Rony
|
de76aef023
|
Update threat-actor.json
|
2022-08-16 10:49:13 +05:30 |
|
Rony
|
f4b63d4514
|
updates to tianwu
|
2022-08-16 10:30:33 +05:30 |
|
|
96d31aa8c7
|
chg: [threat-actor] jq all the things
|
2022-08-11 17:50:00 +02:00 |
|
Thomas Dupuy
|
ed24dcaf19
|
Add link for SLIME29.
|
2022-08-11 15:41:01 +00:00 |
|
Thomas Dupuy
|
912050b9b7
|
Update commit based on feeback.
|
2022-08-11 15:20:32 +00:00 |
|
Thomas Dupuy
|
6e0df72ef4
|
Add Threat Actors from BH Asia22 prez.
|
2022-08-10 18:53:38 +00:00 |
|
Christophe Vandeplas
|
1369756810
|
chg: [atrm] Add Azure Threat Research Matrix Galaxy and generation script
|
2022-08-06 21:19:31 +02:00 |
|
Daniel Plohmann
|
bdaadea58e
|
removing a leading double quote in a URL.
|
2022-08-02 18:17:58 +02:00 |
|
Daniel Plohmann
|
bc20a463c8
|
merging TG2003 / Elephant Beetle into FIN13
as indicated in the respective resources published by the organizations using these aliases.
|
2022-08-02 14:11:43 +02:00 |
|
|
6427746ad8
|
Merge pull request #727 from Mathieu4141/threat-actors/merge-cutting-kitten-cleaver
Fix Cleaver aliases
|
2022-07-27 23:17:42 +02:00 |
|
|
63f5122ad4
|
Merge pull request #742 from r0ny123/patch-1
Update threat-actor.json
|
2022-07-27 18:56:47 +02:00 |
|
Mathieu Beligon
|
51aacd6b03
|
Reduce diff with old version
|
2022-07-26 23:53:22 -07:00 |
|
Mathieu Beligon
|
acc6ada575
|
r0ny123.review: Use Cutting Kitten as main value for ITSecTeam
|
2022-07-26 23:27:39 -07:00 |
|
Mathieu Beligon
|
d815bfa174
|
Merge remote-tracking branch 'upstream/main' into threat-actors/merge-cutting-kitten-cleaver
|
2022-07-26 23:22:03 -07:00 |
|
Daniel Plohmann
|
26f6a33695
|
more aliases from Unit 42
|
2022-07-26 11:09:33 +02:00 |
|
Rony
|
5a7f3a7207
|
fix
|
2022-07-25 17:17:52 +05:30 |
|
Rony
|
8ce0df6eb4
|
Update threat-actor.json
Merge aquatic panda & earth lusca
|
2022-07-25 17:15:23 +05:30 |
|
|
6b6398bf2d
|
fix: [threat-actor] incorrect merge fixed
|
2022-07-20 18:45:50 +02:00 |
|
|
b4ce9a9453
|
Merge branch 'main' of https://github.com/r0ny123/misp-galaxy into r0ny123-main
|
2022-07-20 18:41:27 +02:00 |
|
Rony
|
add6b27466
|
update
|
2022-07-20 21:39:33 +05:30 |
|
Rony
|
2b54df56f9
|
update
|
2022-07-20 21:32:11 +05:30 |
|
Rony
|
2e045d9c8c
|
chg: [fix] resolve conflict
|
2022-07-20 21:28:15 +05:30 |
|
Daniel Plohmann
|
5825783a85
|
removed duplicate UUID for Kinsing
my apologies, looks like I had not rolled a new UUID for one of the entries added...
