Commit graph

3267 commits

Author SHA1 Message Date
StefanKelm
fb35646406
Update threat-actor.json
Lazarus
2021-01-26 14:38:37 +01:00
763d67d2a4
Merge pull request #619 from nyx0/main
Update tool cluster
2021-01-20 19:57:43 +01:00
Thomas Dupuy
f964514ec5 Add HyperBro in tools 2021-01-20 13:44:28 -05:00
Thomas Dupuy
9df95031a7 Update ZxShell tool. 2021-01-20 13:27:51 -05:00
402837d033
Merge pull request #618 from StefanKelm/main
Update threat-actor.json
2021-01-20 17:49:53 +01:00
StefanKelm
a131a7ce98
Update threat-actor.json
Lazarus
2021-01-20 17:43:18 +01:00
3c19c7c1e5
Merge pull request #617 from danielplohmann/patch-4
merge COVELLITE into Lazarus Group
2021-01-17 16:05:13 +01:00
dc7de80b98
Merge pull request #616 from r0ny123/patch-2
removing Starcruft
2021-01-17 16:04:24 +01:00
Daniel Plohmann
ca66fcd93a
merge COVELLITE into Lazarus Group
I would propose to move COVELLITE as tracked by Dragos as an alias into Lazarus Group and merge the references. 
Dragos' own description states that it refers to the same group as "Lazarus" and "Hidden Cobra" in that infrastructure and tools are the same: https://www.dragos.com/threat-activity-groups/ - the entry in MISP's threat actor library also reflects that.
2021-01-17 15:07:26 +01:00
Rony
91e87cf82c
Update threat-actor.json
Don't know how StarCraft
2021-01-17 12:21:34 +05:30
830f82f710
Merge pull request #615 from danielplohmann/patch-3
merging ScarCruft->APT37
2021-01-16 00:08:26 +01:00
Daniel Plohmann
edcc3c0bc1
merging ScarCruft->APT37
I would like to propose merging entry "ScarCruft" into "APT37". It really just seems like a redundancy, as both its aliases "Operation Daybreak" and "Operation Erebus" are already present for "APT37", along alias "StarCruft", which just seems to be a less popular variation of the name ("StarCruft" 3.2k google hits vs "ScarCruft" 31.5k google hits). The references of the entry can be fully merged as well - they do not overlap so far.
2021-01-15 18:52:49 +01:00
Delta-Sierra
a6f7795952 fix merge 2021-01-12 10:38:33 +01:00
2b356a9eb0
chg: [threat-actor] UNC2452/DarkHalo added - ref. #614 2021-01-12 07:01:36 +01:00
184d57f0a2
chg: [ransomware] Babuk Ransomware added 2021-01-05 19:11:28 +01:00
4454b58743
chg: [ransomware] RegretLocker added 2020-12-30 14:14:09 +01:00
d408b81606
Merge pull request #612 from r0ny123/patch-1
BISMUTH
2020-12-14 13:29:23 +01:00
Rony
3240aa819f
Update threat-actor.json 2020-12-14 11:54:41 +05:30
Rony
2ffb77b35b
BISMUTH 2020-12-14 10:41:15 +05:30
Delta-Sierra
31f96513b2 update sidewinder threat actor 2020-12-11 16:09:33 +01:00
ac86ebd5f6
Merge pull request #609 from StefanKelm/master
Update threat-actor.json
2020-12-09 22:16:49 +01:00
691532a2b4
Merge pull request #610 from Delta-Sierra/master
Add new clusters
2020-12-09 22:16:07 +01:00
Delta-Sierra
ebd31b7376 add BazarBackdoor 2020-12-09 16:42:32 +01:00
Delta-Sierra
d3a9cf742a add RansomEXX 2020-12-09 16:32:02 +01:00
Delta-Sierra
3daaa30aed Merge https://github.com/MISP/misp-galaxy 2020-12-07 16:20:36 +01:00
StefanKelm
5dc92995f6
Update threat-actor.json
DeathStalker, Mabna
2020-12-04 11:43:06 +01:00
e563ebc6ed
Merge pull request #608 from StefanKelm/master
Update threat-actor.json
2020-12-04 10:38:11 +01:00
StefanKelm
4fee985b5e
Update threat-actor.json
Turla
2020-12-03 13:05:14 +01:00
15b27f9497
Merge pull request #607 from StefanKelm/master
Update threat-actor.json
2020-12-02 12:23:49 +01:00
StefanKelm
72e085aba9
Update threat-actor.json
OceanLotus
2020-12-02 11:44:29 +01:00
790053b5b0
Merge branch 'main' of github.com:MISP/misp-galaxy into main 2020-11-30 15:50:42 +01:00
b00ea12677
chg: [doc] Travis is dead, GH Action is alive. 2020-11-30 15:50:17 +01:00
Raphaël Vinot
9be4a53f77 fix: reorganize GH actions 2020-11-30 14:33:19 +01:00
Raphaël Vinot
47830ca058 chg: Fix gh actions 2020-11-30 14:22:14 +01:00
Raphaël Vinot
2d885e2a22 chg: Add PR to GH actions 2020-11-30 14:10:12 +01:00
01ec0a7c28
Merge pull request #606 from StefanKelm/master
Update threat-actor.json
2020-11-30 11:56:21 +01:00
StefanKelm
15b5f4c881
Update threat-actor.json
APT27
2020-11-30 11:49:23 +01:00
Delta-Sierra
e81d3c63d5 Merge https://github.com/MISP/misp-galaxy 2020-11-27 12:47:20 +01:00
Christophe Vandeplas
9a731470d3 chg: [att&ck] update to latest MITRE ATT&CK version 2020-11-25 07:45:48 +01:00
ac53018715
Merge pull request #604 from StefanKelm/master
Update threat-actor.json
2020-11-18 19:33:28 +01:00
StefanKelm
da910c0c2e
Update threat-actor.json 2020-11-18 19:15:11 +01:00
Delta-Sierra
7af75bb222 add Darkside ransomware 2020-11-18 16:10:49 +01:00
e308d9c984
Merge pull request #603 from StefanKelm/master
Update threat-actor.json
2020-11-18 13:42:53 +01:00
StefanKelm
48ffaa8ce1
Update threat-actor.json
Lazarus
2020-11-18 12:10:23 +01:00
5c80582980
Merge pull request #602 from snurilov/patch-1
Add ConfuserEx and Beds Protector .NET packers to tools.json cluster
2020-11-12 07:53:43 +01:00
snurilov
44e9da1390
Add ConfuserEx and Beds Protector .NET packers to tools.json cluster
Add ConfuserEx and Beds Protector .NET packers to tools.json cluster
2020-11-11 23:09:03 -05:00
7ec73892f9
Merge pull request #601 from snurilov/patch-1
Update rat.json to include Iperius Remote
2020-11-10 08:32:00 +01:00
snurilov
3f4683d8a3
Update rat.json to include Iperius Remote
Add Iperius Remote to the rat.json cluster.
2020-11-09 23:45:16 -05:00
Christophe Vandeplas
3dcabe9089
Merge pull request #600 from StefanKelm/master
Update threat-actor.json
2020-11-09 17:36:35 +01:00
StefanKelm
bf5bdeacb0
Update threat-actor.json
OceanLotus
2020-11-09 14:39:55 +01:00