-04-17 10:09:09 -07:00
Mathieu4141
8d8085530d
[threat-actors] Add Volt Typhoon aliases
2024-04-17 10:09:09 -07:00
Mathieu4141
bf5dd6e382
[threat-actors] Add Earth Hundun
2024-04-17 10:09:09 -07:00
Mathieu4141
64533dba91
[threat-actors] Add RUBYCARP
2024-04-17 10:09:09 -07:00
Mathieu4141
9f33bdc13c
[threat-actors] Add CoralRaider
2024-04-17 10:09:09 -07:00
Mathieu4141
b4628a815e
[threat-actors] Add Sandworm aliases
2024-04-17 10:09:09 -07:00
Mathieu4141
94a76ab5a8
[threat-actors] Add BlackJack
2024-04-17 10:09:09 -07:00
Mathieu4141
6870ac7c42
[threat-actors] Add Smishing Triad
2024-04-17 10:09:09 -07:00
Mathieu4141
2cf8b058bb
[threat-actors] Add Bignosa
2024-04-17 10:09:08 -07:00
Mathieu4141
bb09f64e8b
[threat-actors] Add Opal Sleet aliases
2024-04-17 10:09:08 -07:00
Mathieu4141
1f67eeadf7
[threat-actors] Add CyberNiggers
2024-04-17 10:09:08 -07:00
Rony
ff07821cca
chg: [threat-actors] updated with references
2024-04-16 16:08:39 +00:00
Rony
d6c0a2110e
Merge branch 'MISP:main' into cn
2024-04-16 21:22:12 +05:30
59e9f48e19
chg: [sigma-rules] updated to the latest version
2024-04-14 09:28:32 +02:00
Rony
bfceda0029
chg: [threat-actors] add Storm-0558
references
2024-04-11 04:15:38 +00:00
Rony
3bfe5c09a0
Merge branch 'MISP:main' into cn
2024-04-11 08:58:24 +05:30
gregWDumont
f6d11cacab
[Sector] Add NACE_CODE to cluster
2024-04-03 16:36:34 +02:00
Christophe Vandeplas
7d5044ccaf
fix: [ukhsa] fix duplicate entry
2024-03-29 19:31:14 +01:00
Rony
605676806b
Merge branch 'MISP:main' into cn
2024-03-29 22:28:22 +05:30
Christophe Vandeplas
1c0beeaecf
new: [UKHSA] Added UK Health Security Agency Culture Collections
2024-03-29 14:45:13 +01:00
Mathieu4141
22bea56895
[threat-actors] Add UNC5174
2024-03-27 05:09:24 -07:00
Mathieu4141
541eb4a4a9
[threat-actors] Add Saad Tycoon
2024-03-27 05:09:24 -07:00
Mathieu4141
769cd4f47b
[threat-actors] Add Edalat-e Ali
2024-03-27 05:09:24 -07:00
Mathieu4141
ab52990840
[threat-actors] Add SilitNetwork
2024-03-27 05:09:24 -07:00
Mathieu4141
120f5c9b3f
[threat-actors] Add Lazarus Group aliases
2024-03-27 05:09:24 -07:00
Rony
bd7a3c90bb
fix: [threat-actor] remove comma
2024-03-25 19:39:46 +00:00
Rony
d0a1e04de6
chg: [threat-actors] updated with references
2024-03-26 00:59:48 +05:30
Delta-Sierra
f7eaa3d9d7
merge
2024-03-21 16:04:35 +01:00
Delta-Sierra
7e715b63e7
add Germany as target for several Threat actors
2024-03-21 16:00:31 +01:00
Mathieu4141
38d0804f9c
[threat-actors] Add Earth Krahang
2024-03-20 10:23:42 -07:00
Mathieu4141
bef50816a4
[threat-actors] Add MuddyWater aliases
2024-03-20 10:23:42 -07:00
Mathieu4141
b2e9f6c152
[threat-actors] Add Earth Kapre
2024-03-20 10:23:42 -07:00
Mathieu4141
6490424201
[threat-actors] Add UNC5325
2024-03-20 10:23:42 -07:00
Christophe Vandeplas
819b177278
fix: [tmss] remove duplicate author entry
2024-03-18 10:44:09 +01:00
Christophe Vandeplas
1114e7a67c
new: [tmss] Add Threat Matrix for Storage Services fixes #947
2024-03-18 10:39:28 +01:00
Christophe Vandeplas
2b12224aa9
chg: [disarm] New Version 1.4 of Red Framework
2024-03-15 16:32:49 +01:00
5f1b2305cf
Merge pull request #946 from NMD03/intel
...
