Mathieu4141
6da7b218fc
[threat-actors] Add TheDarkOverlord
2023-11-07 10:37:07 -08:00
32062206be
fix: [threat-actor] replace aliases
-> synonyms
+ version updated
2023-11-07 16:08:19 +01:00
Mathieu Beligon
a1f64c63de
[threat-actors] Add TraderTraitor
2023-11-07 14:47:12 +01:00
Mathieu Beligon
c0fd66e3cd
[threat-actors] Add UAC-0094
2023-11-07 14:47:12 +01:00
Mathieu Beligon
7163ed2068
[threat-actors] Add UserSec
2023-11-07 14:47:12 +01:00
Mathieu Beligon
c3b6878cf3
[threat-actors] Add IronHusky
2023-11-07 14:47:12 +01:00
Mathieu Beligon
1246088d76
[threat-actors] Add ShinyHunters
2023-11-07 14:47:12 +01:00
Mathieu Beligon
798cebc970
[threat-actors] Add ShroudedSnooper
2023-11-07 14:47:12 +01:00
Mathieu Beligon
2111f50968
[threat-actors] Add 1937CN
2023-11-07 14:47:12 +01:00
Mathieu Beligon
40fb100ff9
[threat-actors] Add Altahrea Team
2023-11-07 14:47:12 +01:00
Mathieu Beligon
4093632674
[threat-actors] Add Cyber Av3ngers
2023-11-07 14:47:12 +01:00
Mathieu Beligon
58fb9162b0
[threat-actors] Add KromSec
2023-11-07 14:47:12 +01:00
Mathieu Beligon
d1f382602c
[threat-actors] Add DustSquad
2023-11-07 14:47:11 +01:00
Mathieu Beligon
bc8904110b
[threat-actors] Add Guacamaya
2023-11-07 14:47:11 +01:00
Mathieu Beligon
10d27206a7
[threat-actors] Add SharpPanda
2023-11-07 14:47:11 +01:00
Mathieu Beligon
ff9a8ddfe3
[threat-actors] Add BadRory
2023-11-07 14:47:11 +01:00
e24fecbd40
fix: [threat-actor] synonyms
not aliases
2023-11-07 11:22:32 +01:00
b13eee558f
chg: [threat-actor] TA499 added
2023-11-07 11:12:35 +01:00
f2cc04fca8
chg: [threat-actor] version updated
2023-11-07 09:27:07 +01:00
Mathieu4141
5828ba1a9d
[threat-actors] Add Storm-1133
2023-11-06 05:26:26 -08:00
Mathieu4141
4a3968e873
[threat-actors] Add REF2924
2023-11-06 05:26:26 -08:00
Mathieu4141
18811f8056
[threat-actors] Add REF5961
2023-11-06 05:26:26 -08:00
Mathieu4141
ee354d9d75
[threat-actors] Add HiddenArt
2023-11-06 05:26:26 -08:00
Mathieu4141
bfb03504a9
[threat-actors] Add OilAlpha
2023-11-06 05:26:26 -08:00
Mathieu4141
152ab38b10
[threat-actors] Add GhostSec
2023-11-06 05:26:26 -08:00
Mathieu4141
5a4a697e8c
[threat-actors] Add IndigoZebra
2023-11-06 05:26:25 -08:00
Mathieu4141
971b17b79f
[threat-actors] Add NB65
2023-11-06 05:26:25 -08:00
Mathieu4141
84fec96df9
[threat-actors] Add Witchetty
2023-11-06 05:26:25 -08:00
Mathieu4141
eb43d9faf2
[threat-actors] Add RedStinger
2023-11-06 05:26:25 -08:00
Mathieu Beligon
025345e1b6
[threat-actors] remove duplicate
2023-11-03 20:09:05 +01:00
Mathieu Beligon
a65bb60d90
[threat-actors] Add UNC3890
2023-11-03 19:02:12 +01:00
Mathieu Beligon
84fda6ef72
[threat-actors] Add Carderbee
2023-11-03 19:02:12 +01:00
Mathieu Beligon
1343cdb35a
[threat-actors] Add RansomVC
2023-11-03 19:02:12 +01:00
Mathieu Beligon
ea227222ea
[threat-actors] Add SiegedSec
2023-11-03 19:02:12 +01:00
Mathieu Beligon
44d7b3e88f
[threat-actors] Add Metador
2023-11-03 19:02:12 +01:00
Mathieu Beligon
0133c023d2
[threat-actors] Add YoroTrooper
2023-11-03 19:02:12 +01:00
Mathieu Beligon
58e8dfef71
[threat-actors] Add Kasablanka
2023-11-03 19:02:12 +01:00
Mathieu Beligon
0f1777df92
[threat-actors] Add SparklingGoblin
2023-11-03 19:02:12 +01:00
Mathieu Beligon
419c62cea1
[threat-actors] Add Storm-0062
2023-11-03 19:02:12 +01:00
Mathieu Beligon
13c770f0a7
[threat-actors] Add LofyGang
2023-11-03 19:02:12 +01:00
0b5b9ca5a3
chg: [threat-actor] version updated
2023-11-03 14:00:21 +01:00
Mathieu Beligon
9d6315346e
[threat-actors] jq
2023-11-03 11:32:24 +01:00
Mathieu Beligon
9c502d0d1f
[threat-actors] Add Lancefly
2023-11-03 11:13:11 +01:00
Mathieu Beligon
73c73606ff
[threat-actors] Add GoldenJackal
2023-11-03 11:13:11 +01:00
Mathieu Beligon
64f0a87ed7
[threat-actors] Add Earth Estries
2023-11-03 11:13:11 +01:00
Mathieu Beligon
4a521eec3b
[threat-actors] Add TetrisPhantom
2023-11-03 11:13:11 +01:00
Mathieu Beligon
78472ee3f5
[threat-actors] Add Redfly
2023-11-03 11:13:11 +01:00
Mathieu Beligon
c9e85b4d16
[threat-actors] Add Earth Longzhi
2023-11-03 11:13:11 +01:00
Mathieu Beligon
a91734af6c
[threat-actors] Add UNC3886
2023-11-03 11:13:11 +01:00
Mathieu Beligon
7bb54037e8
[threat-actors] Add Winter Vivern
2023-11-03 11:13:11 +01:00
Mathieu Beligon
4bb6cce77d
[threat-actors] Add Xiaoqiying
