Commit graph

996 commits

Author SHA1 Message Date
bc0949c357
Merge pull request #380 from bartblaze/master
Add DoNot team references
2019-04-13 09:29:35 +02:00
903612178f
Merge pull request #379 from rmkml/master
Add BlackWorm Ransomware
2019-04-13 09:29:02 +02:00
rmkml
f94e138b27 Add Vidar Stealer 2019-04-12 23:31:30 +02:00
rmkml
54cd80ee2d Add Brushaloader Malware 2019-04-12 22:42:57 +02:00
Bart
3256cca9e0
Add DoNot team references 2019-04-12 21:12:16 +01:00
rmkml
25597c24f7 Add BlackWorm Ransomware 2019-04-12 21:29:13 +02:00
d7b4908aa3
Merge branch 'patch-8' of https://github.com/danielplohmann/misp-galaxy into danielplohmann-patch-8 2019-04-12 05:58:47 +02:00
Daniel Plohmann
159225b6cf
Based on additional research, APT36 can actually be merged into Mythic Leopard 2019-04-11 22:29:49 +02:00
Rony
7987c8f023
Update threat-actor.json 2019-04-12 01:56:12 +05:30
Rony
2fc914b2f9
Update threat-actor.json 2019-04-12 01:06:50 +05:30
Rony
60e4a486a7
adding additional resources for APT36 2019-04-11 23:55:51 +05:30
rmkml
eb90e99daf Add Globe Imposter Ransomware 2019-04-10 22:37:54 +02:00
rmkml
6467fe5849 Add Parasite HTTP RAT 2019-04-09 22:27:28 +02:00
Daniel Plohmann
df5301eab5
adding FireEye's TMP.Lapis / APT36 2019-04-09 08:38:44 +02:00
Deborah Servili
c69a18c723 Merge branch 'master' of https://github.com/MISP/misp-galaxy 2019-04-02 08:21:41 +02:00
a0234020bc
chg: [ransomware] various fixes 2019-04-01 19:49:00 +02:00
d23e533cdb
chg: [ransomware] jq all the things(tm) 2019-04-01 19:44:05 +02:00
36895a2163
chg: [ransomware] fix the meta to payment-method 2019-04-01 19:40:30 +02:00
0fa6cf25ba
Merge branch 'master' of https://github.com/ismasma/misp-galaxy into ismasma-master 2019-04-01 19:38:23 +02:00
Deborah Servili
272ea3ba4a
add ref for Ryuk and LockerGoga ransomwares 2019-03-28 15:58:00 +01:00
ac6276a906
Merge pull request #371 from Delta-Sierra/master
Add Operation ShadowHammer
2019-03-26 22:25:22 +01:00
Deborah Servili
6027d546f2
Add Operation ShadowHammer 2019-03-26 10:40:29 +01:00
Deborah Servili
575dd64582
add relationship between Cardinal RAT and EVILNUM 2019-03-26 08:41:11 +01:00
52f088efc9
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master 2019-03-21 20:51:59 +01:00
Daniel Plohmann
e0bb3d76a6
added APT-C-27 / GoldMouse 2019-03-21 18:06:03 +01:00
Deborah Servili
d0383b460f
jq 2019-03-21 09:15:16 +01:00
Deborah Servili
0fd04fa619
Merge branch 'master' into master 2019-03-21 08:42:30 +01:00
Deborah Servili
3c207f69be
add Cardinal RAT ref 2019-03-20 16:11:50 +01:00
Deborah Servili
f86c748b8c
add AOT-C-27 Goldmouse 2019-03-20 15:45:20 +01:00
Raphaël Vinot
6be42e6a1a fix: Make validate all happy 2019-03-20 12:58:18 +01:00
04accabaab
chg: [mitre att&ck] updated with new version 2019-03-20 12:37:38 +01:00
Deborah Servili
b2e1d5551f
add SPOILER vulnerability + other minor changes 2019-03-20 11:47:58 +01:00
b2538a1f8a
chg: [threat-actor] change attribution confidence to be a string by default 2019-03-19 16:51:41 +01:00
095b0a4d81
chg: [attck4fraud] updated 2019-03-19 16:33:27 +01:00
3cf53b670e
chg: [attck4fraud] completed 2019-03-19 16:02:08 +01:00
2b619dd9b7
chg: [attck4fraud] Assets Transfer added 2019-03-19 15:52:33 +01:00