Inteligence Agencies
2024-03-13 16:31:16 +01:00
niclas
7885a8fd00
chg [intel] mistakes on wikipedia got fixed
2024-03-13 10:10:35 +01:00
niclas
64803fb28c
chg: [intel] use UUIDv5 for clusters
2024-03-13 09:35:00 +01:00
niclas
65470855b3
Fix [cluster] duplicates
2024-03-12 14:23:11 +01:00
niclas
04c07e4774
Add [cluster] authors
2024-03-12 14:06:14 +01:00
niclas
3ece11b87f
Fix [synonyms]
2024-03-12 13:59:18 +01:00
niclas
5d8dbf0d91
Add [cluster] country code
2024-03-12 13:55:00 +01:00
niclas
c88253baea
Add [synonyms] and fixed indivdual mistakes
2024-03-12 13:00:57 +01:00
niclas
bb28408b14
Add [agencies] refs
2024-03-12 11:22:30 +01:00
Daniel Plohmann
77b7ed2f01
adding aliases from UA's H1'2023 report
2024-03-12 10:15:12 +01:00
3f039b5932
fix: [threat-actor] fix #942
...
`Hyppo Team` was present in two clusters. We just kept the alias
for `Turla`.
2024-03-11 10:00:15 +01:00
Delta-Sierra
5d8d0d294e
Merge https://github.com/MISP/misp-galaxy
2024-03-07 14:10:29 +01:00
Delta-Sierra
d9214cff89
update producers
2024-03-07 13:48:22 +01:00
b43f9d7b3d
Merge pull request #941 from NMD03/main
...
Add [galaxies] Tidal Cyber
2024-03-06 11:07:29 +01:00
niclas
098f0e6ecd
Fix [config] uuids
2024-03-06 09:54:06 +01:00
niclas
4f07fbdcdd
Fix [config] typo
2024-03-06 09:35:35 +01:00
niclas
c28a001b4f
Fix [tidal] check for existing sub clusters
2024-03-06 09:19:11 +01:00
niclas
03c6e3cb00
Fix [duplicates] list
2024-03-05 17:22:03 +01:00
niclas
a3071cf270
Add [techniques] codeblock for duplicates
2024-03-05 17:15:21 +01:00
niclas
16366f6893
Chg [tidal] add associated to name
2024-03-05 16:24:29 +01:00
niclas
a88b3ced33
Chg [groups] change name for Volt Typhoon duplicate
2024-03-05 16:15:58 +01:00
niclas
9e78c85124
Fix [references] no empty refs
2024-03-05 15:55:07 +01:00
niclas
2b383338f0
Fix [software] type as array
2024-03-05 15:46:35 +01:00
niclas
b2cc4ccd08
Fix [galaxies] add version
2024-03-05 15:33:10 +01:00
niclas
f756c18d1d
Fix [clusters] authors
2024-03-05 15:11:57 +01:00
niclas
5be77f6c2d
Fix [tidal] exclude empty meta fields
2024-03-05 14:41:53 +01:00
niclas
8e345c3684
Add [galaxies] Cyber Tidal
2024-03-05 14:27:25 +01:00
Mathieu4141
c11834aec4
[threat-actors] Add R00tK1T
2024-02-29 10:38:27 -08:00
Mathieu4141
39f89c900c
[threat-actors] Add Mogilevich
2024-02-29 10:38:27 -08:00
Mathieu4141
cc68b22fe2
[threat-actors] Add UNC1549
2024-02-29 10:38:27 -08:00
Mathieu4141
7b3c8a87c3
[threat-actors] Add UAC-0184
2024-02-29 10:38:27 -08:00
Mathieu4141
b010a75426
[threat-actors] Add SPIKEDWINE
2024-02-29 10:38:27 -08:00
838f649766
chg: [sigma] updated to the latest version
2024-02-27 14:10:36 +01:00
Delta-Sierra
7481cce57d
fix double
2024-02-23 16:14:42 +01:00
Delta-Sierra
42b3319e69
typo~
2024-02-23 16:13:14 +01:00
Delta-Sierra
8e07569da2
Fix ENORMOUS TYPO and add a few description (wip)
2024-02-23 16:11:23 +01:00
Delta-Sierra
667263a512
add producer names
2024-02-23 16:02:22 +01:00
39d40a991f
chg: [producer] Sophos added
2024-02-23 15:51:56 +01:00
364b835d8e
chg: [threat-actor] version updated
2024-02-23 15:46:11 +01:00
efb3c3995a
new: [producer] Skeleton for threat intelligence producer to be attached
...
as producer of Intelligence in MISP feed.
In the realm of cybersecurity, numerous security firms produce feeds and threat intelligence conforming to the MISP standards. However, a significant challenge arises due to the often insufficient or vague descriptions of the origins of this intelligence within these standards. This lack of clarity hinders the effectiveness and credibility of the threat intelligence shared across platforms and organizations.