2023-11-03 11:13:11 +01:00
Mathieu Beligon
f82b502df6
[threat-actors] Add Keksec
2023-11-03 11:13:11 +01:00
Mathieu4141
5b1af60db3
[threat-actors] Add Keksec
2023-11-02 06:29:30 -07:00
Mathieu Beligon
be89fcd370
[threat-actors] jq
2023-11-02 13:25:13 +01:00
Mathieu Béligon
63b422c7d0
Merge branch 'main' into threat-actor/scarred-manticore-6a6965e2-0843-47b1-990d-d43016dd4dd1
2023-11-02 13:19:14 +01:00
Mathieu4141
9ced077269
[threat-actors] Add Scarred Manticore
2023-11-02 05:17:14 -07:00
e7ca55277c
new: [threat-actor] Storm-0558 added + Fix #880
2023-10-31 09:05:19 +01:00
Mathieu Beligon
dcde706078
[threat-actors] Add Camaro Dragon
2023-10-26 13:20:54 +02:00
416cd6706a
fix: [threat-actor] JQ all the things + version updated
2023-10-20 12:00:48 +02:00
jstnk9
ec9dc0f2e3
threat actors update
2023-10-20 11:51:13 +02:00
jstnk9
aa5a6eb062
threat actor updated
2023-10-19 12:39:37 +02:00
Christophe Vandeplas
a4ae58afcb
chg: [threat-actor] increased version number
2023-10-17 11:29:52 +02:00
Christophe Vandeplas
e9f884e3f3
Merge pull request #876 from Mathieu4141/threat-actors/cobalt-mirage
...
[threat-actors] More aliases of Iranian apts
2023-10-17 11:29:01 +02:00
Mathieu Beligon
e086bee02e
[threat-actors] More aliases of iranian apts
2023-10-17 11:21:48 +02:00
Mathieu Beligon
537ef08735
[threat-actors] Add Void Rabisu
2023-10-16 18:14:47 +02:00
059b20e705
chg: [threat-actor] clean-up
2023-10-13 16:31:48 +02:00
jstnk9
faef21e15d
Added information related to Wizard Spider
2023-10-13 12:02:20 +02:00
jstnk9
613e9feb12
added suspected victims to Gelsemium
2023-10-13 10:53:36 +02:00
Delta-Sierra
1bb336fdbe
add AtlasCross
2023-10-10 09:17:25 +02:00
Delta-Sierra
fd6bccae8b
Merge https://github.com/MISP/misp-galaxy
2023-10-09 09:18:51 +02:00
Delta-Sierra
73d7c038b2
adding targeted sectors
2023-10-09 09:18:43 +02:00
Daniel Plohmann
1b33cad11d
adding aliases to ProphetSpider
2023-10-04 16:39:01 +01:00
8760ea0c52
Merge branch 'main' of github.com:MISP/misp-galaxy into main
2023-10-04 10:49:56 +02:00
89a193d315
fix: [threat-actor] version updated + jq all the things
2023-10-04 10:48:44 +02:00
Paul Stark
ce7d54c96a
chg [misp-galaxy] update Nigeria from name to 2-digit code
2023-10-03 11:56:45 -04:00
jstnk9
89ab7728b0
updated TA505 countries and industries affected
...
updated TA505 countries and industries affected
2023-10-03 12:44:44 +02:00
Mathieu Beligon
e6266e8e59
fixes
2023-10-02 19:25:10 +02:00
Mathieu Beligon
081b2e619b
fixes
2023-10-02 19:18:00 +02:00
Mathieu Beligon
b2599deaae
fixes
2023-10-02 19:17:47 +02:00
Mathieu Beligon
0fba8d3f27
[threat-actors] bump version
2023-10-02 15:19:20 +02:00
Mathieu Beligon
b8f8fce4b6
[threa-actors] Add Scattered Spider
2023-10-02 15:17:40 +02:00
Mathieu Beligon
e393780af8
[threa-actors] Add Scattered Canary
2023-10-02 15:11:10 +02:00
5d78834520
Merge pull request #866 from Mathieu4141/actors/add-storm-0324
...
[threat-actors] Add Storm-0324
2023-09-16 11:02:33 +02:00
Mathieu Beligon
e2fd005821
[threat-actors] Add Storm-0324
2023-09-15 16:29:45 +02:00
Delta-Sierra
ac4d003c3e
fix caps
2023-09-15 16:00:38 +02:00
Delta-Sierra
5efe483858
adding targeted sectors
2023-09-15 15:49:43 +02:00
Delta-Sierra
db23d6eb4c
adding targeted sectors
2023-09-15 10:21:44 +02:00
Delta-Sierra
df0e103727
Add targeted sectors
2023-09-08 11:08:08 +02:00
Delta-Sierra
dc498bd199
more targeted-sectors meta
2023-08-28 15:06:57 +02:00
Delta-Sierra
639686be75
Merge https://github.com/MISP/misp-galaxy
2023-08-24 09:13:58 +02:00
Delta-Sierra
090b501c4c
add targeted sectors meta
2023-08-24 09:03:57 +02:00
Daniel Plohmann
d978998a5d
RecordedFuture: RedHotel == EarthLusca
2023-08-23 14:02:15 +02:00
Daniel Plohmann (Saturn)
e207218534
version bump
2023-08-15 12:34:06 +02:00
Daniel Plohmann (Saturn)
4127ce9694
replaced various broken links with reachable equivalents
2023-08-15 12:32:51 +02:00
Daniel Plohmann
b083ae12bc
jq fix
2023-08-10 15:57:58 +02:00
Daniel Plohmann
c1d3164ef6
adding MoustachedBouncer
2023-08-10 15:49:11 +02:00
Daniel Plohmann
e228ffc432
alias Callisto -> BlueCharlie
...
not sure, if you also want to have the Microsoft names in here (I think they are tracked separately?), otherwise, that would be Star Blizzard according to the article.
