Commit graph

1336 commits

Author SHA1 Message Date
Mathieu4141
a6564bf61c [threat-actors] Add PhantomControl 2024-01-08 05:23:28 -08:00
Mathieu4141
f0229fbdd2 [threat-actors] Add GREF 2024-01-08 05:23:28 -08:00
Mathieu4141
2cd9cf28a2 [threat-actors] Add GambleForce 2023-12-20 03:40:25 -08:00
Mathieu4141
b6ea7157b4 [threat-actors] Add Tortoiseshell aliases 2023-12-20 03:40:25 -08:00
Mathieu4141
38b67da12f [threat-actors] Add Taidoor aliases 2023-12-20 03:40:25 -08:00
Mathieu4141
8e53536147 [threat-actors] Add UNC4736 2023-12-20 03:40:25 -08:00
Mathieu4141
365bbbe24a [threat-actors] Add Solntsepek 2023-12-20 03:40:25 -08:00
Mathieu4141
a4c56efca8 [threat-actors] Add Storm-1283 2023-12-20 03:40:25 -08:00
Mathieu4141
8ed4377844 [threat-actors] Add BiBiGun 2023-12-20 03:40:24 -08:00
c306125679
fix: [threat-actor] fix JSON 2023-12-18 14:43:21 +01:00
jstnk9
0dd2f95a50 new threat actor - Sandman APT
new threat actor - Sandman APT
2023-12-15 12:28:38 +01:00
Mathieu Beligon
92f9ed1148 [threat-actors] Add Callisto aliases 2023-12-14 15:00:22 +01:00
Mathieu Beligon
81c2e4d7fe [threat-actors] Add Hagga aliases 2023-12-14 15:00:22 +01:00
Mathieu Beligon
540c71d33b [threat-actors] Add Sandworm aliases 2023-12-14 15:00:22 +01:00
9c230f3705
Merge pull request #905 from Mathieu4141/threat-actors/dd7fd198-7ead-48ee-b763-50f2f9faa1c5
[threat-actors] Add 10 actors
2023-12-07 06:40:05 +01:00
Mathieu Beligon
6f3b85399b [threat-actors] jq 2023-12-06 17:59:16 -08:00
Mathieu Beligon
fdac01cd89 [threat-actors] Add UNC2630 2023-12-06 17:42:33 -08:00
Mathieu Beligon
47f0b31a32 [threat-actors] Add UAC-0050 2023-12-06 17:42:33 -08:00
Mathieu Beligon
228bbcc21d [threat-actors] Add UAC-0118 2023-12-06 17:42:33 -08:00
Mathieu Beligon
cf7cdcbc2b [threat-actors] Add DEV-0569 2023-12-06 17:42:33 -08:00
Mathieu Beligon
d155f1e05d [threat-actors] Add UNC215 2023-12-06 17:42:33 -08:00
Mathieu Beligon
79210345d0 [threat-actors] Add RomCom aliases 2023-12-06 17:42:33 -08:00
Mathieu Beligon
ebd216e315 [threat-actors] Add UNC2447 2023-12-06 17:42:33 -08:00
Mathieu Beligon
668fb80aec [threat-actors] Add WIP19 2023-12-06 17:42:33 -08:00
Mathieu Beligon
3719022d91 [threat-actors] Add AeroBlade 2023-12-06 17:42:33 -08:00
Mathieu Beligon
69a94b6c1e [threat-actors] Add UNC2659 2023-12-06 17:42:33 -08:00
Mathieu Beligon
b72868b6cd [threat-actors] Add UNC2717 2023-12-06 17:42:33 -08:00
Mathieu Beligon
7bb3c6ab5c [threat-actors] Update Scattered Spider 2023-12-06 14:00:32 -08:00
Mathieu Beligon
287a8d49cb [threat-actors] hormonize reference field 2023-12-05 14:32:26 -08:00
Mathieu4141
0391d3f3a5 [threat-actors] Add Daixin Team 2023-12-01 16:21:53 -08:00
Mathieu4141
44c270e9dc [threat-actors] Add ScamClub 2023-12-01 16:21:53 -08:00
Mathieu4141
6c2cb8979f [threat-actors] Add TunnelSnake 2023-12-01 16:21:53 -08:00
Mathieu Beligon
31562e4701 [threat-actors] Add WildPressure 2023-11-29 11:28:37 -08:00
Mathieu Beligon
9c02509a28 [threat-actors] Add WildCard 2023-11-29 11:28:37 -08:00
Mathieu Beligon
830ded98d3 [threat-actors] Add Red-Lili 2023-11-29 11:28:37 -08:00
Mathieu Beligon