|
2022-07-20 17:07:05 +02:00 |
|
Rony
|
932fcf1871
|
added Red Nue
|
2022-07-20 15:07:35 +05:30 |
|
Rony
|
082039b3b0
|
added CN actors from secureworks threat profile
https://www.secureworks.com/research/threat-profiles?filter=item-china and fixed some AKAs
|
2022-07-20 14:52:58 +05:30 |
|
Daniel Plohmann
|
ed32c508b7
|
added more Unit 42 aliases / groups
|
2022-07-20 08:38:03 +02:00 |
|
Rony
|
000bfe92d9
|
add APT9/Red Pegasus & BRONZE EDGEWOOD/Red Hariasa
|
2022-07-20 10:04:58 +05:30 |
|
Rony
|
2e8a577b0c
|
add PwC naming to CN actors
|
2022-07-20 09:45:21 +05:30 |
|
Rony
|
3fabd58416
|
chg: [threat-actor] fixed
|
2022-07-19 23:36:30 +05:30 |
|
Rony
|
79c84d3768
|
add Earth Berberoka, Earth Lusca and Earth Wendigo
|
2022-07-19 22:42:50 +05:30 |
|
Daniel Plohmann
|
082d506b64
|
adding new Unit 42 names
First PR: those are the directly mappable names. I will follow up after deconfliction and then with a few new entries.
|
2022-07-19 08:45:09 +02:00 |
|
Daniel Plohmann
|
240a757826
|
Update threat-actor.json
adding Predatory Sparrow due to recent events.
|
2022-07-13 10:02:07 +02:00 |
|
|
cf603e8160
|
Merge pull request #736 from Delta-Sierra/main
add Qbot
|
2022-07-12 18:41:33 +02:00 |
|
Thomas Dupuy
|
90da0d798f
|
Set country to LB instead of IR based on operational activity.
|
2022-07-12 16:21:41 +00:00 |
|
Delta-Sierra
|
b1c853bf42
|
update version
|
2022-07-12 15:51:55 +02:00 |
|
Thomas Dupuy
|
1a8835bcae
|
Remove list from POLONIUM TA.
|
2022-07-12 13:11:11 +00:00 |
|
Thomas Dupuy
|
a86d866534
|
Add POLONIUM TA.
|
2022-07-12 12:14:27 +00:00 |
|
Delta-Sierra
|
d40017ae50
|
add Qbot
|
2022-07-12 14:03:43 +02:00 |
|
Delta-Sierra
|
6c6355f2ba
|
fix typo
|
2022-07-12 11:31:08 +02:00 |
|
Delta-Sierra
|
300d608770
|
jq
|
2022-07-12 10:54:37 +02:00 |
|
Delta-Sierra
|
71c93f5b24
|
fix caps typo
|
2022-07-12 10:53:14 +02:00 |
|
Delta-Sierra
|
4ea34fc5a4
|
Merge https://github.com/Delta-Sierra/misp-galaxy into main
|
2022-07-12 10:51:59 +02:00 |
|
Delta-Sierra
|
924eda26ca
|
Add EnemyBot +relationships
|
2022-07-12 10:49:11 +02:00 |
|
Deborah Servili
|
ca7d524d9c
|
Merge branch 'main' into main
|
2022-07-08 16:27:28 +02:00 |
|
Delta-Sierra
|
29aa7b3f69
|
add Maui ransomware
|
2022-07-08 14:49:12 +02:00 |
|
Delta-Sierra
|
56a53433f0
|
add HelloXD ransomware
|
2022-07-08 12:05:31 +02:00 |
|
Delta-Sierra
|
279b89f6d9
|
fix duplicate extension-2
|
2022-07-06 09:38:02 +02:00 |
|
Delta-Sierra
|
67d5f5c7c0
|
fix duplicate extension
|
2022-07-06 09:34:11 +02:00 |
|
Delta-Sierra
|
7e37fa0cdd
|
merge + update medusalocker
|
2022-07-06 09:28:46 +02:00 |
|
Delta-Sierra
|
c2e7ef4fab
|
Update Medusa Locker and others
|
2022-07-06 08:43:59 +02:00 |
|
marjatech
|
587dc8560b
|
add script to automate malpedia update
|
2022-07-04 14:24:34 +02:00 |
|
Mathieu Beligon
|
693eed8d78
|
[threat actor] Break Cleaver aliases into respective entries
|
2022-07-04 14:05:29 +02:00 |
|
marjatech
|
1212a75cc4
|
update malpedia
|
2022-07-04 11:02:02 +02:00 |
|
Mathieu Beligon
|
d63c990dad
|
[threat-actors] Separate ITSecTeam from Cleaver
|
2022-06-30 14:34:05 +02:00 |
|
Mathieu Beligon
|
b8d4ffdbde
|
Merge Cutting Kitten and Cleaver
|
2022-06-29 20:15:12 +02:00 |
