Rony
380006ecbb
merging Pacifier & Turla
2019-05-16 23:57:49 +05:30
32af463dd1
Merge pull request #403 from Delta-Sierra/master
...
add Reaver and probably related tools
2019-05-16 17:04:14 +02:00
Deborah Servili
9f801122da
add Reaver and probably related tools
2019-05-16 15:45:03 +02:00
Daniel Plohmann
a20f7fbe91
adding APT31/ZIRCONIUM
2019-05-15 22:43:33 +02:00
rmkml
cd58833770
Add Phobos Ransomware
2019-05-15 21:02:32 +02:00
Raphaël Vinot
59869bf145
fix: o365-exchange-techniques (duplicate values, duplicate UUIDs)
2019-05-13 11:15:38 +02:00
Deborah Servili
f8e356e042
Merge pull request #400 from Delta-Sierra/master
...
add Sodinokibi
2019-05-13 08:50:26 +02:00
678b2a5621
chg: [o365-exchange-techniques] Actions on Intent added (finalized)
2019-05-12 18:25:01 +02:00
5d1565152c
chg: [o365-exchange-techniques] Expansion added (WiP)
2019-05-12 18:19:00 +02:00
ee0f793e49
chg: [o365-exchange-techniques] Persistence kill-chain added (WiP)
2019-05-12 17:54:53 +02:00
3a75c6a3df
chg: [o365-exchange-techniques] Compromise row added (WiP)
2019-05-12 12:07:30 +02:00
a2df5c46d8
chg: [o365-exchange-techniques] [WiP] based on John Lambert matrix techniques
2019-05-12 09:51:41 +02:00
Rony
7c0ea4949a
Update threat-actor.json
2019-05-12 11:11:09 +05:30
Deborah Servili
5bbb0ab53d
add Sodinokibi
2019-05-08 15:54:37 +02:00
Raphaël Vinot
82ebbc6612
fix: UUID issues
2019-05-07 12:09:39 +02:00
Raphaël Vinot
988586fde0
fix: Duplicate values, typos.
2019-05-06 17:17:16 +02:00
36f317b4a8
Merge pull request #395 from Delta-Sierra/master
...
add Scranos
2019-05-03 16:22:20 +02:00
Deborah Servili
ad00477c87
add Scarnos
2019-05-03 15:55:19 +02:00
6aa7c39714
Merge pull request #394 from StefanKelm/master
...
Update threat-actor.json
2019-05-02 16:50:25 +02:00
20007e7b7c
Merge pull request #393 from Delta-Sierra/master
...
add AESDDoS Botnet and JasperLoader
2019-05-02 16:48:55 +02:00
StefanKelm
7e329855b2
Update threat-actor.json
...
Silent Librarian / COBALT DICKENS
2019-05-02 15:34:19 +02:00
b77087d59e
chg: [malpedia] duplicates fixed
2019-05-02 14:48:17 +02:00
b706738d46
chg: [malpedia] jq all the things
2019-05-02 14:47:00 +02:00
1ddb38341b
Merge branch 'master' of https://github.com/nao-sec/misp-galaxy into nao-sec-master
2019-05-02 14:46:34 +02:00
Deborah Servili
dda2ede5f2
add JasperLoader
2019-05-02 13:02:00 +02:00
Deborah Servili
f51f13e84b
add AESDDoS Botnet
2019-05-02 10:15:26 +02:00
37da9bebdf
chg: [threat-actor] FIN4 updates
2019-05-01 17:41:03 +02:00
Rony
0afaf81438
Update threat-actor.json
2019-05-01 15:54:38 +05:30
Rony
c565f61761
Update threat-actor.json
2019-05-01 15:51:56 +05:30
Rony
3b185d8435
Update threat-actor.json
2019-05-01 15:40:10 +05:30
Rony
ed351b4eae
updated FIN4
2019-05-01 15:24:59 +05:30
94466d8196
chg: [ATT&CK] updated to the latest version
2019-04-30 19:07:57 +02:00
Rintaro KOIKE
57735a5b5c
chg: [malpedia] updated to the latest version
...
