Daniel Plohmann
e15a4a6525
fixing/removing some more dead links
2020-04-06 15:25:22 +02:00
Deborah Servili
7859c8dbd7
Add coronavirus ransomware
2020-04-03 16:19:45 +02:00
Deborah Servili
8a3422acb4
add Pyta ransomnotes
2020-04-03 11:58:02 +02:00
Deborah Servili
c566c89f2a
add pyza ransomware
2020-03-27 14:22:34 +01:00
c7104e8819
chg: [country] jq all
2020-03-23 13:09:14 +01:00
iglocska
777c3188db
new: [country] galaxy added
2020-03-23 12:10:16 +01:00
35a57c36bf
Merge pull request #526 from Delta-Sierra/master
...
PARINACOTA group
2020-03-12 23:23:05 +01:00
Deborah Servili
a706b8ef2e
PARINACOTA group
2020-03-12 13:11:46 +01:00
e37f320df5
Merge pull request #523 from danielplohmann/patch-24
...
adding aliases MERCURY, HOLMIUM
2020-03-09 21:56:27 +01:00
Daniel Plohmann
ab49ef3c1a
Kimsuki -> Black Banshee
...
PWC refers to Kimsuki as Black Banshee (https://www.pwc.co.uk/issues/cyber-security-data-privacy/research/tracking-kimsuky-north-korea-based-cyber-espionage-group-part-2.html )
2020-03-09 18:20:56 +01:00
Daniel Plohmann
1260ab156a
adding aliases MERCURY, HOLMIUM
...
Muddywater->MERCURY: https://twitter.com/moranned/status/1234071210822184960
APT33->HOLMIUM: https://www.zdnet.com/article/microsoft-notified-10000-victims-of-nation-state-attacks/
2020-03-09 08:50:08 +01:00
e81c91e3e9
Merge pull request #522 from Delta-Sierra/master
...
add sdbbot
2020-03-06 15:24:14 +01:00
Deborah Servili
b007d5d3ce
add SdBbot
2020-03-06 14:33:19 +01:00
a407ddcc5b
Merge branch 'master' of github.com:MISP/misp-galaxy
2020-03-05 10:49:15 +01:00
375db26505
chg: [malpedia] fixes
2020-03-05 10:48:28 +01:00
4a64d0a4ad
Merge pull request #519 from danielplohmann/crowdstrike2020report
...
adding new/updated threat actor names from CrowdStrike 2020 report
2020-03-05 09:07:16 +01:00
Corsin Camichel
66aa5c3b13
fixing a comma error
2020-03-04 21:13:01 +01:00
Daniel Plohmann (jupiter)
0c2b0b76eb
while we are at it, we can also do Longhorn = APT-C-39
2020-03-04 21:09:06 +01:00
Corsin Camichel
a5a7c21c79
adding Raccoon (win.raccoon)
2020-03-04 21:02:51 +01:00
Daniel Plohmann (jupiter)
184f193342
IMPERIAL KITTEN as alias for Tortoiseshell
2020-03-04 19:39:14 +01:00
pnx@pyrite
3dc460e795
adding new/updated threat actor names from CrowdStrike 2020 report
2020-03-04 13:36:34 +01:00
Daniel Plohmann
dc059d1f4d
Accenture calls APT32 - "POND LOACH"
2020-03-03 19:40:50 +01:00
Deborah Servili
d8ea0f865c
add clop ransomware extension
2020-03-02 13:33:38 +01:00
b4b91b1e5d
chg: [threat-actor] JSON fixed
2020-02-28 16:37:24 +01:00
4c7532984a
Merge branch 'master' of https://github.com/nyx0/misp-galaxy into nyx0-master
2020-02-28 16:36:56 +01:00
Deborah Servili
0d4745d55f
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2020-02-28 11:38:20 +01:00
Deborah Servili
a61f8d7049
add extension to clop ransomware
2020-02-28 11:37:54 +01:00
ee63756cc5
Merge pull request #516 from rmkml/master
...
add MedusaLocker ransomware
2020-02-23 16:06:45 +01:00
rmkml
590e292b68
add MedusaLocker ransomware
2020-02-23 16:01:45 +01:00
Deborah Servili
29bf20e89b
add razor ransomware
2020-02-19 15:55:29 +01:00
Thomas Dupuy
0daeb675f5
Add InvisiMole cluster
2020-02-18 13:28:32 -05:00
c98093e6fe
Merge pull request #513 from danielplohmann/patch-20
...
adding APT-C-12
2020-02-13 21:56:34 +01:00
Daniel Plohmann
e481e9bb50
adding APT-C-12
2020-02-13 17:44:45 +01:00
Deborah Servili
f196bad4a1
add tools used by TA505 + others
2020-02-12 15:39:16 +01:00
Deborah Servili
66a721fcd3
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2020-02-12 15:00:30 +01:00
Deborah Servili
b46f9b68fe
add warzone RAT
2020-02-06 13:39:58 +01:00
33aa1c8f3f
Merge pull request #510 from Delta-Sierra/master
...
add ransomwares
2020-02-06 09:53:19 +01:00
Deborah Servili
46fe9cb82b
add ransomwares
2020-02-06 09:29:33 +01:00
Rony
22c9badee0
Update threat-actor.json
...
those are the name of aliases of the same malware family sykipot. so removing it.