|
Koen Van Impe
|
0c9aa68db6
|
Update surveillance-vendor.json
|
2022-06-22 13:30:55 +02:00 |
|
Koen Van Impe
|
22c2f7b999
|
Add RCS Lab S.p.A. to surveillance-vendor
|
2022-06-22 11:20:52 +02:00 |
|
Mathieu Beligon
|
d79c5bd1ab
|
Add ToddyCat Threat actor
|
2022-06-21 15:12:42 +02:00 |
|
Rony
|
c030fcdab6
|
chg: [threat-actor] added PwC naming for Indian actors
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
|
2022-06-11 15:46:54 +05:30 |
|
Thanat0s
|
44a99d066a
|
Y en a un peut plus je vous le mets quand meme ?
|
2022-06-11 04:24:04 -04:00 |
|
Thanat0s
|
57befd7259
|
jq all the things
|
2022-06-10 19:12:12 -04:00 |
|
Thanat0s
|
51f98f4706
|
Attck link + typo on TA551
|
2022-06-10 18:40:16 -04:00 |
|
Thanat0s
|
f97fee7135
|
Typo on TA551
|
2022-06-10 18:38:25 -04:00 |
|
Thanat0s
|
297acc0f5e
|
Add Mitre vs Thales RosettaStone
|
2022-06-10 18:24:15 -04:00 |
|
Rony
|
e916267c7c
|
chg: [threat-actor] add reference to bitter & sidewinder group
|
2022-06-08 23:22:17 +05:30 |
|
Christophe Vandeplas
|
39073004c4
|
[mitre] bump to MITRE ATT&CK v11.2
|
2022-05-25 21:03:14 +02:00 |
|
Christophe Vandeplas
|
4a469299fd
|
[mitre] update sorting algo
will make future ATT&CK updates less noisy in the git diff
|
2022-05-25 21:00:57 +02:00 |
|
Mathieu Beligon
|
dca70783bf
|
[threat-actors] validate file
|
2022-05-23 11:32:24 +02:00 |
|
Mathieu Beligon
|
c1cfc19871
|
[threat actors] Remove dead link for sandworm threat actor
|
2022-05-23 11:30:04 +02:00 |
|
Mathieu Beligon
|
36a1466661
|
[threat-actors] Add RansomHouse
|
2022-05-23 11:29:39 +02:00 |
|
|
a838eaf9db
|
Merge pull request #717 from jloehel/krane
chg: [cryptominers] Adds Krane
|
2022-05-18 08:17:16 +02:00 |
|
Jürgen Löhel
|
1be9a10ef9
|
chg: [cryptominers] Adds Krane
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2022-05-17 14:47:29 -05:00 |
|
Jürgen Löhel
|
9db5d18114
|
chg: [android] Adds Vulture
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2022-05-17 14:16:21 -05:00 |
|
Rony
|
2721522e82
|
chg: [threat-actor] add exotic lily, ta578, ta579
|
2022-05-14 20:52:15 +05:30 |
|
Jürgen Löhel
|
45da13ce5e
|
chg: [backdoors] Adds BPFDoor
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
|
2022-05-11 19:06:19 -05:00 |
|
|
fcdc6c86e6
|
chg: [threat-actor] add TG2003 synomym to Elephant Beetle
|
2022-05-09 14:24:28 +02:00 |
|
|
9130365e2e
|
chg: [threat-actor] Elephant Beetle added
Fix #708
|
2022-05-09 14:23:12 +02:00 |
|
|
bb434b11cf
|
chg: [threat-actor] ModifiedElephant added
Fix #709
|
2022-05-09 14:16:01 +02:00 |
|
|
06550a7945
|
chg: [threat-actor] fix refs field -> it's always an array
|
2022-05-09 13:46:16 +02:00 |
|
|
b67e3ed3f8
|
Merge branch 'threatactor-cosmiclynx-add' of https://github.com/adammchugh/MISP-Galaxy-Updates into adammchugh-threatactor-cosmiclynx-add
|
2022-05-09 13:43:44 +02:00 |
|
Rony
|
c0be6677c2
|
chg: [threat-actor] added actor Red Menshen
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
|
2022-05-07 15:44:10 +05:30 |
|
Rony
|
11eca69ebc
|
chg: [threat-actor] added Curious Gorge
|
2022-05-07 12:40:35 +05:30 |
|
Daniel Plohmann
|
26c1850377
|
Update threat-actor.json
adding Red Dev 4 as alias for GALLIUM as used by PwC.