Ref: https://malpedia.caad.fkie.fraunhofer.de/api/get/misp
2019-04-30 20:41:12 +09:00
f9a030ce54
chg: [exploit-kit] jq all the things
2019-04-28 19:12:06 +02:00
82a85d1651
Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master
2019-04-28 19:11:20 +02:00
Kafeine
915b673b7a
+= Spelevo
2019-04-28 12:24:48 +02:00
2405f1c59e
chg: [tool] Cowboy and KimJongRAT (Sorry Paul, we forgot ;-)
...
ref: https://unit42.paloaltonetworks.com/babyshark-malware-part-two-attacks-continue-using-kimjongrat-and-pcrat/
2019-04-27 09:33:55 +02:00
094f0e0684
chg: [tool] jq all the things
2019-04-24 12:58:49 +02:00
088e7477a6
chg: [tool] Karkoff tool added
2019-04-24 11:40:06 +02:00
Rony
292df2360a
more report on APT36
2019-04-22 11:05:21 +05:30
Deborah Servili
8ac7aec85c
add Sea Turtle campaign
2019-04-19 13:21:11 +02:00
Deborah Servili
39a416e9e7
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-04-19 11:54:26 +02:00
Christophe Vandeplas
ecc63cf166
chg; [threat-actor] validate + version bump
2019-04-17 21:01:55 +02:00
Christophe Vandeplas
d5fd896bb0
Merge pull request #385 from bartblaze/master
...
Add Whitefly
2019-04-17 20:53:15 +02:00
Deborah Servili
3abfe9fa48
merge
2019-04-17 16:06:50 +02:00
Bart
e1cab68683
Add Whitefly
2019-04-17 12:27:18 +01:00
Deborah Servili
83b900ecc2
Merge pull request #384 from r0ny123/patch-3
...
fixed the broken link
2019-04-17 08:27:09 +02:00
Deborah Servili
d72ea0d83a
Merge pull request #383 from rmkml/master
...
Add BigBobRoss Ransomware
2019-04-17 08:26:42 +02:00
Rony
d98aefa186
fixed the broken link
2019-04-17 09:17:23 +05:30
rmkml
d16cc2e184
Add Cr1ptt0r Ransomware
2019-04-14 20:49:36 +02:00
rmkml
271143519d
Add SpelevoEK
2019-04-13 23:04:25 +02:00
rmkml
55f6d28388
Add Planetary Ransomware
2019-04-13 22:41:37 +02:00
rmkml
356c485459
Add BigBobRoss Ransomware
2019-04-13 22:06:53 +02:00
9f20c7aac1
Merge pull request #382 from rmkml/master
...
Add Caesar RAT
2019-04-13 22:02:40 +02:00
rmkml
747dd3f90d
Add Caesar RAT
2019-04-13 21:47:24 +02:00
30baec12e9
Merge pull request #381 from rmkml/master
...
Add Tellyouthepass Ransomware
2019-04-13 20:01:30 +02:00
rmkml
9aa6244ed9
Add Ave Maria Stealer
2019-04-13 17:01:31 +02:00
rmkml
86323ca948
Add Tellyouthepass Ransomware
2019-04-13 16:38:46 +02:00
bc0949c357
Merge pull request #380 from bartblaze/master
...
Add DoNot team references
2019-04-13 09:29:35 +02:00
903612178f
Merge pull request #379 from rmkml/master
...
Add BlackWorm Ransomware
2019-04-13 09:29:02 +02:00
rmkml
f94e138b27
Add Vidar Stealer
2019-04-12 23:31:30 +02:00
rmkml
54cd80ee2d
Add Brushaloader Malware
2019-04-12 22:42:57 +02:00
Bart
3256cca9e0
Add DoNot team references
2019-04-12 21:12:16 +01:00
rmkml
25597c24f7
Add BlackWorm Ransomware
2019-04-12 21:29:13 +02:00
d7b4908aa3
Merge branch 'patch-8' of https://github.com/danielplohmann/misp-galaxy into danielplohmann-patch-8
2019-04-12 05:58:47 +02:00
Daniel Plohmann
159225b6cf
Based on additional research, APT36 can actually be merged into Mythic Leopard
2019-04-11 22:29:49 +02:00
Rony
7987c8f023
Update threat-actor.json
2019-04-12 01:56:12 +05:30
Rony
2fc914b2f9
Update threat-actor.json
2019-04-12 01:06:50 +05:30
Rony
60e4a486a7
adding additional resources for APT36
2019-04-11 23:55:51 +05:30
rmkml
eb90e99daf
Add Globe Imposter Ransomware
2019-04-10 22:37:54 +02:00
rmkml
6467fe5849
Add Parasite HTTP RAT
2019-04-09 22:27:28 +02:00
Daniel Plohmann
df5301eab5
adding FireEye's TMP.Lapis / APT36
2019-04-09 08:38:44 +02:00
Deborah Servili
c69a18c723
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-04-02 08:21:41 +02:00
a0234020bc
chg: [ransomware] various fixes
2019-04-01 19:49:00 +02:00
d23e533cdb
chg: [ransomware] jq all the things(tm)
2019-04-01 19:44:05 +02:00
36895a2163
chg: [ransomware] fix the meta to payment-method
2019-04-01 19:40:30 +02:00
0fa6cf25ba
Merge branch 'master' of https://github.com/ismasma/misp-galaxy into ismasma-master
2019-04-01 19:38:23 +02:00
Deborah Servili
272ea3ba4a
add ref for Ryuk and LockerGoga ransomwares
2019-03-28 15:58:00 +01:00
ac6276a906
Merge pull request #371 from Delta-Sierra/master
...