75b4a3a951
chg: [attck4fraud] Obtain Fraudulent Assets added 2019-03-19 15:44:16 +01:00
bf6a605f6d
chg: [attck4fraud] Perform fraud added 2019-03-19 15:33:46 +01:00
e398cc3ef2
chg: [attck4fraud] Target compromise updated 2019-03-19 15:17:25 +01:00
e26918d749
chg: [attck4fraud] more techniques 2019-03-19 15:08:44 +01:00
4f454493b7
chg: [threat-actor] BRONZE UNION is also uppercase 2019-03-19 14:47:03 +01:00
9a6b597387
chg: [threat-actor] updated the version to avoid the past issue with 0 value for integer values 2019-03-19 14:44:49 +01:00
c2f10410f5
chg: [sector] typo fixed - reported in #364 2019-03-19 12:36:19 +01:00
e56cb33097
chg: [attck4fraud] fix the type issue 2019-03-19 10:03:33 +01:00
a80283672c
chg: [attck4fraud] uuid fixed 2019-03-19 08:39:08 +01:00
2419a33807
chg: [attck4fraud] ATM Shimming added 2019-03-19 08:33:08 +01:00
779bc4a6a0
chg: [attck4fraud] description fixed for FT1003 2019-03-19 08:11:33 +01:00
3c067c42a8
Merge branch 'master' of github.com:MISP/misp-galaxy 2019-03-19 08:10:36 +01:00
824465d879
add: [attck4fraud] initial attck-like matrix for fraud from https://github.com/burritoblue/attck4fraud (WiP) 2019-03-19 08:09:23 +01:00
78b886b2f0
Merge pull request #363 from Delta-Sierra/master
add H-worm RAT
2019-03-19 07:31:04 +01:00
Deborah Servili
3294091600
add H-worm RAT 2019-03-18 16:24:55 +01:00
Bart
dff2a827d6
Update preventive-measure.json
Add ACL
2019-03-17 21:47:54 +00:00
Deborah Servili
5ce8aae89e
add Operation Comando - hit version 100 2019-03-15 15:04:29 +01:00
ismasma
379ed61c34
Add payment method and price 2019-03-14 17:12:42 +01:00
5db30ba974
chg: [threat-actor] SandCat added 2019-03-14 06:18:10 +01:00
Thomas Dupuy
60d79b0153 add synonym, no need for uppercase in the name :) 2019-03-13 23:07:10 +01:00
Deborah Servili
ecf76178e7
add attribution-confidence attribute to threat-actor 2019-03-11 11:18:12 +01:00
Deborah Servili
7576d0db02
relations between SLUB Backdoor 2019-03-11 09:01:12 +01:00
Deborah Servili
a65688ec02 Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy 2019-03-11 08:51:47 +01:00
Deborah Servili
33dbda1e1e Merge branch 'master' of https://github.com/MISP/misp-galaxy 2019-03-11 08:51:16 +01:00
Deborah Servili
59ee8a9f13
Merge branch 'master' into master 2019-03-11 08:40:38 +01:00
Deborah Servili
ddab5f7006
Merge branch 'master' into master 2019-03-11 08:40:11 +01:00
139e6c32ed
chg: [threat-actor] new attribution-confidence level introduced 2019-03-11 08:37:49 +01:00
eb665e2883
chg: [threat-actor] jq all the things 2019-03-10 11:15:13 +01:00
bebcc0eb5a
Merge branch 'master' of github.com:MISP/misp-galaxy 2019-03-10 10:48:31 +01:00
6fb1303570
chg: [threat-actor] IRIDIUM added
Ref: https://resecurity.com/blog/parliament_races/
2019-03-10 10:47:34 +01:00
Raphaël Vinot
4f3e6335b5 fix: Wrong (duplicate) value. 2019-03-09 06:29:26 +01:00
Deborah Servili
2815e48610
add StealthWorker malware 2019-03-08 15:57:30 +01:00
Deborah Servili
ee034babba
add SLUB backdoor 2019-03-08 14:39:34 +01:00
769e0002ef
chg: [tools] jq all the things 2019-03-08 08:10:42 +01:00
Daniel Plohmann
1d8ada33a0
Update threat-actor.json
another actor described by 360TIC.