d4c2788b87 [threat-actors] Add LightBasin 2023-11-29 11:28:37 -08:00
Mathieu Beligon
313dd82bb9 [threat-actors] Add DragonForce 2023-11-29 11:28:37 -08:00
Mathieu Beligon
9c0f18e9b9 [threat-actors] Add MalKamak 2023-11-29 11:28:37 -08:00
Mathieu Beligon
f066061f4b [threat-actors] Add Blacktail 2023-11-29 11:28:37 -08:00
Delta-Sierra
0b44ea33f0 fix version 2023-11-21 15:20:21 +01:00
Delta-Sierra
019292a1c1 Merge https://github.com/MISP/misp-galaxy 2023-11-21 12:33:20 +01:00
Delta-Sierra
53ea633504 Kimsuky target 2023-11-21 11:45:05 +01:00
Delta-Sierra
70456bd8ac Kimsuky relations 2023-11-21 11:40:50 +01:00
Mathieu4141
29baf77740 [threat-actors] Add SilverFish 2023-11-20 09:29:07 -08:00
Mathieu4141
ee2a8bec32 [threat-actors] Add TA402 2023-11-20 09:29:07 -08:00
Mathieu4141
00ca4c865f [threat-actors] Add CostaRicto 2023-11-20 09:29:07 -08:00
Mathieu4141
4c9063b772 [threat-actors] Add Storm Cloud 2023-11-20 09:29:06 -08:00
Mathieu4141
c4142b2ee7 [threat-actors] Add OldGremlin 2023-11-20 09:29:06 -08:00
Mathieu4141
a08311c5f1 [threat-actors] Add TiltedTemple 2023-11-20 09:29:06 -08:00
Mathieu4141
93d9db10a3 [threat-actors] Add Moshen Dragon 2023-11-20 09:29:05 -08:00
Mathieu4141
d477275a53 [threat-actors] Add N4ughtysecTU 2023-11-20 09:29:05 -08:00
Mathieu4141
2ac369ac61 [threat-actors] Add Webworm 2023-11-20 09:29:05 -08:00
Mathieu4141
32a78f3d26 [threat-actors] Add PerSwaysion 2023-11-20 09:29:05 -08:00
Mathieu4141
fc2cb9e253 [threat-actors] Add DefrayX 2023-11-17 02:59:57 -08:00
Mathieu4141
a81ac9687f [threat-actors] Add NewsPenguin 2023-11-17 02:59:56 -08:00
Mathieu4141
5b993d2517 [threat-actors] Add UAC-0006 2023-11-17 02:59:56 -08:00
Mathieu4141
d3c15e1652 [threat-actors] Add TA444 2023-11-17 02:59:56 -08:00
Mathieu4141
3c9f09edfc [threat-actors] Add WeedSec 2023-11-17 02:59:56 -08:00
Mathieu4141
e333b15063 [threat-actors] Add TEMP_Heretic 2023-11-17 02:59:55 -08:00
Mathieu4141
68f70a1831 [threat-actors] Add DEV-0928 2023-11-17 02:59:55 -08:00
Mathieu4141
ed0d3c6f57 [threat-actors] Add CL-STA-0043 2023-11-17 02:59:55 -08:00
Mathieu4141
d3836318a2 [threat-actors] Add UNC4841 2023-11-17 02:59:55 -08:00
Mathieu4141
c832066fa5 [threat-actors] Add AppMilad 2023-11-16 07:10:19 -08:00
Mathieu4141
6e7e5e60ce [threat-actors] Add Earth Kitsune 2023-11-16 07:10:19 -08:00
Mathieu4141
5d6bcf5e55 [threat-actors] Add FusionCore 2023-11-16 07:10:18 -08:00
Mathieu4141
d365624734 [threat-actors] Add DragonSpark 2023-11-16 07:10:18 -08:00
Mathieu4141
dc9d98ffe9 [threat-actors] Add UNC4191 2023-11-16 07:10:18 -08:00
Mathieu4141
941ef757bb [threat-actors] Add DriftingCloud 2023-11-16 07:10:18 -08:00
Mathieu4141
ce555828e1 [threat-actors] Add MurenShark 2023-11-16 07:10:18 -08:00
Mathieu4141
f759525c25 [threat-actors] Add Chernovite 2023-11-16 07:10:18 -08:00
Mathieu4141
03d16eba61 [threat-actors] Add VulzSecTeam 2023-11-16 07:10:18 -08:00
Mathieu4141
622d67eb38 [threat-actors] Add MirrorFace 2023-11-16 07:10:17 -08:00
Mathieu4141
3209c45b42 [threat-actors] Add KAX17 2023-11-15 08:19:01 -08:00
Mathieu4141
247dd86523 [threat-actors] Add Bohrium 2023-11-15 08:19:01 -08:00