2020-02-05 18:00:31 +05:30
Deborah Servili
5da17d51aa
Merge branch 'master' into master
2020-01-24 09:33:33 +01:00
Deborah Servili
606e3ec90f
jq
2020-01-24 09:32:09 +01:00
6d078a88dd
chg: [ransomware] Nodera ransomware added
2020-01-24 09:04:38 +01:00
Deborah Servili
58415324c5
add Operation Wocao
2020-01-24 08:27:20 +01:00
Thomas Dupuy
edc5196373
Add Attor and DePriMon
2020-01-23 11:27:00 -05:00
Daniel Plohmann
ccfe5ee130
removing and fixing deadlinks in the best possible way
...
Hi! While migrating Malpedia to our new reference data format, we noticed a few potentially dead/moved references in your cluster. This pull request should fix most of them, for some I was not able to find an appropriate replacement.
2020-01-23 11:14:20 +01:00
Daniel Plohmann
29a128da6f
adding references and TEMP.MixMaster as alias for WIZARD SPIDER
...
with kudos to @tbarabosch
2020-01-22 15:42:01 +01:00
911c2bf0bf
Merge pull request #504 from Delta-Sierra/master
...
update target location galaxy
2020-01-21 11:06:56 +01:00
Deborah Servili
8421bde291
complete Zimbabwe cluster
2020-01-21 10:51:07 +01:00
Deborah Servili
f364e51d24
update target location galaxy
2020-01-20 14:46:03 +01:00
dbaab413b6
chg: [threat-actor] typo fixed
2020-01-18 17:30:27 +01:00
564f27c5ca
chg: [threat-actor] format fixed
2020-01-18 17:26:45 +01:00
34c5c66279
chg: [threat-actor] fix order
2020-01-18 17:08:32 +01:00
8eeceafc51
chg: [threat-actor] Budminer APT added based on document from "Soesanto, Stefan"
...
Ref: https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/389371/1/Cyber-Reports-2020-01-A-one-sided-Affair.pdf
Ref: https://www.symantec.com/connect/blogs/taiwan-targeted-new-cyberespionage-back-door-trojan
2020-01-18 17:02:44 +01:00
StefanKelm
027d94e68a
Update ransomware.json
2020-01-16 16:59:22 +01:00
StefanKelm
f53a92065c
Update ransomware.json
...
5ss5c
2020-01-16 16:46:38 +01:00
Deborah Servili
5ec817b499
Merge branch 'master' into master
2020-01-15 14:36:01 +01:00
Deborah Servili
32961527aa
add Autochk Rootkit as tool
2020-01-15 13:41:53 +01:00
Deborah Servili
bfcc867ee6
add two wipers to tools
2020-01-14 15:54:06 +01:00
3c90322fd8
Merge pull request #500 from Delta-Sierra/master
...
update target information
2020-01-08 16:22:24 +01:00
StefanKelm
5832893d4f
Update tool.json
...
LiquorBot
2020-01-08 16:04:22 +01:00
Deborah Servili
53df69a1eb
update target information
2020-01-08 15:50:47 +01:00
StefanKelm
bf4fc92066
Update tool.json
...
Lampion
2020-01-07 13:14:08 +01:00
5da0c7bd54
chg: [threat-actor] SideWinder APT group added
2020-01-07 10:42:07 +01:00
StefanKelm
9b6f9136f9
Update threat-actor.json
2020-01-03 12:50:49 +01:00
StefanKelm
9373cfcb53
Update threat-actor.json
...
BRONZE PRESIDENT
2020-01-03 12:42:57 +01:00
Rony
6b1142abac
Update threat-actor.json
2019-12-23 22:05:28 +05:30
be4f9e01a0
Merge pull request #496 from bartblaze/patch-1
...
Update threat-actor.json
2019-12-20 08:23:30 +01:00
Bart
8ebb2e2d16
Update threat-actor.json
...
Adds Operation Wocao..
2019-12-19 21:42:02 +01:00
Deborah Servili
34340372b3
add clop ransomware
2019-12-19 17:19:18 +01:00
Deborah Servili
b8c332a055
jq
2019-12-16 14:08:34 +01:00
Deborah Servili
c876928abd
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-12-16 13:36:56 +01:00
Deborah Servili
ee38ec7220
add BitPaymer Synonsyms
2019-12-16 13:36:00 +01:00
Deborah Servili
47e0d00555
Merge pull request #493 from Delta-Sierra/master
...
add tools used by GALLIUM
2019-12-13 15:35:29 +01:00
Deborah Servili
0fc9045ef2
add tools used by GALLIUM
2019-12-13 15:06:00 +01:00
9f56a91013
Merge pull request #492 from Delta-Sierra/master
...