2023-08-03 09:53:10 +02:00
Rony
9b9ce4777a
chg: [threat-actor] added references, origin country, aliases to Sea Turtle
2023-07-28 11:04:11 +00:00
Thomas Dupuy
2dcd1d3544
upd: Add Worok TA and update APT-Q-12 to APT-C-60 as it was the first
...
name mention in an article.
2023-07-18 19:53:54 +00:00
Delta-Sierra
c51d177abd
add SmugX & RedDelta
2023-07-10 15:46:01 +02:00
Delta-Sierra
20d3b3780a
merge
2023-06-19 08:35:48 +02:00
iglocska
14301a9c4c
chg: [threat actors] added Volt Typhoon
2023-05-25 07:29:48 +02:00
Delta-Sierra
e87b7bbf73
complete VENOM SPIDER threat actor
2023-05-23 11:43:20 +02:00
Delta-Sierra
18ee466ae4
add Hagga threat actor
2023-05-22 15:44:18 +02:00
Delta-Sierra
d202ed9f3f
Merge https://github.com/MISP/misp-galaxy
2023-05-15 09:54:25 +02:00
Delta-Sierra
a3fffacab3
add APT43 + tools
2023-05-15 08:41:17 +02:00
Daniel Plohmann
094d56057c
adding APT43 (Mandiant) for Kimsuky.
2023-05-09 14:35:41 +02:00
Sebastien Larinier
ddc285581d
Update threat-actor.json
2023-04-26 21:52:57 +02:00
Sebastien Larinier
d60cca9302
Update threat-actor.json
...
fix mistake
2023-04-26 21:46:33 +02:00
Sebastien Larinier
142d4aeaef
Update threat-actor.json
2023-04-26 14:26:48 +02:00
Jürgen Löhel
15297c7b5f
chg [threat-actors] Add RedGolf
...
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2023-04-24 16:59:18 -06:00
Christophe Vandeplas
79b80b0869
chg: [rels] more threat actor relations
2023-04-23 17:54:58 +02:00
Christophe Vandeplas
3c6c204f01
chg: [rels] more threat actor relations
2023-04-23 17:45:58 +02:00
Christophe Vandeplas
138c7c7ba8
chg: [rels] more relations on cluster "value"
2023-04-23 17:36:02 +02:00
Christophe Vandeplas
bf7c5f1dd9
chg: [rels] threat-actor & MS activity group - on synonym
2023-04-23 11:56:41 +02:00
Christophe Vandeplas
a5e7e0c95f
chg: [rels] threat-actor & MS activity group - on value
2023-04-23 11:55:57 +02:00
Sebastien Larinier
862badf2c9
Update threat-actor.json
2023-04-19 17:41:44 +02:00
Sebastien Larinier
1c751b1ea8
Update threat-actor.json
2023-04-19 17:34:50 +02:00
Sebastien Larinier
165ce70a28
Merge branch 'MISP:main' into main
2023-04-19 16:48:02 +02:00
Sebastien Larinier
87ef0a400e
Update threat-actor.json
2023-04-19 15:42:14 +02:00
Sebastien Larinier
a77dc82c0a
Update threat-actor.json
...
new apt30 group
2023-04-19 15:35:36 +02:00
Delta-Sierra
ecb7e79a6e
Merge https://github.com/MISP/misp-galaxy
2023-04-19 15:06:51 +02:00
Sebastien Larinier
926035633f
Merge branch 'MISP:main' into main
2023-04-19 11:55:57 +02:00
Daniel Plohmann
41afab1c06
adding Trend Micro alias Earth Smilodon for APT27
2023-04-18 20:11:57 +02:00
Delta-Sierra
6b8994271e
add relationships for HALFRIG & QUATTERRIG
2023-04-18 12:20:20 +02:00
Daniel Plohmann
02e23a9a47
adding Google alias HOODOO for APT41
2023-04-17 22:32:50 +02:00
Delta-Sierra
4a4fa6d16f
fix versions
2023-04-17 11:32:51 +02:00
Delta-Sierra
233a066a03
Merge https://github.com/MISP/misp-galaxy
2023-04-17 11:16:23 +02:00
Delta-Sierra
d4225c5469
add some SNOWYAMBER relationships
2023-04-17 11:16:21 +02:00
Daniel Plohmann
a966b3ff88
adding Trend Micro alias Earth Preta for Mustang Panda
2023-04-12 16:59:36 +02:00
Sebdraven
8713618777
Update threat-actor.json
...
add new ref for sidecopy
2023-03-23 09:13:23 +01:00
Sebdraven
f5d68aa08d
Update threat-actor.json
...
delete ref to APT30 for Naikon
2023-03-23 08:49:17 +01:00
Sebdraven
d5843d46e2
Update threat-actor.json
...
add ref to Aoqin Dragon
2023-03-21 18:40:10 +01:00
Mathieu Beligon
d82ff1ecfb
[threat-actors] Add Anonymous Sudan
2023-03-15 17:38:03 -05:00
Daniel Plohmann
c39b46e9d5
Update threat-actor.json
...
when value "Sofacy" was changed to "APT28", it seems Sofacy was not added to aliases, so it's missing right now.