Daniel Plohmann
99b23e31a3
adding Prolific Puma 2023-11-13 14:43:08 +01:00
Mathieu4141
28e02d308f [threat-actors] Add DarkCasino 2023-11-13 04:36:57 -08:00
Mathieu4141
b3584d5f9c [threat-actors] Add Zarya 2023-11-13 04:36:57 -08:00
Mathieu4141
a3802487a4 [threat-actors] Add XakNet 2023-11-13 04:36:57 -08:00
Mathieu4141
cf895b3b20 [threat-actors] Add TA482 2023-11-13 04:36:57 -08:00
Mathieu4141
775451488d [threat-actors] Add TAG-56 2023-11-13 04:36:57 -08:00
Mathieu4141
91e5c37a40 [threat-actors] Add Water Labbu 2023-11-13 04:36:56 -08:00
Mathieu4141
dc054efb62 [threat-actors] Add Caracal Kitten 2023-11-13 04:36:56 -08:00
Mathieu4141
59930c1b0b [threat-actors] Add WIRTE 2023-11-13 04:36:56 -08:00
Mathieu4141
9ff1b1d2e3 [threat-actors] Add WeRedEvils 2023-11-13 04:36:56 -08:00
Mathieu4141
7b7ffa4532 [threat-actors] Add DEV-0950 2023-11-13 04:36:56 -08:00
Mathieu4141
f5b7ad5478 [threat-actors] Add DiceyF 2023-11-08 06:14:54 -08:00
Mathieu4141
23b95c50d5 [threat-actors] Add SCARLETEEL 2023-11-08 06:14:54 -08:00
Mathieu4141
b59b270500 [threat-actors] Add SingularityMD 2023-11-08 06:14:54 -08:00
Mathieu4141
f52382a29a [threat-actors] Add Dalbit 2023-11-07 10:37:08 -08:00
Mathieu4141
56f990d100 [threat-actors] Add BlueBottle 2023-11-07 10:37:08 -08:00
Mathieu4141
59bd2763bc [threat-actors] Add Xcatze 2023-11-07 10:37:08 -08:00
Mathieu4141
44617774b6 [threat-actors] Add TwoSail Junk 2023-11-07 10:37:08 -08:00
Mathieu4141
c0dda66200 [threat-actors] Add DEV-1028 2023-11-07 10:37:08 -08:00
Mathieu4141
5069f86555 [threat-actors] Add Kiss-a-Dog 2023-11-07 10:37:08 -08:00
Mathieu4141
c36ddd75db [threat-actors] Add Confucious 2023-11-07 10:37:08 -08:00
Mathieu4141
34e03e6b56 [threat-actors] Add Desorden Group 2023-11-07 10:37:08 -08:00
Mathieu4141
e1eec18aa3 [threat-actors] Add UNC2565 2023-11-07 10:37:07 -08:00
Mathieu4141
6da7b218fc [threat-actors] Add TheDarkOverlord 2023-11-07 10:37:07 -08:00
32062206be
fix: [threat-actor] replace aliases -> synonyms + version updated 2023-11-07 16:08:19 +01:00
Mathieu Beligon
a1f64c63de [threat-actors] Add TraderTraitor 2023-11-07 14:47:12 +01:00
Mathieu Beligon
c0fd66e3cd [threat-actors] Add UAC-0094 2023-11-07 14:47:12 +01:00
Mathieu Beligon
7163ed2068 [threat-actors] Add UserSec 2023-11-07 14:47:12 +01:00
Mathieu Beligon
c3b6878cf3 [threat-actors] Add IronHusky 2023-11-07 14:47:12 +01:00
Mathieu Beligon
1246088d76 [threat-actors] Add ShinyHunters 2023-11-07 14:47:12 +01:00
Mathieu Beligon
798cebc970 [threat-actors] Add ShroudedSnooper 2023-11-07 14:47:12 +01:00
Mathieu Beligon
2111f50968 [threat-actors] Add 1937CN 2023-11-07 14:47:12 +01:00
Mathieu Beligon
40fb100ff9 [threat-actors] Add Altahrea Team 2023-11-07 14:47:12 +01:00
Mathieu Beligon
4093632674 [threat-actors] Add Cyber Av3ngers 2023-11-07 14:47:12 +01:00
Mathieu Beligon
58fb9162b0 [threat-actors] Add KromSec 2023-11-07 14:47:12 +01:00
Mathieu Beligon
d1f382602c [threat-actors] Add DustSquad 2023-11-07 14:47:11 +01:00
Mathieu Beligon
bc8904110b [threat-actors] Add Guacamaya 2023-11-07 14:47:11 +01:00
Mathieu Beligon
10d27206a7 [threat-actors] Add SharpPanda 2023-11-07 14:47:11 +01:00