2019-03-07 17:50:46 +01:00
63419046d4
Merge branch 'master' of github.com:MISP/misp-galaxy 2019-03-07 15:51:44 +01:00
31ba566c18
chg: [tool] SLUB Backdoor added 2019-03-07 15:51:16 +01:00
Deborah Servili
7afd311abc
add Jokeroo RaaS 2019-03-07 15:23:30 +01:00
Daniel Plohmann
cfb807861a
FireEye upgraded TEMP.Periscope to APT40 2019-03-07 14:34:14 +01:00
Deborah Servili
eb0a33eab6
add operation Kabar Cobra 2019-03-06 15:52:49 +01:00
Deborah Servili
ae49090845
add ref for garrantydecrypt 2019-03-04 16:34:52 +01:00
Deborah Servili
6ffb8dd437
add relation between Lazarus Group and Operation SharpShooter 2019-03-04 12:03:05 +01:00
Deborah Servili
19c4fe4d11
add Rising Sun Backdoor 2019-03-04 10:11:26 +01:00
Deborah Servili
bd3fce00e1
add Razdel 2019-02-25 16:35:06 +01:00
f7367ef887
chg: [tool] Xbash description updated 2019-02-23 09:25:14 +01:00
f2159bfaa3
chg: [threat-actor] format fixed 2019-02-22 22:50:42 +01:00
f621b40263
chg: [threat-actor] jq all the things late in the night 2019-02-22 22:47:25 +01:00
d5df0d1064
chg: [threat-actor] uuid fixed 2019-02-22 22:45:28 +01:00
f2c80cbcdd
chg: [tool] BabyShark added 2019-02-22 22:44:44 +01:00
38283f0f86
chg: [threat-actor] STOLEN PENCIL added 2019-02-22 22:41:06 +01:00
243a6280e0
Merge pull request #350 from bartblaze/master
Add more info on Lotus Blossom
2019-02-21 23:39:33 +01:00
Bart
06553bbec2
Add more info on Lotus Blossom
Add 2 more references, fix typo - Trend calls it "Esile", not "Eslie" as mistakenly stated by CFR. The backdoor itself is commonly referred to as Elise.
2019-02-21 22:31:14 +00:00
08e8aafcf7
chg: [cert-eu-govsector] version fixed 2019-02-21 07:19:04 +01:00
ed132cb1b8
chg: [threat-actor] version fixed 2019-02-21 07:18:16 +01:00
Daniel Plohmann
0cd79994cc
Two more actor names from GTR2019
I found two more actor names while going again over the crowdstrike's report and updating the cross-references to malpedia.
2019-02-19 22:38:11 +01:00
Daniel Plohmann
85ec27b4c4
Added missing actors from CrowdStrike GTR2019 2019-02-19 18:26:01 +01:00
Itay Cohen
7d9dc1ec9d
Fix 404'd reference of BuhTrap 2019-02-17 11:33:11 +02:00
9ad8a76a38
chg: [ransomware] no related object in meta 2019-02-15 10:30:20 +01:00
34042abe23 new: Added draft of the election guildelines galaxy 2019-02-15 08:44:33 +01:00
Deborah Servili
5bf18ffd23
Merge branch 'master' into master 2019-02-14 16:29:04 +01:00
Deborah Servili
9c450a80d4
add Gallmaker and other clusters 2019-02-14 16:04:54 +01:00
Deborah Servili
2794a20589
add OSX/Shlayer and some refs 2019-02-14 12:42:28 +01:00
ad0ef66b0a
chg: [tool] jq jq jq jq jq jq jq jq 2019-02-12 21:41:33 +01:00
Thomas Dupuy
95a70d09a5 add ANEL/UPPERCUT in tool cluster 2019-02-12 12:19:23 -05:00