|
2022-05-06 09:47:48 +02:00 |
|
Daniel Plohmann
|
06c293072c
|
Update threat-actor.json
adding UNC3524 to the actor galaxy cluster.
|
2022-05-04 13:21:56 +02:00 |
|
3c7
|
0ad65fbe9f
|
Forgot to jq all the things
|
2022-04-28 09:42:25 +02:00 |
|
3c7
|
dfb6c0668e
|
Added SaintBear
|
2022-04-28 09:36:25 +02:00 |
|
Christophe Vandeplas
|
33476bec81
|
chg: [mitre] bump to MITRE ATT&CK v11.0
|
2022-04-25 18:29:57 +02:00 |
|
|
664f6d80cc
|
chg: [threat-actor] Killnet description added
|
2022-04-21 15:05:50 +02:00 |
|
|
1e383e2452
|
chg: [threat-actor] version updated
|
2022-04-21 14:53:14 +02:00 |
|
Mathieu Beligon
|
c8455a6c4d
|
[actors] Add killnet
|
2022-04-21 14:06:28 +02:00 |
|
Adam McHugh
|
53a0fc56d3
|
Added Cosmic Lynx Threat Actor from Agari Whitepaper advisory
|
2022-04-18 10:16:26 +09:30 |
|
|
bca7381f33
|
fix: [ransomware] refs are within meta
|
2022-04-17 15:43:23 +02:00 |
|
|
eb7c5ebaf1
|
fix: [ransom] remove empty ref
|
2022-04-17 15:39:02 +02:00 |
|
|
bc696b43f4
|
chg: [ransomware] jq all the things
|
2022-04-17 15:35:50 +02:00 |
|
|
00d33fd292
|
Merge pull request #701 from adammchugh/ransomware-conti-update
Ammended Conti ransomware entry with ACSC 2021-010 advisory data
|
2022-04-17 15:35:25 +02:00 |
|
|
66744a4cd0
|
Merge pull request #704 from adammchugh/cryptominers-bluemockingbird-add
Added Cryptominer Blue Mockingbird from RedCanary advisory.
|
2022-04-17 14:43:59 +02:00 |
|
|
14907e3eef
|
Merge pull request #703 from adammchugh/threatactor-copypaste-add
Added Copy-Paste Threat Actor from ACSC Advisory 2020-008
|
2022-04-17 14:43:37 +02:00 |
|
Adam McHugh
|
84eac4b102
|
Added Cosmic Lynx Threat Actor from Agari Whitepaper advisory
|
2022-04-17 19:50:08 +09:30 |
|
Adam McHugh
|
f00e80ae7e
|
Added Cryptominer Blue Mockingbird from RedCanary advisory.
|
2022-04-17 19:44:42 +09:30 |
|
Adam McHugh
|
cff8a38c5f
|
Added Copy-Paste Threat Actor from ACSC Advisory 2020-008
|
2022-04-17 19:37:26 +09:30 |
|