Add Operation ShadowHammer
2019-03-26 22:25:22 +01:00
Deborah Servili
6027d546f2
Add Operation ShadowHammer
2019-03-26 10:40:29 +01:00
Deborah Servili
575dd64582
add relationship between Cardinal RAT and EVILNUM
2019-03-26 08:41:11 +01:00
52f088efc9
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master
2019-03-21 20:51:59 +01:00
Daniel Plohmann
e0bb3d76a6
added APT-C-27 / GoldMouse
2019-03-21 18:06:03 +01:00
Deborah Servili
d0383b460f
jq
2019-03-21 09:15:16 +01:00
Deborah Servili
0fd04fa619
Merge branch 'master' into master
2019-03-21 08:42:30 +01:00
Deborah Servili
3c207f69be
add Cardinal RAT ref
2019-03-20 16:11:50 +01:00
Deborah Servili
f86c748b8c
add AOT-C-27 Goldmouse
2019-03-20 15:45:20 +01:00
Raphaël Vinot
6be42e6a1a
fix: Make validate all happy
2019-03-20 12:58:18 +01:00
04accabaab
chg: [mitre att&ck] updated with new version
2019-03-20 12:37:38 +01:00
Deborah Servili
b2e1d5551f
add SPOILER vulnerability + other minor changes
2019-03-20 11:47:58 +01:00
b2538a1f8a
chg: [threat-actor] change attribution confidence to be a string by default
2019-03-19 16:51:41 +01:00
095b0a4d81
chg: [attck4fraud] updated
2019-03-19 16:33:27 +01:00
3cf53b670e
chg: [attck4fraud] completed
2019-03-19 16:02:08 +01:00
2b619dd9b7
chg: [attck4fraud] Assets Transfer added
2019-03-19 15:52:33 +01:00
75b4a3a951
chg: [attck4fraud] Obtain Fraudulent Assets added
2019-03-19 15:44:16 +01:00
bf6a605f6d
chg: [attck4fraud] Perform fraud added
2019-03-19 15:33:46 +01:00
e398cc3ef2
chg: [attck4fraud] Target compromise updated
2019-03-19 15:17:25 +01:00
e26918d749
chg: [attck4fraud] more techniques
2019-03-19 15:08:44 +01:00
4f454493b7
chg: [threat-actor] BRONZE UNION is also uppercase
2019-03-19 14:47:03 +01:00
9a6b597387
chg: [threat-actor] updated the version to avoid the past issue with 0 value for integer values
2019-03-19 14:44:49 +01:00
c2f10410f5
chg: [sector] typo fixed - reported in #364
2019-03-19 12:36:19 +01:00
e56cb33097
chg: [attck4fraud] fix the type issue
2019-03-19 10:03:33 +01:00
a80283672c
chg: [attck4fraud] uuid fixed
2019-03-19 08:39:08 +01:00
2419a33807
chg: [attck4fraud] ATM Shimming added
2019-03-19 08:33:08 +01:00
779bc4a6a0
chg: [attck4fraud] description fixed for FT1003
2019-03-19 08:11:33 +01:00
3c067c42a8
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-03-19 08:10:36 +01:00
824465d879
add: [attck4fraud] initial attck-like matrix for fraud from https://github.com/burritoblue/attck4fraud (WiP)
2019-03-19 08:09:23 +01:00
78b886b2f0
Merge pull request #363 from Delta-Sierra/master
...
add H-worm RAT
2019-03-19 07:31:04 +01:00
Deborah Servili
3294091600
add H-worm RAT
2019-03-18 16:24:55 +01:00
Bart
dff2a827d6
Update preventive-measure.json
...