2023-03-15 14:55:25 +01:00
Jürgen Löhel
2d30785af5
chg [threat-actors] Add TA866
...
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2023-03-08 21:44:16 -06:00
Mathieu Beligon
395ffda94f
[threat-actors] bump version
2023-03-02 10:29:52 -08:00
Mathieu Beligon
e1407c3c3f
[threat-actors] Add SLIPPY SPIDER alias to LAPSUS
2023-03-02 10:29:29 -08:00
Mathieu Beligon
4bbee8c1e7
[threat-actors] Add PROPHET SPIDER
2023-03-02 10:19:24 -08:00
Mathieu Beligon
61cb24a3fc
[threat-actors] Add Nemesis Kitten
2023-03-01 16:37:42 -08:00
Mathieu Beligon
84faa3c92b
[threat-actors] Add Karakurt
2023-03-01 16:34:03 -08:00
Mathieu Beligon
7d371b4c80
[threat-actors] Add CYBORG SPIDER alias to GOCLD BURLAP
2023-03-01 15:45:41 -08:00
Mathieu Beligon
fa57354471
[threat-actors] Add Chamelgang
2023-03-01 15:40:23 -08:00
Mathieu Beligon
bff978e4d1
[threat-actors] Add TA453
2023-03-01 15:24:55 -08:00
Mathieu Beligon
3406ad3aa9
[threat-actors] Add APT42
2023-03-01 15:18:53 -08:00
Mathieu Beligon
2567d6f1f8
[threat-actors] Add TA406
2023-03-01 15:01:22 -08:00
Rony
50624af741
add DEV-0147 https://twitter.com/MsftSecIntel/status/1625181255754039318
2023-02-25 20:18:09 +00:00
Rony
cf727f034c
add other actor synonyms from Google's report https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf
2023-02-26 01:05:50 +05:30
6460fde2e4
chg: [threat-actor] version updated
2023-02-16 14:43:45 +01:00
Daniel Plohmann
91255413d8
adding Google names for RU threat actors
...
https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/
2023-02-16 14:30:05 +01:00
73bd7d0983
Merge pull request #818 from Mathieu4141/threat-actors/proofpoint-aliases
...
[threat actors] Adding some actors from ProofPoint
2023-02-14 06:40:22 +01:00
Mathieu Beligon
9f09699047
[threat-actors] Fix: country was in the wrong place
2023-02-13 16:47:38 -08:00
Mathieu Beligon
ac067a236e
[threat-actors] fix: Add missing uuids
2023-02-13 16:36:41 -08:00
Mathieu Beligon
a792115dd8
fix
2023-02-13 16:26:10 -08:00
Mathieu Beligon
8193b05e14
[threat-actors] bump version
2023-02-13 14:18:58 -08:00
Mathieu Beligon
d34e894d2d
[threat-actors] Add TA2536
2023-02-13 13:45:41 -08:00
Mathieu Beligon
20c31a5d10
[threat-actors] Add TA577
2023-02-13 13:32:24 -08:00
Mathieu Beligon
e836a4a63c
[threat-actors] Add TA575
2023-02-13 12:02:32 -08:00
Mathieu Beligon
c52ac53765
[threat-actors] Add TA570
2023-02-13 11:54:47 -08:00
Mathieu Beligon
5f274f58c9
[threat-actors] Add Moskalvzapoe
2023-02-13 11:44:59 -08:00
Daniel Plohmann
62256854bc
adding Broadcom name for SaintBear.
2023-02-13 14:05:35 +01:00
Mathieu Beligon
33ff650327
[threat-actors] Add more information about NoName057(16)
2023-02-10 14:14:52 -08:00
Daniel Plohmann
9710e09e17
new APT29 name used by Recorded Future
...
cf. https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf
2023-02-02 11:46:50 +01:00
b7543c5012
Merge pull request #789 from Mathieu4141/threat-actors/fix-sectorj04
...
[threat-actors] Remove SectorJ04 duplicate
2023-01-27 15:05:37 +01:00
Mathieu Beligon
a452263ace
[threat-actors] pr.review: Add SectorJ04 as alias of TA505
2023-01-27 13:32:58 +01:00
e54366fb87
chg: [threat-actor] added the missing synonyms
2023-01-10 15:55:30 +01:00
Delta-Sierra
3f4edb480b
add Malteiro
2022-12-16 16:43:50 +01:00
Delta-Sierra
5931f51d7a
add TAG-53
2022-12-08 11:31:02 +01:00
Delta-Sierra
3ea2d62a83
Version Update
2022-11-28 16:27:54 +01:00
Delta-Sierra
6016b1000c
Merge https://github.com/MISP/misp-galaxy
2022-11-28 16:17:08 +01:00
Delta-Sierra
6c36295318
Update several RAT & Ransomwares
2022-11-28 16:13:38 +01:00
e3126ef857
fix: [clusters] Fixed some other few meta
field names
2022-11-24 09:17:28 +01:00
Delta-Sierra
f4abf37b01
fix versions
2022-11-22 12:45:15 +01:00
Delta-Sierra
c02b74f999
merge
2022-11-22 12:43:18 +01:00
Delta-Sierra
8bf6d73d66
add BazarCall campaign
2022-11-22 09:08:28 +01:00
Thomas Dupuy
be7450494e
Add Evasive Panda Threat Actor
2022-11-18 16:38:11 +00:00
Delta-Sierra
91d535925f
version fix
2022-11-15 13:36:49 +01:00
Delta-Sierra
3837058ab1
merge
2022-11-15 12:54:03 +01:00
Delta-Sierra
d020efd276
add raspberry Robin worm & others
2022-11-15 11:57:10 +01:00
b787bbeb23
Merge pull request #792 from nyx0/main
...
Add RomCom TA.