Operation Soft Cell ralated Updates
2019-12-13 13:35:52 +01:00
Deborah Servili
03c54a3e05
add GALLIUM as microsoft activities group and similar to Operation Soft Cell
2019-12-13 11:47:31 +01:00
Deborah Servili
3be47af325
update threat actor version
2019-12-13 11:04:51 +01:00
Deborah Servili
9b153913be
add relation suspected link between operation soft cell and apt10
2019-12-13 10:59:06 +01:00
Sebastian Wagner
c3b5b39dd3
sofacy: add apt_sofacy as synonym
2019-12-12 15:57:13 +01:00
Deborah Servili
170f964e8c
##COMMA##
2019-12-11 14:22:09 +01:00
Deborah Servili
7e18f2e509
Merge branch 'master' into master
2019-12-11 13:51:52 +01:00
Deborah Servili
391b5a674d
add Axiom synonym
2019-12-11 13:50:35 +01:00
8da36c09e1
chg: [threat-actor] jq
2019-12-08 09:03:14 +01:00
Daniel Plohmann
94b3c1ec07
added APT-C-34 / Golden Falcon
2019-12-07 12:44:30 +01:00
Deborah Servili
31f3a61d5f
add Sofacy ref
2019-12-05 15:42:42 +01:00
8e73612b09
Merge pull request #488 from Delta-Sierra/master
...
create new galaxy - surveillance-vendor
2019-12-05 14:48:44 +01:00
Deborah Servili
df1cbf8dce
add clusters to surveillance-vendor galaxy
2019-12-05 12:06:10 +01:00
Deborah Servili
ad5b915175
Fix surveillance-vendor galaxy
2019-12-05 11:09:38 +01:00
Deborah Servili
12530db5a8
Add FlexiSPY + jq
2019-12-05 10:05:21 +01:00
Deborah Servili
a049009453
add new galaxy - surveillance-vendor
2019-12-04 16:22:58 +01:00
Deborah Servili
2e82cd4fd7
add Private Internet Access as Tool
2019-12-04 16:22:22 +01:00
5f020307f3
Merge pull request #485 from danielplohmann/patch-15
...
added TA2101
2019-12-03 22:36:49 +01:00
Daniel Plohmann
bd3cc6d8ee
added TA2101
2019-12-03 18:13:44 +01:00
Jean-Louis Huynen
100299f3fd
add: [dark-pattern] add a source
2019-12-03 17:09:57 +01:00
Jean-Louis Huynen
44a9897f2a
add: [dark-pattern] galaxy to tag dark patterns
2019-12-03 16:26:29 +01:00
2659d864d6
chg: [ransomware] jq ;-)
2019-11-22 22:41:01 +01:00
rmkml
64f100e578
Merge branch 'master' into master
2019-11-22 22:32:24 +01:00
rmkml
81cef767aa
Fix Add FTCode Ransomware
2019-11-22 22:27:20 +01:00
rmkml
eee9beca0f
Add FTCode Ransomware
2019-11-22 21:16:40 +01:00
Deborah Servili
34faa63070
jq
2019-11-22 15:41:51 +01:00
Deborah Servili
ba830c905d
add cyborg ransomnote refs
2019-11-22 15:36:49 +01:00
Deborah Servili
757c3d6480
add cyborg ransomnote filename
2019-11-22 15:35:58 +01:00
Deborah Servili
2009a9c45c
add cyborg ranspmware extension
2019-11-22 15:30:17 +01:00
Deborah Servili
cab60a02e2
jq
2019-11-22 14:15:29 +01:00
Deborah Servili
08a4897cbe
add DePriMon malicious downloader & Cyborg ransomware
2019-11-22 14:05:36 +01:00
8cc5e02f22
chg: [clean-up] jq all the things
2019-11-21 17:19:39 +01:00
Deborah Servili
38641aae36
merge
2019-11-21 16:24:11 +01:00
Deborah Servili
f21dd95b28
merge
2019-11-21 16:23:29 +01:00
8240fe1722
Merge pull request #480 from rmkml/master
...
Add Maze Ransomware
2019-11-21 14:13:17 +01:00
Deborah Servili
1a0dd2292b
add silence synonym & new meta field spoken-language
2019-11-21 11:50:02 +01:00
rmkml
90bc667988
Add Maze Ransomware
2019-11-21 00:57:50 +01:00
rmkml
9410326ea2
Revert "Add Maze Ransomware"
...
This reverts commit cfc6e2802c
.
2019-11-21 00:55:55 +01:00
rmkml
cfc6e2802c
Add Maze Ransomware
2019-11-19 23:15:02 +01:00
5dc55fbbfb
Merge pull request #477 from rmkml/master
...
Add Desync Ransomware
2019-11-19 06:40:31 +01:00
rmkml
ac4099ed0e
Add Desync Ransomware
2019-11-18 23:37:21 +01:00
Deborah Servili
5f65e8d208
traget information update [WIP]
2019-11-14 15:07:08 +01:00
StefanKelm
aa132ca58f
new refs for APT33
2019-11-14 14:57:05 +01:00
ea18f6e920
Merge pull request #475 from Delta-Sierra/master
...
target information update [WIP]
2019-11-13 20:43:03 +01:00
Deborah Servili
08cdc4cac3
jq
2019-11-13 15:56:23 +01:00
Deborah Servili
985c4b2459
traget information update [WIP]
2019-11-13 15:55:32 +01:00
eea0f528fa
chg: [threat-actor] Lucky Mouse synonym added
...
Ref: https://www.bleepingcomputer.com/news/security/cyber-espionage-group-customizes-old-public-tools/
Ref: https://www.cybersecurity-insiders.com/apt-lucky-mouse-group-targets-canada-icao-via-cyber-attack/
2019-11-12 12:51:44 +01:00
Raphaël Vinot
1486890f86
fix: JQ all the things.
2019-11-12 10:25:00 +01:00
871d90cfc2
chg: [threat-actor] Calypso group added
...
