Commit graph

1593 commits

Author SHA1 Message Date
rwe
4700780d47 added antlion APT group 2022-02-05 04:52:33 -08:00
f49b54281b
chg: [ransomware] set encryption only 2022-02-02 22:36:14 +01:00
3328b73185
fix: [ransomware] array end missing 2022-02-02 22:32:39 +01:00
Kevin Holvoet
3d23f98d04
Forgot comma between JSON entries 2022-02-02 18:58:55 +01:00
Kevin Holvoet
389add7580
Update ransomware.json with URL fix
Fixed URL for AlphaLocker
2022-02-02 18:54:31 +01:00
Kevin Holvoet
fa9829cec0
Update ransomware.json: add BlackCat (ALPHV) 2022-02-02 18:50:19 +01:00
Daniel Plohmann
833a6e0a8d
updated URLs for Gamaredon with Shuckworm alias reference 2022-02-02 09:40:10 +01:00
Daniel Plohmann
8f928d8eb3
adding Gamaredon alias Shuckworm used by Symantec 2022-02-02 09:35:53 +01:00
1fda357a03
new: [surveillance] Cytrox added 2022-01-30 11:31:55 +01:00
Jürgen Löhel
22046a1eae
Adds WhisperGate
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-18 13:16:06 -06:00
Jürgen Löhel
3059c70ae6
Adds UPAS-Kit
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-13 11:53:32 -06:00
Thomas Dupuy
c792bdd1b7 Add AQUATIC PANDA threat actor. 2022-01-12 13:51:11 -05:00
Thomas Dupuy
afaf3a3110 Add Motnug tool. 2022-01-12 13:37:59 -05:00
Jürgen Löhel
5aa8a8a8b1
Adds Ragnatela RAT
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-10 15:57:10 -06:00
Sami Tainio
dcb87b0dc6 chg: [threat-actor] Add SideCopy 2022-01-07 17:45:41 +02:00
Daniel Plohmann
3094283252
adding Mandiant's FIN13. 2022-01-03 09:32:43 +01:00
eba1b2839f
chg: [concordia] CMTMF killchain typo fixed 2021-12-20 10:41:00 +01:00
Raphaël Vinot
b4d518d4f0 fix: cmtmf-attack-pattern had multiple duplicate UUIDs 2021-12-17 17:58:29 +01:00
12617ff627
chg: [concordia] fix name inconsistencies 2021-12-17 17:41:00 +01:00
69b582f9ba
chg: [concordia] duplicate removed 2021-12-17 17:31:38 +01:00
bc3ab62917
chg: [concordia] duplicate removed 2021-12-17 17:26:04 +01:00
ee2a3c83f4
chg: [concordia] duplicate techniques removed 2021-12-17 17:21:00 +01:00
01d23b61b7
chg: [concordia] typo fixed 2021-12-17 17:15:43 +01:00
01f2ce68d4
chg: [misp-galaxy] duplicate modify trusted environment and also different technique ID? 2021-12-17 17:13:57 +01:00
5becac98e4
chg: [concordia] duplicates removed 2021-12-17 16:51:11 +01:00
ae7b7bd47d
chg: [cmtmf-attack-pattern] various fixes to make JSON ok 2021-12-17 16:08:07 +01:00
7b587710b1
Merge branch 'concordia_mtmf' of https://github.com/BennSaturn/misp-galaxy into BennSaturn-concordia_mtmf 2021-12-17 15:55:03 +01:00
Jürgen Löhel
b81ac7f01d Adds DarkWatchman RAT
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2021-12-17 07:20:58 -06:00
Delta-Sierra
78a8cf4ad2 add ESPecter Bootkit 2021-11-19 16:30:57 +01:00
Delta-Sierra
c89623e945 add ESPecter bootkit 2021-11-16 08:17:37 +01:00
Christophe Vandeplas
aeb5719448 chg: [att&ck] update to ATT&CK v10 2021-10-22 14:34:25 +02:00
ab41df7282
chg: [malpedia] remove duplicate 2021-10-20 12:24:12 +02:00
e517787e7c
chg: [malpedia] duplicates removed 2021-10-20 12:21:05 +02:00
69f878c86f
fix: [malpedia] remove duplicate urls 2021-10-20 12:16:22 +02:00
da91f2abc2
chg: [malpedia] updated 2021-10-20 10:21:03 +02:00
marjatech
d74fdb3e43
update malpedia 2021-10-19 16:21:19 +02:00
Bernardo Santos
e74fcfe268 Update cmtmf-attack-pattern.json
- update version
2021-10-13 10:06:00 +02:00
Bernardo Santos
5f19983ba3 Update cmtmf-attack-pattern.json
- Changes to cluster type
- Fix typo for privilege escalation tactic
2021-10-13 09:57:03 +02:00
Bernardo Santos
49dfcca563 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:54:06 +02:00
Bernardo Santos
d09681b011 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:45:03 +02:00
Jeroen Pinoy
9ec76ae185
Add threat actor common raven 2021-10-03 23:30:20 +02:00
Thomas Patzke
26f0c344a1 Added O365 techniques
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
2021-09-18 23:27:38 +02:00
Thomas Dupuy
1985de4d44 Add BLUELIGHT tool. 2021-08-27 10:28:06 +02:00
Thomas Dupuy
89a3f986ba Add InkySquid synonym. 2021-08-24 16:29:34 +02:00
Daniel Plohmann
3272960a14
fixed typo in actor name (CLOCKWORD -> CLOCKWORK SPIDER) 2021-08-19 06:02:40 +02:00
Rony
5dd0c7d8b3
chg: [threat-actor] add origin country to UNC2452 & HAFNIUM
addressed https://github.com/MISP/misp-galaxy/pull/660#issuecomment-884475015
2021-08-02 22:30:05 +05:30
Rony
636ccdedcd
Update threat-actor.json 2021-07-21 18:47:56 +05:30
Rony
9ecfecc063
another fix 2021-07-21 18:41:18 +05:30
Rony
32ea60d721
fix 2021-07-21 18:31:05 +05:30
Rony
52e7d5a0a9
multiple updates to apt40, apt31 & hafnium 2021-07-21 18:28:40 +05:30