2022-11-05 07:50:20 +01:00
3b196f8361
Merge pull request #791 from Mathieu4141/threat-actors/add-phosphorus-alias-to-apt-35
...
[threat-actors] Add Phosphorus in APT35 aliases
2022-11-05 07:49:55 +01:00
Thomas Dupuy
9ac53e5d5e
Add RomCom TA.
2022-11-04 02:34:10 +00:00
6c4da5dd55
Merge pull request #790 from Mathieu4141/threat-actors/fix-dust-storm
...
[threat-actors] Remove DustStorm alias from APT10
2022-11-03 11:35:20 +01:00
52a6fff6a2
Merge pull request #788 from Mathieu4141/threat-actors/fix-cobalt-dickens
...
[threat-actors] Remove cobalt dickens duplicate
2022-11-03 11:27:08 +01:00
3b4dcd6ad3
Merge pull request #787 from Mathieu4141/threat-actors/fix-subaat-duplicate
...
[threat-actors] Remove subaat duplicate
2022-11-03 11:26:21 +01:00
Mathieu Beligon
8a9dd47f8f
[threat-actors] Add Phosphorus in APT35 aliases
2022-11-02 23:49:22 -07:00
Mathieu Beligon
21d4292faf
[threat-actors] Remove DustStorm alias from APT10
2022-11-02 23:31:31 -07:00
Mathieu Beligon
e61733591f
[threat-actors] Remove SectorJ04 duplicate
2022-11-02 20:30:40 -07:00
Mathieu Beligon
9f0869097a
[threat-actors] Remove cobalt dickens duplicate
2022-11-02 18:09:42 -07:00
Mathieu Beligon
e3e5560e37
[threat-actors] Remove subaat duplicate
2022-11-02 17:57:47 -07:00
Mathieu Beligon
5801bbcfc1
[threat-actors] Remove Skeleton Spider duplicate
2022-11-02 17:38:07 -07:00
Delta-Sierra
355025eb5b
fix metadata in wrong slot
2022-10-04 13:28:42 +02:00
Delta-Sierra
e5b3062912
add Volatile Cedar synonym
2022-10-03 16:06:13 +02:00
409c82f40c
Merge pull request #781 from Mathieu4141/threat-actors/fix-neodymium
...
[threat-actors] Fix G0055 (NEODYMIUM) alias
2022-09-30 06:39:31 +02:00
588184bacd
Merge pull request #780 from Mathieu4141/threat-actors/fix-svmondr
...
[threat-actors] Remove SVCMONDR duplicate
2022-09-30 06:38:56 +02:00
800006e6ab
Merge pull request #778 from Mathieu4141/threat-actors/fix-malware-reuser-duplicate
...
[threat-actors] Fix Volatile Cedar and Dancing Salome conflicts
2022-09-30 06:37:15 +02:00
Mathieu Beligon
74c6835d18
[threat-actors] Fix G0055 (NEODYMIUM) alias
2022-09-29 17:16:57 -07:00
Mathieu Beligon
a740e35687
[threat-actors] Remove SVCMONDR duplicate
2022-09-29 16:11:19 -07:00
Mathieu Beligon
5994fa4160
[threat-actors] Fix Volatile Cedar and Dancing Salome conflicts
2022-09-29 14:51:38 -07:00
Mathieu Beligon
4f47e6e2d3
[threat-actors] Equation group: separate from Lamberts and add tools
2022-09-29 11:28:54 -07:00
Thomas Dupuy
c66d6823a1
Add APT-Q-12 Threat Actor.
2022-09-29 02:30:41 +00:00
c3b65a2d15
chg: [threat-actor] JSON fix
2022-09-27 08:18:13 +02:00
Thomas Dupuy
bfd1812cef
Add Void Balaur.
2022-09-27 00:11:20 +00:00
Mathieu Beligon
22a39f4fdc
[threat-actors] Add BITWISE SPIDER
2022-09-20 11:23:33 -07:00
9b8b51fe53
Merge pull request #769 from Mathieu4141/threat-actors-add/no-name-057-06
...
[threat-actors] Add NoName057(16)
2022-09-17 07:43:42 +02:00
2f169e4258
Merge pull request #766 from Mathieu4141/threat-actors/fix-ta505
...
[threat-actors] Clean TA505 aliases
2022-09-17 07:43:18 +02:00
Mathieu Beligon
580d2c6931
[threat-actors] Add NoName057(16)
2022-09-16 20:11:06 -06:00
1c8d82cfcc
new: [threat-actor] hezb added
2022-09-14 11:00:33 +02:00
Mathieu Beligon
e1f5d3b5d8
[threat-actors] Keep meta from old Xenotime
2022-09-13 11:40:17 -07:00
Mathieu Beligon
4ff0bdfe8e
[threat-actors] Clean TA505 aliases
2022-09-13 11:34:02 -07:00
Mathieu Beligon
273c7c9b97
[threat-actors] Remove Xenotime duplicate
2022-09-12 17:10:49 -07:00
Delta-Sierra
0440db12e9
add DangerousSavanna campaign
2022-09-07 11:01:23 +02:00
Rony
aea413cebf
chg: [threat-actor] version bump
2022-09-01 10:32:01 +00:00
Rony
db913e5ab4
fix: [threat-actor] remove duplicate entries
2022-09-01 09:53:11 +00:00
Rony
6aea5ee05c
chg: [threat-actor] add Aoqin Dragon
2022-09-01 09:46:43 +00:00
Rony
fb0cf3c7e5
chg: [threat-actor] miscellaneous updates
2022-09-01 09:17:31 +00:00
Daniel Plohmann
d18f5bc8b6
mini-fix: adding https protocol to a reference
...
in automated processing and display, this may otherwise lead to a malformed local / relative link.