Add ACL
2019-03-17 21:47:54 +00:00
Deborah Servili
5ce8aae89e
add Operation Comando - hit version 100
2019-03-15 15:04:29 +01:00
ismasma
379ed61c34
Add payment method and price
2019-03-14 17:12:42 +01:00
5db30ba974
chg: [threat-actor] SandCat added
2019-03-14 06:18:10 +01:00
Thomas Dupuy
60d79b0153
add synonym, no need for uppercase in the name :)
2019-03-13 23:07:10 +01:00
Deborah Servili
ecf76178e7
add attribution-confidence attribute to threat-actor
2019-03-11 11:18:12 +01:00
Deborah Servili
7576d0db02
relations between SLUB Backdoor
2019-03-11 09:01:12 +01:00
Deborah Servili
a65688ec02
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy
2019-03-11 08:51:47 +01:00
Deborah Servili
33dbda1e1e
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2019-03-11 08:51:16 +01:00
Deborah Servili
59ee8a9f13
Merge branch 'master' into master
2019-03-11 08:40:38 +01:00
Deborah Servili
ddab5f7006
Merge branch 'master' into master
2019-03-11 08:40:11 +01:00
139e6c32ed
chg: [threat-actor] new attribution-confidence level introduced
2019-03-11 08:37:49 +01:00
eb665e2883
chg: [threat-actor] jq all the things
2019-03-10 11:15:13 +01:00
bebcc0eb5a
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-03-10 10:48:31 +01:00
6fb1303570
chg: [threat-actor] IRIDIUM added
...
Ref: https://resecurity.com/blog/parliament_races/
2019-03-10 10:47:34 +01:00
Raphaël Vinot
4f3e6335b5
fix: Wrong (duplicate) value.
2019-03-09 06:29:26 +01:00
Deborah Servili
2815e48610
add StealthWorker malware
2019-03-08 15:57:30 +01:00
Deborah Servili
ee034babba
add SLUB backdoor
2019-03-08 14:39:34 +01:00
769e0002ef
chg: [tools] jq all the things
2019-03-08 08:10:42 +01:00
Daniel Plohmann
1d8ada33a0
Update threat-actor.json
...
another actor described by 360TIC.
2019-03-07 17:50:46 +01:00
63419046d4
Merge branch 'master' of github.com:MISP/misp-galaxy
2019-03-07 15:51:44 +01:00
31ba566c18
chg: [tool] SLUB Backdoor added
2019-03-07 15:51:16 +01:00
Deborah Servili
7afd311abc
add Jokeroo RaaS
2019-03-07 15:23:30 +01:00
Daniel Plohmann
cfb807861a
FireEye upgraded TEMP.Periscope to APT40
2019-03-07 14:34:14 +01:00
Deborah Servili
eb0a33eab6
add operation Kabar Cobra
2019-03-06 15:52:49 +01:00
Deborah Servili
ae49090845
add ref for garrantydecrypt
2019-03-04 16:34:52 +01:00
Deborah Servili
6ffb8dd437
add relation between Lazarus Group and Operation SharpShooter
2019-03-04 12:03:05 +01:00
Deborah Servili
19c4fe4d11
add Rising Sun Backdoor
2019-03-04 10:11:26 +01:00
Deborah Servili
bd3fce00e1
add Razdel
2019-02-25 16:35:06 +01:00
f7367ef887
chg: [tool] Xbash description updated
2019-02-23 09:25:14 +01:00
f2159bfaa3
chg: [threat-actor] format fixed
2019-02-22 22:50:42 +01:00
f621b40263
chg: [threat-actor] jq all the things late in the night
2019-02-22 22:47:25 +01:00
d5df0d1064
chg: [threat-actor] uuid fixed
2019-02-22 22:45:28 +01:00
f2c80cbcdd
chg: [tool] BabyShark added
2019-02-22 22:44:44 +01:00
38283f0f86
chg: [threat-actor] STOLEN PENCIL added
2019-02-22 22:41:06 +01:00
243a6280e0
Merge pull request #350 from bartblaze/master
...
Add more info on Lotus Blossom
2019-02-21 23:39:33 +01:00
Bart
06553bbec2
Add more info on Lotus Blossom
...
Add 2 more references, fix typo - Trend calls it "Esile", not "Eslie" as mistakenly stated by CFR. The backdoor itself is commonly referred to as Elise.
2019-02-21 22:31:14 +00:00
08e8aafcf7
chg: [cert-eu-govsector] version fixed
2019-02-21 07:19:04 +01:00
ed132cb1b8
chg: [threat-actor] version fixed
2019-02-21 07:18:16 +01:00
Daniel Plohmann
0cd79994cc
Two more actor names from GTR2019
...
I found two more actor names while going again over the crowdstrike's report and updating the cross-references to malpedia.
2019-02-19 22:38:11 +01:00
Daniel Plohmann
85ec27b4c4
Added missing actors from CrowdStrike GTR2019
2019-02-19 18:26:01 +01:00