Ref: https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf
MISP UUID: 5ca4718b-7f38-4822-83b7-0a1a0a00b412
2019-11-11 13:34:54 +01:00
Deborah Servili
e310b98bc0
add Palestine PPound
2019-11-07 08:44:49 +01:00
Deborah Servili
50022d3905
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-11-07 08:34:05 +01:00
ea8c1dd764
Merge pull request #472 from rmkml/master
...
Add DoppelPaymer Ransomware
2019-11-06 20:48:33 +01:00
rmkml
9707a5eb0e
Add DoppelPaymer Ransomware
2019-11-06 20:41:43 +01:00
Deborah Servili
1a62f7c2cd
jq
2019-11-06 16:23:34 +01:00
Deborah Servili
5b6aae5d1c
update target location WIP
2019-11-06 16:21:10 +01:00
2d1406b4d6
Merge pull request #471 from rmkml/master
...
Add FreeMe Ransomware
2019-11-06 06:36:53 +01:00
rmkml
656d90fd7c
Add FreeMe Ransomware
2019-11-05 23:09:48 +01:00
d9a64c18ff
chg: [threat-actor] threat-actor-classification updated
2019-11-04 09:37:52 +01:00
6f463325b9
chg: [threat-actor] jq is jq
2019-11-03 16:01:09 +01:00
64a3569803
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-11-03 08:52:37 +01:00
8d01e77574
chg: [threat-actor] Operation WizardOpium added
...
ref: https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/
2019-11-03 08:51:37 +01:00
346e54a321
Merge pull request #468 from Delta-Sierra/master
...
add Turla Group Symonym variant
2019-11-02 13:40:21 +01:00
Deborah Servili
1da2dc8af1
add Turla Group Symonym variant
2019-10-31 16:33:32 +01:00
Deborah Servili
efa2f43c0f
Merge pull request #467 from Delta-Sierra/master
...
Few updates
2019-10-31 14:31:16 +01:00
Deborah Servili
bee9b80898
jq
2019-10-31 10:37:36 +01:00
Deborah Servili
0a8f989e1c
add Winnti related tools etc.
2019-10-31 10:36:15 +01:00
Christophe Vandeplas
d32022b241
fix: [attack] fixes old MITRE relationships not being removed
2019-10-27 21:06:26 +01:00
Christophe Vandeplas
4ab9bbbfa3
chg: [attack] update to latest ATT&CK data
2019-10-25 10:12:41 +02:00
1581827875
chg: [attck4fraud] jq all the things
2019-10-20 20:07:29 +02:00
Christophe Vandeplas
eb594cba0f
fix: [misinfosec] fixes inconsistent filename
2019-10-20 18:53:02 +02:00
2b84592ff5
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-10-18 14:28:41 +02:00
77605f8d43
chg: [attck4fraud] updates based on issue #466
2019-10-18 14:27:36 +02:00
Rony
1fc0f5e2e7
Update threat-actor.json
2019-10-17 09:46:56 +05:30
Deborah Servili
88025a541f
add operation soft cell
2019-10-14 16:07:35 +02:00
4d4bd3a70c
fix: [misinfosec] fixed kill_chain fields
2019-10-09 09:45:52 +02:00
VVX7
e4998efec9
chg: [galaxy] added AMITT galaxy/cluster generator script
2019-10-08 13:52:08 -04:00
VVX7
a0357c735e
chg: [galaxy] version number to int
2019-10-07 19:19:45 -04:00
VVX7
0a29445b44
new: [galaxy] AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools.
2019-10-07 19:07:25 -04:00
Deborah Servili
c27385cfa4
jq
2019-10-07 14:38:16 +02:00
Deborah Servili
5355910a8f
add legitimate tools
2019-10-07 13:38:40 +02:00
Deborah Servili
19452d8c1f
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-10-07 11:07:00 +02:00
Deborah Servili
569d453ff2
update version
2019-10-07 11:06:27 +02:00
Deborah Servili
0795eecd01
add PlugX rat sysnonyms
2019-10-07 11:04:33 +02:00
ac8236d16d
chg: [misp-galaxy] jq all the things
2019-10-03 14:46:07 +02:00
9e82b025b5
chg: [tool] COMPfun - Reductor added
...
Ref: https://securelist.com/compfun-successor-reductor/93633/
2019-10-03 14:25:44 +02:00
Deborah Servili
cb774002c9
add Sodinokibi synonym
2019-10-02 11:44:54 +02:00
Deborah Servili
82824be700
fix empty string
2019-09-30 12:55:31 +02:00
Deborah Servili
b7c9d3e034
jq
2019-09-30 11:56:28 +02:00
Deborah Servili
fca032ea73
add TVSPY tool
2019-09-30 10:45:53 +02:00
Deborah Servili
f6c075c3df
WIP update target info
2019-09-27 16:22:01 +02:00
Deborah Servili
c305640290
new galaxy - Region based on UN M49
2019-09-26 13:01:41 +02:00
Deborah Servili
d0068b0ce0
WIP update target info
2019-09-25 15:39:02 +02:00
Deborah Servili
a4b59f647c
jq
2019-09-25 13:41:55 +02:00
Deborah Servili
335402c886
Merge branch 'master' of https://github.com/MISP/misp-galaxy into target-location-galaxy
2019-09-25 13:39:33 +02:00
Deborah Servili
bb3f9dc183
WIP update target info - fix empty string
2019-09-25 13:31:46 +02:00
309109eb27
chg: [threat-actor] new LookBack (Malware?Campaign?TA?)