2022-08-30 17:08:03 +02:00
Rony
e7178a1e08
fix: [threat-actor] remove duplicate entries from APT9
2022-08-27 12:54:32 +00:00
Rony
27300c6381
chg: [threat-actor] add avast blog to APT40
2022-08-27 12:41:31 +00:00
Rony
7f526e230b
chg: [threat-actor] add Microsoft and PwC report to actors' references
2022-08-27 12:34:36 +00:00
Rony
6ad9699a38
chg: [threat-actor] add recorded future reference to RedAlpha
2022-08-27 12:10:51 +00:00
Rony
2dc138ae01
chg: [threat-actor] add Adam Kozy's testimony ro APT41 and APT26
2022-08-27 12:08:11 +00:00
Rony
0b140b7097
chg: [threat-actor] miscellaneous updates including merge of some actors and fix the error committed in 9cfcc0d9ac
2022-08-27 11:58:03 +00:00
8bea9f3b4b
Merge pull request #755 from Mathieu4141/threat-actors/fix-winnti
...
[threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts
2022-08-27 08:25:20 +02:00
Mathieu Béligon
9cfcc0d9ac
Add aliases to APT41
...
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-26 14:54:02 -07:00
Mathieu Beligon
6e00329ba6
[threat-actors] Fix aliases
2022-08-26 11:09:29 -07:00
Mathieu Beligon
9b714dcd76
[threat-actors] Merge Axiom into APT17
2022-08-25 13:49:07 -07:00
9efca4c41b
fix: [threat-actor] UUID reused fixed (UUIDs cannot be reused across different cluster)
...
Add the missing the relationship for the new UUID
2022-08-21 09:17:56 +02:00
Rony
5b42a09dc2
add PARINACOTA to threat-actor.json
...
MSTIC names digital crime actors based on global volcanoes
2022-08-20 17:10:15 +00:00
6b137ea12c
Merge pull request #749 from Mathieu4141/threat-actors/fix-naikon-cluster
...
[threat actors] Fix threat actors related to Lotus Panda
2022-08-20 11:46:15 +02:00
Mathieu Beligon
7f82616c10
fix axiom related field
2022-08-19 12:48:40 -07:00
Mathieu Beligon
969f461709
merge into apt41
2022-08-19 12:45:47 -07:00
Mathieu Beligon
fd9201e9e0
Merge APT22 and suckfly
2022-08-19 12:16:30 -07:00
Mathieu Beligon
768c94671c
Fix hellsing ref
2022-08-19 11:34:16 -07:00
a8b234d694
Merge pull request #753 from Mathieu4141/threat-actors/fix-bronze-president
...
[threat-actors] Remove duplicated BRONZE PRESIDENT entity
2022-08-19 06:26:11 +02:00
Mathieu Béligon
fcd6faec78
Capitalize override panda alias
...
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-18 20:51:03 -07:00
Mathieu Béligon
54f3ef2831
capitalize lotus panda alias
...
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-18 20:50:32 -07:00
Mathieu Béligon
c9b11553eb
normalize APT30 alias
...
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-18 20:32:44 -07:00
Mathieu Beligon
c1abedb446
Move Lotus Panda alias to Lotus Blossom
2022-08-18 20:21:31 -07:00
Mathieu Beligon
a61ef2a88f
[threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts
2022-08-18 17:03:26 -07:00
Mathieu Beligon
1acc51a7a6
[threat-actors] Add more data about APT-C-27
2022-08-18 15:44:18 -07:00
Mathieu Beligon
ec988c97d0
[threat-actors] Remove duplicated APT-C-27
2022-08-18 15:34:08 -07:00
Mathieu Beligon
d9046c8619
[threat-actors] Remove duplicated BRONZE PRESIDENT entity
2022-08-18 15:12:18 -07:00
Mathieu Beligon
a046e8094d
Merge APT30 and Naikon
2022-08-18 11:36:45 -07:00
Mathieu Beligon
5e4a4c3453
Merge branch 'main' into threat-actors/fix-naikon-cluster
2022-08-18 09:01:36 -07:00
Mathieu Beligon
264e764dfa
Remove ATK34 alias
2022-08-18 08:59:04 -07:00
Delta-Sierra
3f036db1e3
add TA558
2022-08-18 15:54:28 +02:00
Mathieu Beligon
71e3e1f3eb
Fix ATK aliases
2022-08-17 13:39:43 -07:00
Mathieu Beligon
a6242d4732
Merge branch 'main' into threat-actors/fix-naikon-cluster
2022-08-17 13:37:01 -07:00
Mathieu Beligon
0d6399aa2b
Add ATK78 alias for Thrip
2022-08-17 12:04:32 -07:00
Mathieu Beligon
53282255ce
Branch out Goblin Panda from Hellsing
2022-08-17 11:55:35 -07:00
Mathieu Beligon
3f50cf0175
Create a tool for Esile
2022-08-17 11:19:30 -07:00
Rony
ccd10b54f4
remove duplicate reference
2022-08-17 12:49:56 +05:30
Rony
0cec882cc5
merge microcin/sixlittlemonkeys to vicious panda
2022-08-17 07:06:51 +00:00
a373909bb1
Merge pull request #748 from r0ny123/patch-2
...
Update threat-actor.json
2022-08-17 07:44:46 +02:00
352998a84d
fix: [threat-actor] add missing refs for APT33 including CFR link
2022-08-17 07:40:23 +02:00
Mathieu Beligon
d05b29c1af
[threat-actors] Remove duplicate APT33
2022-08-16 17:15:30 -07:00
Mathieu Beligon
9c6f106928
[threat actor] Fix aliases related to Lotus Panda
2022-08-16 16:58:35 -07:00
Rony
5b25b574b3
add uac-0010 references from cert-ua
2022-08-16 10:19:53 +00:00
Rony
370045b01d
Merge "red october" and "cloud atlas" to inception framework"
2022-08-16 09:30:29 +00:00
Rony
62b168600f
fix duplicates
2022-08-16 12:15:30 +05:30
Rony
490bc6a05c
fix duplicate
2022-08-16 12:10:27 +05:30
Rony
bbe84c5985
updates to russian actors
2022-08-16 12:07:59 +05:30
Rony
de76aef023
Update threat-actor.json
2022-08-16 10:49:13 +05:30
Rony
f4b63d4514
updates to tianwu
2022-08-16 10:30:33 +05:30
96d31aa8c7
chg: [threat-actor] jq all the things
2022-08-11 17:50:00 +02:00
Thomas Dupuy
ed24dcaf19
Add link for SLIME29.
