|
3328b73185
|
fix: [ransomware] array end missing
|
2022-02-02 22:32:39 +01:00 |
|
Kevin Holvoet
|
3d23f98d04
|
Forgot comma between JSON entries
|
2022-02-02 18:58:55 +01:00 |
|
Kevin Holvoet
|
389add7580
|
Update ransomware.json with URL fix
Fixed URL for AlphaLocker
|
2022-02-02 18:54:31 +01:00 |
|
Kevin Holvoet
|
fa9829cec0
|
Update ransomware.json: add BlackCat (ALPHV)
|
2022-02-02 18:50:19 +01:00 |
|
Daniel Plohmann
|
833a6e0a8d
|
updated URLs for Gamaredon with Shuckworm alias reference
|
2022-02-02 09:40:10 +01:00 |
|
Daniel Plohmann
|
8f928d8eb3
|
adding Gamaredon alias Shuckworm used by Symantec
|
2022-02-02 09:35:53 +01:00 |
|
|
1fda357a03
|
new: [surveillance] Cytrox added
|
2022-01-30 11:31:55 +01:00 |
|
Jürgen Löhel
|
22046a1eae
|
Adds WhisperGate
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2022-01-18 13:16:06 -06:00 |
|
Jürgen Löhel
|
3059c70ae6
|
Adds UPAS-Kit
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2022-01-13 11:53:32 -06:00 |
|
Thomas Dupuy
|
c792bdd1b7
|
Add AQUATIC PANDA threat actor.
|
2022-01-12 13:51:11 -05:00 |
|
Thomas Dupuy
|
afaf3a3110
|
Add Motnug tool.
|
2022-01-12 13:37:59 -05:00 |
|
Jürgen Löhel
|
5aa8a8a8b1
|
Adds Ragnatela RAT
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2022-01-10 15:57:10 -06:00 |
|
Sami Tainio
|
dcb87b0dc6
|
chg: [threat-actor] Add SideCopy
|
2022-01-07 17:45:41 +02:00 |
|
Daniel Plohmann
|
3094283252
|
adding Mandiant's FIN13.
|
2022-01-03 09:32:43 +01:00 |
|
|
eba1b2839f
|
chg: [concordia] CMTMF killchain typo fixed
|
2021-12-20 10:41:00 +01:00 |
|
Raphaël Vinot
|
b4d518d4f0
|
fix: cmtmf-attack-pattern had multiple duplicate UUIDs
|
2021-12-17 17:58:29 +01:00 |
|
|
12617ff627
|
chg: [concordia] fix name inconsistencies
|
2021-12-17 17:41:00 +01:00 |
|
|
69b582f9ba
|
chg: [concordia] duplicate removed
|
2021-12-17 17:31:38 +01:00 |
|
|
bc3ab62917
|
chg: [concordia] duplicate removed
|
2021-12-17 17:26:04 +01:00 |
|
|
ee2a3c83f4
|
chg: [concordia] duplicate techniques removed
|
2021-12-17 17:21:00 +01:00 |
|
|
01d23b61b7
|
chg: [concordia] typo fixed
|
2021-12-17 17:15:43 +01:00 |
|
|
01f2ce68d4
|
chg: [misp-galaxy] duplicate modify trusted environment and also different technique ID?
|
2021-12-17 17:13:57 +01:00 |
|
|
5becac98e4
|
chg: [concordia] duplicates removed
|
2021-12-17 16:51:11 +01:00 |
|
|
ae7b7bd47d
|
chg: [cmtmf-attack-pattern] various fixes to make JSON ok
|
2021-12-17 16:08:07 +01:00 |
|
|
7b587710b1
|
Merge branch 'concordia_mtmf' of https://github.com/BennSaturn/misp-galaxy into BennSaturn-concordia_mtmf
|
2021-12-17 15:55:03 +01:00 |
|
Jürgen Löhel
|
b81ac7f01d
|
Adds DarkWatchman RAT
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2021-12-17 07:20:58 -06:00 |
|
Delta-Sierra
|
78a8cf4ad2
|
add ESPecter Bootkit
|
2021-11-19 16:30:57 +01:00 |
|
Delta-Sierra
|
c89623e945
|
add ESPecter bootkit
|
2021-11-16 08:17:37 +01:00 |
|
Christophe Vandeplas
|
aeb5719448
|
chg: [att&ck] update to ATT&CK v10
|
2021-10-22 14:34:25 +02:00 |
|
|
ab41df7282
|
chg: [malpedia] remove duplicate
|
2021-10-20 12:24:12 +02:00 |
|
|
e517787e7c
|
chg: [malpedia] duplicates removed
|
2021-10-20 12:21:05 +02:00 |
|
|
69f878c86f
|
fix: [malpedia] remove duplicate urls
|
2021-10-20 12:16:22 +02:00 |
|
|
da91f2abc2
|
chg: [malpedia] updated
|
2021-10-20 10:21:03 +02:00 |
|
marjatech
|
d74fdb3e43
|
update malpedia
|
2021-10-19 16:21:19 +02:00 |
|
Bernardo Santos
|
e74fcfe268
|
Update cmtmf-attack-pattern.json
- update version
|
2021-10-13 10:06:00 +02:00 |
|
Bernardo Santos
|
5f19983ba3
|
Update cmtmf-attack-pattern.json
- Changes to cluster type
- Fix typo for privilege escalation tactic
|
2021-10-13 09:57:03 +02:00 |
|
Bernardo Santos
|
49dfcca563
|
CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
|
2021-10-12 10:54:06 +02:00 |
|
Bernardo Santos
|
d09681b011
|
CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
|
2021-10-12 10:45:03 +02:00 |
|
Jeroen Pinoy
|
9ec76ae185
|
Add threat actor common raven
|
2021-10-03 23:30:20 +02:00 |
|
Thomas Patzke
|
26f0c344a1
|
Added O365 techniques
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
|
2021-09-18 23:27:38 +02:00 |
|
Thomas Dupuy
|
1985de4d44
|
Add BLUELIGHT tool.
|
2021-08-27 10:28:06 +02:00 |
|
Thomas Dupuy
|
89a3f986ba
|
Add InkySquid synonym.
|
2021-08-24 16:29:34 +02:00 |
|
Daniel Plohmann
|
3272960a14
|
fixed typo in actor name (CLOCKWORD -> CLOCKWORK SPIDER)
|
2021-08-19 06:02:40 +02:00 |
|
Rony
|
5dd0c7d8b3
|
chg: [threat-actor] add origin country to UNC2452 & HAFNIUM
addressed https://github.com/MISP/misp-galaxy/pull/660#issuecomment-884475015
|
2021-08-02 22:30:05 +05:30 |
|
Rony
|
636ccdedcd
|
Update threat-actor.json
|
2021-07-21 18:47:56 +05:30 |
|
Rony
|
9ecfecc063
|
another fix
|
2021-07-21 18:41:18 +05:30 |
|
Rony
|
32ea60d721
|
fix
|
2021-07-21 18:31:05 +05:30 |
|
Rony
|
52e7d5a0a9
|
multiple updates to apt40, apt31 & hafnium
|
2021-07-21 18:28:40 +05:30 |
|
Rony
|
fb9a41f8e9
|
from Gov Canada & MFA Japan
|
2021-07-19 20:33:35 +05:30 |
|
Rony
|
c90c60cb13
|
adding references for APT40 & APT31
|
2021-07-19 20:14:36 +05:30 |
|