...
Signed-off: During MISP training
2019-09-25 12:12:34 +02:00
Deborah Servili
9068e3c742
WIP update target info
2019-09-25 11:46:10 +02:00
a5ae130916
chg: [threat-actor] Evil Eye and POISON CARP
...
Ref: https://citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/
Signed-off: Jean-Louis during training session
2019-09-25 11:27:03 +02:00
Deborah Servili
83ee520dd5
WIP update target info
2019-09-25 09:44:34 +02:00
Deborah Servili
638cdd4198
version update
2019-09-20 14:54:56 +02:00
Deborah Servili
b9b4b9c651
Add Tortoiseshell thrat actor
2019-09-20 14:53:25 +02:00
Deborah Servili
6d88367497
moar clusters
2019-09-20 09:50:37 +02:00
42f457fc22
Merge pull request #457 from rmkml/master
...
Add Mr.Dec Ransomware
2019-09-17 10:17:11 +02:00
rmkml
5631d210a0
Add Mr.Dec Ransomware
2019-09-17 00:44:56 +02:00
cc134d7dff
Merge pull request #456 from rmkml/master
...
Add Hildacrypt Ransomware
2019-09-15 18:24:03 +02:00
rmkml
dff982be20
Add Hildacrypt Ransomware
2019-09-14 21:49:16 +02:00
55da11f8ba
Merge pull request #455 from rmkml/master
...
Add InnfiRAT
2019-09-14 08:16:35 +02:00
rmkml
f907797d41
Add InnfiRAT
2019-09-14 00:08:54 +02:00
Deborah Servili
7e892eaa7d
update target information [draft]
2019-09-13 16:35:20 +02:00
Deborah Servili
2588df01cc
update target information
2019-09-12 16:22:11 +02:00
StefanKelm
db2b5a13ef
Update threat-actor.json
...
Silent Librarian
2019-09-12 11:57:03 +02:00
Deborah Servili
1eb23bc55b
update target information
2019-09-12 11:10:41 +02:00
Deborah Servili
6c430ad21e
improve target-information
2019-09-11 16:32:29 +02:00
rmkml
7c89cb308c
Merge branch 'master' into master
2019-09-07 19:52:05 +02:00
rmkml
dfc6321e0c
Add AsyncRAT
2019-09-07 19:43:08 +02:00
Deborah Servili
718ea55dd7
Merge branch 'master' into master
2019-09-04 14:42:47 +02:00
Deborah Servili
9e3a998dfc
aff SectorJ04 group
2019-09-03 15:51:21 +02:00
9690d070ab
Merge pull request #450 from rmkml/master
...
Add Buran Ransomware
2019-09-02 07:39:19 +02:00
rmkml
28ec696272
Add Buran Ransomware
2019-09-01 21:20:28 +02:00
Daniel Plohmann
f40b7dd132
'SectorJ04 Group' as alias introduced by NSHC for TA505
...
Not explicitly mentioned in the blog post but it looks like we just got an alias for TA505... https://threatrecon.nshc.net/2019/08/29/sectorj04-groups-increased-activity-in-2019/
2019-09-01 15:46:36 +02:00
9920461294
Merge pull request #448 from rmkml/master
...
Add Nemty Ransomware
2019-08-31 21:27:50 +02:00
rmkml
e79310c861
Add Nemty Ransomware
2019-08-31 21:08:50 +02:00
c7e6a17a31
Merge pull request #447 from Delta-Sierra/target-location-galaxy
...
improve more clusters
2019-08-30 16:37:39 +02:00
Deborah Servili
5504c10e3d
improve more clusters
2019-08-30 16:32:02 +02:00
b986f06cb4
Merge pull request #446 from wagner-certat/tool-empty-strings
...
Add test for empty strings
2019-08-30 11:10:16 +02:00
0966e58da6
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-08-30 11:06:29 +02:00
f5056ff02e
chg: [threat-actor] add machete-apt synonyms as reported in #445
2019-08-30 11:03:30 +02:00
Deborah Servili
2c248db419
Merge pull request #441 from Delta-Sierra/target-location-galaxy
...
More clusters improved
2019-08-30 10:15:56 +02:00
Sebastian Wagner
e13087a9c4
target-information: fix territory-type for China
2019-08-30 10:08:19 +02:00
StefanKelm
49f8f60a85
Update threat-actor.json
...