2022-08-11 15:41:01 +00:00
Thomas Dupuy
912050b9b7
Update commit based on feeback.
2022-08-11 15:20:32 +00:00
Thomas Dupuy
6e0df72ef4
Add Threat Actors from BH Asia22 prez.
2022-08-10 18:53:38 +00:00
Daniel Plohmann
bdaadea58e
removing a leading double quote in a URL.
2022-08-02 18:17:58 +02:00
Daniel Plohmann
bc20a463c8
merging TG2003 / Elephant Beetle into FIN13
...
as indicated in the respective resources published by the organizations using these aliases.
2022-08-02 14:11:43 +02:00
6427746ad8
Merge pull request #727 from Mathieu4141/threat-actors/merge-cutting-kitten-cleaver
...
Fix Cleaver aliases
2022-07-27 23:17:42 +02:00
63f5122ad4
Merge pull request #742 from r0ny123/patch-1
...
Update threat-actor.json
2022-07-27 18:56:47 +02:00
Mathieu Beligon
51aacd6b03
Reduce diff with old version
2022-07-26 23:53:22 -07:00
Mathieu Beligon
acc6ada575
r0ny123.review: Use Cutting Kitten as main value for ITSecTeam
2022-07-26 23:27:39 -07:00
Mathieu Beligon
d815bfa174
Merge remote-tracking branch 'upstream/main' into threat-actors/merge-cutting-kitten-cleaver
2022-07-26 23:22:03 -07:00
Daniel Plohmann
26f6a33695
more aliases from Unit 42
2022-07-26 11:09:33 +02:00
Rony
5a7f3a7207
fix
2022-07-25 17:17:52 +05:30
Rony
8ce0df6eb4
Update threat-actor.json
...
Merge aquatic panda & earth lusca
2022-07-25 17:15:23 +05:30
6b6398bf2d
fix: [threat-actor] incorrect merge fixed
2022-07-20 18:45:50 +02:00
b4ce9a9453
Merge branch 'main' of https://github.com/r0ny123/misp-galaxy into r0ny123-main
2022-07-20 18:41:27 +02:00
Rony
add6b27466
update
2022-07-20 21:39:33 +05:30
Rony
2b54df56f9
update
2022-07-20 21:32:11 +05:30
Rony
2e045d9c8c
chg: [fix] resolve conflict
2022-07-20 21:28:15 +05:30
Daniel Plohmann
5825783a85
removed duplicate UUID for Kinsing
...
my apologies, looks like I had not rolled a new UUID for one of the entries added...
2022-07-20 17:07:05 +02:00
Rony
932fcf1871
added Red Nue
2022-07-20 15:07:35 +05:30
Rony
082039b3b0
added CN actors from secureworks threat profile
...
https://www.secureworks.com/research/threat-profiles?filter=item-china and fixed some AKAs
2022-07-20 14:52:58 +05:30
Daniel Plohmann
ed32c508b7
added more Unit 42 aliases / groups
2022-07-20 08:38:03 +02:00
Rony
000bfe92d9
add APT9/Red Pegasus & BRONZE EDGEWOOD/Red Hariasa
2022-07-20 10:04:58 +05:30
Rony
2e8a577b0c
add PwC naming to CN actors
2022-07-20 09:45:21 +05:30
Rony
3fabd58416
chg: [threat-actor] fixed
2022-07-19 23:36:30 +05:30
Rony
79c84d3768
add Earth Berberoka, Earth Lusca and Earth Wendigo
2022-07-19 22:42:50 +05:30
Daniel Plohmann
082d506b64
adding new Unit 42 names
...
First PR: those are the directly mappable names. I will follow up after deconfliction and then with a few new entries.
2022-07-19 08:45:09 +02:00
Daniel Plohmann
240a757826
Update threat-actor.json
...
adding Predatory Sparrow due to recent events.
2022-07-13 10:02:07 +02:00
Thomas Dupuy
90da0d798f
Set country to LB instead of IR based on operational activity.
2022-07-12 16:21:41 +00:00
Thomas Dupuy
1a8835bcae
Remove list from POLONIUM TA.
2022-07-12 13:11:11 +00:00
Thomas Dupuy
a86d866534
Add POLONIUM TA.
2022-07-12 12:14:27 +00:00
Delta-Sierra
7e37fa0cdd
merge + update medusalocker
2022-07-06 09:28:46 +02:00
Delta-Sierra
c2e7ef4fab
Update Medusa Locker and others
2022-07-06 08:43:59 +02:00
Mathieu Beligon
693eed8d78
[threat actor] Break Cleaver aliases into respective entries
2022-07-04 14:05:29 +02:00
Mathieu Beligon
d63c990dad
[threat-actors] Separate ITSecTeam from Cleaver
2022-06-30 14:34:05 +02:00
Mathieu Beligon
b8d4ffdbde
Merge Cutting Kitten and Cleaver
2022-06-29 20:15:12 +02:00
Mathieu Beligon
d79c5bd1ab
Add ToddyCat Threat actor
2022-06-21 15:12:42 +02:00
Rony
c030fcdab6
chg: [threat-actor] added PwC naming for Indian actors
...