2024-02-23 15:30:53 +01:00
Mathieu4141
9c85cbc223
[threat-actors] Add GoldFactory
2024-02-20 05:22:26 -08:00
Mathieu4141
82b347682c
[threat-actors] Add Winter Vivern aliases
2024-02-20 05:22:26 -08:00
Mathieu4141
4e61e7275a
[threat-actors] Add Cyber.Anarchy.Squad
2024-02-20 05:22:26 -08:00
Mathieu4141
ccfd207e59
[threat-actors] Add LabHost
2024-02-20 05:22:26 -08:00
Mathieu4141
83198aa663
[threat-actors] Add ShadowSyndicate
2024-02-20 05:22:25 -08:00
Mathieu4141
d3f5a26ec0
[threat-actors] Add ResumeLooters
2024-02-20 05:22:25 -08:00
Mathieu4141
6ddf39e1ae
[threat-actors] Add Charming Kitten aliases
2024-02-20 05:22:25 -08:00
Mathieu4141
96adf0ba8f
[threat-actors] Add ProCC
2024-02-20 05:22:25 -08:00
niclas
e90ae3e5d9
Fix [mitre] new galaxy enrichments
2024-02-19 13:44:32 +01:00
niclas
bdd2329163
reset enrichment
2024-02-19 13:42:27 +01:00
7ed94eb865
chg: [threat-actor] fixed
2024-02-16 18:41:46 +01:00
jstnk9
b3a25c57b3
added new information in relation to the Mandiant-Google TAG Report
...
New information added via https://services.google.com/fh/files/misc/tool-of-first-resort-israel-hamas-war-cyber.pdf
2024-02-16 17:36:09 +01:00
Delta-Sierra
ef8c6c95eb
add relationships between surveillance vendors
2024-02-16 15:37:14 +01:00
9cf86925f1
Merge pull request #931 from NMD03/enrich_new_mitre
...
Add [mitre] relations from deprecated galaxies
2024-02-15 16:31:08 +01:00
niclas
777ead0170
Fix [mitre] running jq_all_the_things.sh
2024-02-15 14:26:04 +01:00
Mathieu4141
f4d69382cf
[threat-actors] Add Blackatom
2024-02-15 03:42:29 -08:00
Mathieu4141
ed26f4d246
[threat-actors] Add TA2725
2024-02-15 03:42:28 -08:00
niclas
1e60ee58a7
Add [mitre] relations from deprecated galaxies
2024-02-15 11:59:17 +01:00
8f3c662961
chg: [sigma] updated to the latest version
2024-02-12 21:24:11 +01:00
Daniel Plohmann
8a359dbd43
merge KNOCKOUT SPIDER -> Evilnum
...
Based on newer public reporting grouping these.
2024-02-08 10:38:04 +01:00
Delta-Sierra
a8496a939e
Merge https://github.com/MISP/misp-galaxy
2024-02-07 10:53:31 +01:00
Delta-Sierra
4686aae3d5
add COATHANGER ref
2024-02-07 10:52:40 +01:00
Delta-Sierra
6222443b24
add COATHANGER RAT
2024-02-07 10:51:47 +01:00
94051bb5ef
chg: [surveillance-vendor] updated
2024-02-07 10:39:03 +01:00
c867adcbf3
Merge branch 'main' of github.com:MISP/misp-galaxy into main
2024-02-07 10:22:24 +01:00
d07c584525
chg: [surveillance-vendor] updated following https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf
2024-02-07 10:21:40 +01:00
Mathieu4141
02bec6da4f
[threat-actors] Add TwoSail Junk aliases
2024-02-06 07:30:07 -08:00
Mathieu4141
6235ee49f7
[threat-actors] Add Operation Emmental
2024-02-06 07:30:07 -08:00
Mathieu4141
c740c6f1e1
[threat-actors] Add Urpage
2024-02-06 07:30:06 -08:00
Mathieu4141
f58c20fc20
[threat-actors] Add APT23 aliases
2024-02-06 07:30:06 -08:00
Mathieu4141
9a2e09d86c
[threat-actors] Add Operation C-Major aliases
2024-02-06 07:30:06 -08:00
Mathieu4141
5194939603
[threat-actors] Add Tonto Team aliases
2024-02-06 07:30:06 -08:00
Mathieu4141
cc4dca679b
[threat-actors] Add Earth Yako
2024-02-06 07:30:06 -08:00
Mathieu4141
baaf153229
[threat-actors] Add Operation Red Signature
2024-02-06 07:30:06 -08:00
Mathieu4141
859d3f7ac0
[threat-actors] Add Earth Berberoka aliases
2024-02-06 07:30:06 -08:00
Mathieu4141
55083776a0
[threat-actors] Add Domestic Kitten aliases
2024-02-06 07:30:05 -08:00
Delta-Sierra
8643f5f555
Merge https://github.com/MISP/misp-galaxy
2024-02-06 15:11:53 +01:00
Delta-Sierra
ea16f1811a
adding several webshells and open source tools
2024-02-06 15:09:41 +01:00
Mathieu4141
957e848a6f
[threat-actors] Add Ferocious Kitten
2024-02-05 09:20:11 -08:00
Mathieu4141
3a44200a0c
[threat-actors] Add APT5 aliases
2024-02-05 09:20:11 -08:00