Add ITG08 as synonym for FIN6
2019-08-29 13:13:00 +02:00
8d78a2a108
chg: [threat-actor] jq all
2019-08-29 08:31:10 +02:00
791c88f2eb
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master
2019-08-29 08:30:41 +02:00
Deborah Servili
395dd93e0f
add Asruex Backdoor
2019-08-28 15:40:03 +02:00
9926ea8826
chg: [threat-actor] LYCEUM added - 443 #fixed
2019-08-28 14:35:12 +02:00
Deborah Servili
ea68336b96
add ref for Gamaredon
2019-08-27 08:28:58 +02:00
Deborah Servili
300e3c2bfb
More clusters improved
2019-08-26 17:50:20 +02:00
775b6d1a09
Merge pull request #440 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-23 16:29:23 +02:00
Deborah Servili
fcded146c2
More clusters improved
2019-08-23 16:01:12 +02:00
Deborah Servili
bae47241f0
More clusters improved
2019-08-23 11:14:14 +02:00
a68577a967
Merge pull request #439 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-22 16:24:57 +02:00
Deborah Servili
a579c041d2
More clusters improved
2019-08-22 15:59:11 +02:00
Deborah Servili
b7a97d1baf
More clusters improved
2019-08-22 11:49:09 +02:00
Deborah Servili
6944236943
more countries
2019-08-20 15:24:16 +02:00
Sebastian Wagner
38aebbf42a
remove empty strings
2019-08-19 17:04:07 +02:00
Deborah Servili
93ca9a3123
Merge pull request #437 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-19 08:57:48 +02:00
Deborah Servili
754f8f2a48
complete more cluster + country is now an array
2019-08-14 16:30:28 +02:00
Deborah Servili
3e651e2d74
target-informatione - add membership member-of attribute - Example:member-of NATO
2019-08-13 15:36:10 +02:00
6ca4e4cb17
Merge pull request #436 from Delta-Sierra/target-location-galaxy
...
Target location galaxy
2019-08-13 15:17:41 +02:00
Deborah Servili
e00f139fa2
jq
2019-08-13 13:01:36 +02:00
Deborah Servili
9accc832e3
change attribute name
2019-08-13 12:08:03 +02:00
Deborah Servili
389a82701a
jq
2019-08-13 11:57:28 +02:00
Deborah Servili
e946ce66db
complete some clusters
2019-08-13 11:55:18 +02:00
d48d2ccd3e
Merge pull request #435 from hackunagi/master
...
Adding Amavaldo Banking Trojan
2019-08-10 18:53:05 +02:00
3841447e16
Merge pull request #434 from r0ny123/patch-1
...
added microsoft naming for the groups
2019-08-10 18:52:26 +02:00
Thomas Dupuy
df5c9057a1
add synonyme for Turla
2019-08-09 17:34:22 -04:00
Carlos Borges
d96dc39c5a
Adding Amavaldo Banking Trojan
2019-08-09 18:00:37 -03:00
Rony
feac39db6b
added microsoft naming for the groups
2019-08-09 22:19:09 +05:30
Thomas Dupuy
320e298549
update victims
2019-08-09 10:45:10 -04:00
Thomas Dupuy
1988662ee5
add APT41
2019-08-09 10:24:06 -04:00
Deborah Servili
e239619d15
jq
2019-08-06 15:42:20 +02:00
Deborah Servili
53df0908c7
update version
2019-08-06 15:34:23 +02:00
Deborah Servili
4bef48b33e
add Amavaldo
2019-08-06 13:28:32 +02:00
Nils Kuhnert
17925f3e10
Remove local file link :)
2019-08-03 18:55:00 +02:00
Deborah Servili
21318cdf3d
fix building mistakes
2019-08-02 16:28:32 +02:00
7913adad61
chg: [threat-actor] rollback as discussed by chat with Andras until version 2.0
2019-08-02 16:08:40 +02:00
Andras Iklody
984be50396
lowercased value field for DarkHotel
2019-08-02 15:40:31 +02:00
17452d31a7
chg: [att&ck] July ATT&CK release included in MISP galaxy
2019-08-01 15:51:03 +02:00
a401ff7405
Merge branch 'master' into patch-13
2019-08-01 08:52:27 +02:00
Daniel Plohmann
0367e16ce0
adding secureworks actor names for energetic bear and teamspy
2019-07-31 14:35:09 +02:00
Daniel Plohmann
a4a72d0698
adding Proofpoint's TA428
2019-07-31 14:08:50 +02:00
Deborah Servili
08f713cb7d
add tld
...
Signed-off-by: Deborah Servili <deborah.servili@gmail.com>
2019-07-26 16:22:45 +02:00
Deborah Servili
427b424cf7
rename galaxy target-location -> target-information
2019-07-19 13:49:43 +02:00
Deborah Servili
294a8bf6a2
new galaxy target-location [DRAFT]
2019-07-19 10:30:47 +02:00
Deborah Servili
2861d2d78c
jq
2019-07-16 10:13:10 +02:00
Deborah Servili
ea4d8a2d42
add SWEED threat actor
2019-07-16 10:03:07 +02:00
Deborah Servili
ca45f0deec
jq
2019-06-24 10:22:38 +02:00
Deborah Servili
32ffc98e5d
add Felipe Trojan
2019-06-24 10:20:29 +02:00
9517c8b878
chg: [threat-actor] version updated
2019-06-20 17:58:35 +02:00
8c90f7231c
chg: [threat-actor] duplicated refs removed
2019-06-20 17:35:35 +02:00
5e9d075ae5