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
2022-06-11 15:46:54 +05:30
Thanat0s
44a99d066a
Y en a un peut plus je vous le mets quand meme ?
2022-06-11 04:24:04 -04:00
Thanat0s
57befd7259
jq all the things
2022-06-10 19:12:12 -04:00
Thanat0s
51f98f4706
Attck link + typo on TA551
2022-06-10 18:40:16 -04:00
Thanat0s
f97fee7135
Typo on TA551
2022-06-10 18:38:25 -04:00
Thanat0s
297acc0f5e
Add Mitre vs Thales RosettaStone
2022-06-10 18:24:15 -04:00
Rony
e916267c7c
chg: [threat-actor] add reference to bitter & sidewinder group
2022-06-08 23:22:17 +05:30
Mathieu Beligon
dca70783bf
[threat-actors] validate file
2022-05-23 11:32:24 +02:00
Mathieu Beligon
c1cfc19871
[threat actors] Remove dead link for sandworm threat actor
2022-05-23 11:30:04 +02:00
Mathieu Beligon
36a1466661
[threat-actors] Add RansomHouse
2022-05-23 11:29:39 +02:00
Rony
2721522e82
chg: [threat-actor] add exotic lily, ta578, ta579
2022-05-14 20:52:15 +05:30
fcdc6c86e6
chg: [threat-actor] add TG2003 synomym to Elephant Beetle
2022-05-09 14:24:28 +02:00
9130365e2e
chg: [threat-actor] Elephant Beetle added
...
Fix #708
2022-05-09 14:23:12 +02:00
bb434b11cf
chg: [threat-actor] ModifiedElephant added
...
Fix #709
2022-05-09 14:16:01 +02:00
06550a7945
chg: [threat-actor] fix refs field -> it's always an array
2022-05-09 13:46:16 +02:00
b67e3ed3f8
Merge branch 'threatactor-cosmiclynx-add' of https://github.com/adammchugh/MISP-Galaxy-Updates into adammchugh-threatactor-cosmiclynx-add
2022-05-09 13:43:44 +02:00
Rony
c0be6677c2
chg: [threat-actor] added actor Red Menshen
...
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
2022-05-07 15:44:10 +05:30
Rony
11eca69ebc
chg: [threat-actor] added Curious Gorge
2022-05-07 12:40:35 +05:30
Daniel Plohmann
26c1850377
Update threat-actor.json
...
adding Red Dev 4 as alias for GALLIUM as used by PwC.
2022-05-06 09:47:48 +02:00
Daniel Plohmann
06c293072c
Update threat-actor.json
...
adding UNC3524 to the actor galaxy cluster.
2022-05-04 13:21:56 +02:00
3c7
0ad65fbe9f
Forgot to jq all the things
2022-04-28 09:42:25 +02:00
3c7
dfb6c0668e
Added SaintBear
2022-04-28 09:36:25 +02:00
664f6d80cc
chg: [threat-actor] Killnet description added
2022-04-21 15:05:50 +02:00
1e383e2452
chg: [threat-actor] version updated
2022-04-21 14:53:14 +02:00
Mathieu Beligon
c8455a6c4d
[actors] Add killnet
2022-04-21 14:06:28 +02:00
Adam McHugh
53a0fc56d3
Added Cosmic Lynx Threat Actor from Agari Whitepaper advisory
2022-04-18 10:16:26 +09:30
Adam McHugh
84eac4b102
Added Cosmic Lynx Threat Actor from Agari Whitepaper advisory
2022-04-17 19:50:08 +09:30
Adam McHugh
cff8a38c5f
Added Copy-Paste Threat Actor from ACSC Advisory 2020-008
2022-04-17 19:37:26 +09:30
Thomas Dupuy
bd05eb0bba
upd: [cluster] add Threat Actor BladeHawk.
2022-04-11 17:03:19 +00:00
Thomas Dupuy
209391f110
upd: [cluster] add ref and synonyms for Energetic Bear.
2022-04-07 18:26:58 +00:00
Rony
a08ddaf548
Add Avivore & HAZY TIGER/Bitter
2022-04-02 01:14:18 +05:30
Rony
50f39edc10
Revert "update threat actors meta"
2022-04-02 00:55:38 +05:30
Delta-Sierra
73f71c8b15
dup
2022-04-01 16:51:27 +02:00
Delta-Sierra
fb557fd3a2
dup
2022-04-01 16:47:50 +02:00
Delta-Sierra
909fc09992
duplicate
2022-04-01 16:44:47 +02:00
Delta-Sierra
7c3e8ac068
fix duplicate
2022-04-01 16:40:40 +02:00
Delta-Sierra
dcc396108c
fix duplicate
2022-04-01 16:36:47 +02:00
Delta-Sierra
9257fb677b
merge
2022-04-01 16:32:10 +02:00
Delta-Sierra
0f7803b091
update threat actors meta
2022-04-01 16:00:27 +02:00
Mathieu Beligon
c35fad3291
Add threat actor group Scarab
2022-03-28 12:11:34 +02:00
Daniel Plohmann
24a3f16ab4
adding threat actor group LAPSUS$ / DEV-0537.
2022-03-23 09:47:10 +01:00
Delta-Sierra
97690426bf
update threat actors meta
2022-03-18 16:41:10 +01:00
7fd5715715
Merge pull request #691 from r0ny123/indian-adversaries
...
Update to Indian Adversaries
2022-03-15 12:28:16 +01:00
Rony
eebda5f955
chg: [threat-actor] merging viceroy tiger and donot team & adding SectorE02 as an alias of Donot team
2022-03-15 15:02:57 +05:30
Rony
ac72e7b639
fix
2022-03-15 14:00:46 +05:30
Rony
3b67e745e5
Update threat-actor.json
2022-03-15 13:57:00 +05:30
Delta-Sierra
957327383d
fix array
2022-03-07 16:10:53 +01:00