chg: [threat-actor] synonyms fixed
2019-06-20 17:30:01 +02:00
195406cc6b
chg: [threat-actor] jq everything
2019-06-20 17:27:55 +02:00
d018519700
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy
2019-06-20 17:23:04 +02:00
Deborah Servili
30f042211b
fix duplicate
2019-06-20 16:35:49 +02:00
Deborah Servili
a984786c8b
update threat actor galaxy
2019-06-20 16:25:23 +02:00
Rony
7afb9083b2
Update threat-actor.json
2019-06-19 23:29:35 +05:30
Deborah Servili
4bd37e2b2d
update threat actor galaxy
2019-06-19 16:38:04 +02:00
Deborah Servili
52e51833de
update threat actor galaxy
2019-06-18 16:05:49 +02:00
Deborah Servili
431e7a36c1
update threat actor galaxy
2019-06-17 16:36:42 +02:00
Deborah Servili
b966369933
##COMMA##
2019-06-14 16:35:55 +02:00
Deborah Servili
1e5292d999
fix duplicate
2019-06-14 16:21:33 +02:00
Deborah Servili
ead217eb28
Update version
2019-06-14 16:11:02 +02:00
Deborah Servili
98f0572d51
update threat actor galaxy
2019-06-14 16:06:09 +02:00
Deborah Servili
b040f9f57b
fix duplicate and links update (APT34)
2019-06-14 08:41:38 +02:00
Deborah Servili
2001652dae
fix duplicate
2019-06-14 08:28:44 +02:00
Deborah Servili
20e77afcc3
update threat actor galaxy
2019-06-13 16:19:21 +02:00
Deborah Servili
11c2f43c9f
tryto fix duplicate
2019-06-13 11:26:42 +02:00
Deborah Servili
e4245ee991
update threat actor galaxy
2019-06-12 16:25:24 +02:00
Deborah Servili
5a3d7e816f
fix duplicate
2019-06-12 09:24:05 +02:00
Deborah Servili
01fade422f
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-06-12 09:20:38 +02:00
Deborah Servili
1ba7f19ca2
update threat actor galaxy
2019-06-11 16:14:58 +02:00
Deborah Servili
347ed5d529
jq
2019-06-11 15:57:21 +02:00
Deborah Servili
79f11de6db
update threat actor galaxy
2019-06-11 15:54:39 +02:00
Deborah Servili
d6b458520b
update threat actor galaxy
2019-06-11 11:57:04 +02:00
8c69da1fd9
Merge pull request #413 from Delta-Sierra/master
...
update threat actor galaxy
2019-06-07 20:14:49 +02:00
Deborah Servili
1f2e59addb
update Threat actor galaxy
2019-06-07 16:34:43 +02:00
Deborah Servili
185763a63a
update threat actor
2019-06-06 16:34:09 +02:00
Deborah Servili
b809b9cfbb
update threat actor darkhotel (nemim might be a typo)
2019-06-06 11:58:19 +02:00
Deborah Servili
189c3066a5
update threat actor
2019-06-04 16:32:39 +02:00
3948cc24c1
Merge pull request #412 from Delta-Sierra/master
...
update threat actors and tools
2019-06-04 09:56:47 +02:00
Deborah Servili
468800ed59
FlawedAmmy RAT
2019-06-04 09:10:44 +02:00
Deborah Servili
a6c9d335ee
fix multiple refs
2019-06-04 08:52:34 +02:00
Deborah Servili
b47863f1c1
update threat actors
2019-05-29 16:18:50 +02:00
Deborah Servili
f48167ce77
update threat actors
2019-05-29 15:34:20 +02:00
Deborah Servili
f4cf3464ce
update threat actors and tools
2019-05-28 16:05:54 +02:00
9eac2a3923
Merge pull request #411 from Delta-Sierra/master
...
update threat-actor galaxy
2019-05-28 09:37:14 +02:00
Deborah Servili
bf19ed9d8d
fix merge mistakes
2019-05-28 09:26:24 +02:00
Deborah Servili
77d20739db
update threat actor
2019-05-28 09:24:29 +02:00
Deborah Servili
940762e0c5
update threat actor
2019-05-28 09:22:26 +02:00
Deborah Servili
0bb1420ab7
update threat-actor galaxy
2019-05-27 16:38:01 +02:00
Deborah Servili
af6241fd20
update Anchor Panda Threat Actor
2019-05-27 11:47:05 +02:00
555a87275f
Merge pull request #409 from rmkml/master
...
Add GetCrypt Ransomware
2019-05-25 13:56:30 +02:00
rmkml
de9cc6898a
Add GetCrypt Ransomware
2019-05-25 13:30:15 +02:00
3420e50bfd
Merge pull request #408 from rmkml/master
...
Add Phobos Ransomware
2019-05-25 08:42:26 +02:00
1ece51ed48
chg: [branded_vulnerability] version updated
2019-05-25 08:41:33 +02:00
rmkml
6f140ce358
Merge branch 'master' into master
2019-05-25 00:03:34 +02:00
Deborah Servili
0d97013022
add BlueKeep
2019-05-24 15:55:58 +02:00
Deborah Servili
9d8d5ce1c8
fix ransomware ransomnotes
2019-05-23 16:23:09 +02:00
Deborah Servili
f5a7efaadc
jq
2019-05-23 12:39:53 +02:00
Deborah Servili
b4e4d2e539
rework of ransomware galaxy
2019-05-23 12:39:33 +02:00
Daniel Plohmann
1cc0137c38
adding TA542 to MUMMY SPIDER (emotet)
2019-05-17 17:36:57 +02:00
Rony
380006ecbb
merging Pacifier & Turla
2019-05-16 23:57:49 +05:30
32af463dd1
Merge pull request #403 from Delta-Sierra/master
...
add Reaver and probably related tools
2019-05-16 17:04:14 +02:00
Deborah Servili
9f801122da
add Reaver and probably related tools
2019-05-16 15:45:03 +02:00
Daniel Plohmann
a20f7fbe91
adding APT31/ZIRCONIUM
2019-05-15 22:43:33 +02:00
rmkml
cd58833770
Add Phobos Ransomware
2019-05-15 21:02:32 +02:00
Raphaël Vinot
59869bf145
fix: o365-exchange-techniques (duplicate values, duplicate UUIDs)
2019-05-13 11:15:38 +02:00
Deborah Servili
f8e356e042
Merge pull request #400 from Delta-Sierra/master
...
add Sodinokibi
2019-05-13 08:50:26 +02:00
678b2a5621
chg: [o365-exchange-techniques] Actions on Intent added (finalized)
2019-05-12 18:25:01 +02:00
5d1565152c
chg: [o365-exchange-techniques] Expansion added (WiP)
2019-05-12 18:19:00 +02:00
ee0f793e49
chg: [o365-exchange-techniques] Persistence kill-chain added (WiP)
2019-05-12 17:54:53 +02:00
3a75c6a3df
chg: [o365-exchange-techniques] Compromise row added (WiP)
2019-05-12 12:07:30 +02:00
a2df5c46d8
chg: [o365-exchange-techniques] [WiP] based on John Lambert matrix techniques
2019-05-12 09:51:41 +02:00
Rony
7c0ea4949a
Update threat-actor.json
2019-05-12 11:11:09 +05:30
Deborah Servili
5bbb0ab53d
add Sodinokibi
2019-05-08 15:54:37 +02:00
Raphaël Vinot
82ebbc6612
fix: UUID issues
2019-05-07 12:09:39 +02:00
Raphaël Vinot
988586fde0
fix: Duplicate values, typos.
2019-05-06 17:17:16 +02:00
36f317b4a8
Merge pull request #395 from Delta-Sierra/master
...
add Scranos
2019-05-03 16:22:20 +02:00
Deborah Servili
ad00477c87
add Scarnos
2019-05-03 15:55:19 +02:00
6aa7c39714
Merge pull request #394 from StefanKelm/master
...
Update threat-actor.json
2019-05-02 16:50:25 +02:00
20007e7b7c
Merge pull request #393 from Delta-Sierra/master
...
add AESDDoS Botnet and JasperLoader
2019-05-02 16:48:55 +02:00
StefanKelm
7e329855b2
Update threat-actor.json
...
Silent Librarian / COBALT DICKENS
2019-05-02 15:34:19 +02:00
b77087d59e
chg: [malpedia] duplicates fixed
2019-05-02 14:48:17 +02:00
b706738d46
chg: [malpedia] jq all the things
2019-05-02 14:47:00 +02:00
1ddb38341b
Merge branch 'master' of https://github.com/nao-sec/misp-galaxy into nao-sec-master
2019-05-02 14:46:34 +02:00
Deborah Servili
dda2ede5f2
add JasperLoader
2019-05-02 13:02:00 +02:00
Deborah Servili
f51f13e84b
add AESDDoS Botnet
2019-05-02 10:15:26 +02:00
37da9bebdf
chg: [threat-actor] FIN4 updates
2019-05-01 17:41:03 +02:00
Rony
0afaf81438
Update threat-actor.json
2019-05-01 15:54:38 +05:30
Rony
c565f61761
Update threat-actor.json
2019-05-01 15:51:56 +05:30
Rony
3b185d8435
Update threat-actor.json
2019-05-01 15:40:10 +05:30
Rony
ed351b4eae
updated FIN4
2019-05-01 15:24:59 +05:30
94466d8196
chg: [ATT&CK] updated to the latest version
2019-04-30 19:07:57 +02:00
Rintaro KOIKE
57735a5b5c
chg: [malpedia] updated to the latest version
...
Ref: https://malpedia.caad.fkie.fraunhofer.de/api/get/misp
2019-04-30 20:41:12 +09:00
f9a030ce54
chg: [exploit-kit] jq all the things
2019-04-28 19:12:06 +02:00
82a85d1651
Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master
2019-04-28 19:11:20 +02:00
Kafeine
915b673b7a
+= Spelevo
2019-04-28 12:24:48 +02:00
2405f1c59e
chg: [tool] Cowboy and KimJongRAT (Sorry Paul, we forgot ;-)
...
ref: https://unit42.paloaltonetworks.com/babyshark-malware-part-two-attacks-continue-using-kimjongrat-and-pcrat/
2019-04-27 09:33:55 +02:00
094f0e0684
chg: [tool] jq all the things
2019-04-24 12:58:49 +02:00
088e7477a6
chg: [tool] Karkoff tool added
2019-04-24 11:40:06 +02:00
Rony
292df2360a
more report on APT36
2019-04-22 11:05:21 +05:30
Deborah Servili
8ac7aec85c
add Sea Turtle campaign
2019-04-19 13:21:11 +02:00
Deborah Servili
39a416e9e7
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-04-19 11:54:26 +02:00
Christophe Vandeplas
ecc63cf166
chg; [threat-actor] validate + version bump
2019-04-17 21:01:55 +02:00
Christophe Vandeplas
d5fd896bb0
Merge pull request #385 from bartblaze/master
...
Add Whitefly
2019-04-17 20:53:15 +02:00
Deborah Servili
3abfe9fa48
merge
2019-04-17 16:06:50 +02:00
Bart
e1cab68683
Add Whitefly
2019-04-17 12:27:18 +01:00