Mathieu Beligon
ff9a8ddfe3 [threat-actors] Add BadRory 2023-11-07 14:47:11 +01:00
e24fecbd40
fix: [threat-actor] synonyms not aliases 2023-11-07 11:22:32 +01:00
b13eee558f
chg: [threat-actor] TA499 added 2023-11-07 11:12:35 +01:00
f2cc04fca8
chg: [threat-actor] version updated 2023-11-07 09:27:07 +01:00
Mathieu4141
5828ba1a9d [threat-actors] Add Storm-1133 2023-11-06 05:26:26 -08:00
Mathieu4141
4a3968e873 [threat-actors] Add REF2924 2023-11-06 05:26:26 -08:00
Mathieu4141
18811f8056 [threat-actors] Add REF5961 2023-11-06 05:26:26 -08:00
Mathieu4141
ee354d9d75 [threat-actors] Add HiddenArt 2023-11-06 05:26:26 -08:00
Mathieu4141
bfb03504a9 [threat-actors] Add OilAlpha 2023-11-06 05:26:26 -08:00
Mathieu4141
152ab38b10 [threat-actors] Add GhostSec 2023-11-06 05:26:26 -08:00
Mathieu4141
5a4a697e8c [threat-actors] Add IndigoZebra 2023-11-06 05:26:25 -08:00
Mathieu4141
971b17b79f [threat-actors] Add NB65 2023-11-06 05:26:25 -08:00
Mathieu4141
84fec96df9 [threat-actors] Add Witchetty 2023-11-06 05:26:25 -08:00
Mathieu4141
eb43d9faf2 [threat-actors] Add RedStinger 2023-11-06 05:26:25 -08:00
Mathieu Beligon
025345e1b6 [threat-actors] remove duplicate 2023-11-03 20:09:05 +01:00
Mathieu Beligon
a65bb60d90 [threat-actors] Add UNC3890 2023-11-03 19:02:12 +01:00
Mathieu Beligon
84fda6ef72 [threat-actors] Add Carderbee 2023-11-03 19:02:12 +01:00
Mathieu Beligon
1343cdb35a [threat-actors] Add RansomVC 2023-11-03 19:02:12 +01:00
Mathieu Beligon
ea227222ea [threat-actors] Add SiegedSec 2023-11-03 19:02:12 +01:00
Mathieu Beligon
44d7b3e88f [threat-actors] Add Metador 2023-11-03 19:02:12 +01:00
Mathieu Beligon
0133c023d2 [threat-actors] Add YoroTrooper 2023-11-03 19:02:12 +01:00
Mathieu Beligon
58e8dfef71 [threat-actors] Add Kasablanka 2023-11-03 19:02:12 +01:00
Mathieu Beligon
0f1777df92 [threat-actors] Add SparklingGoblin 2023-11-03 19:02:12 +01:00
Mathieu Beligon
419c62cea1 [threat-actors] Add Storm-0062 2023-11-03 19:02:12 +01:00
Mathieu Beligon
13c770f0a7 [threat-actors] Add LofyGang 2023-11-03 19:02:12 +01:00
0b5b9ca5a3
chg: [threat-actor] version updated 2023-11-03 14:00:21 +01:00
Mathieu Beligon
9d6315346e [threat-actors] jq 2023-11-03 11:32:24 +01:00
Mathieu Beligon
9c502d0d1f [threat-actors] Add Lancefly 2023-11-03 11:13:11 +01:00
Mathieu Beligon
73c73606ff [threat-actors] Add GoldenJackal 2023-11-03 11:13:11 +01:00
Mathieu Beligon
64f0a87ed7 [threat-actors] Add Earth Estries 2023-11-03 11:13:11 +01:00
Mathieu Beligon
4a521eec3b [threat-actors] Add TetrisPhantom 2023-11-03 11:13:11 +01:00
Mathieu Beligon
78472ee3f5 [threat-actors] Add Redfly 2023-11-03 11:13:11 +01:00
Mathieu Beligon
c9e85b4d16 [threat-actors] Add Earth Longzhi 2023-11-03 11:13:11 +01:00
Mathieu Beligon
a91734af6c [threat-actors] Add UNC3886 2023-11-03 11:13:11 +01:00
Mathieu Beligon
7bb54037e8 [threat-actors] Add Winter Vivern 2023-11-03 11:13:11 +01:00
Mathieu Beligon
4bb6cce77d [threat-actors] Add Xiaoqiying 2023-11-03 11:13:11 +01:00
Mathieu Beligon
f82b502df6 [threat-actors] Add Keksec 2023-11-03 11:13:11 +01:00
Mathieu4141
5b1af60db3 [threat-actors] Add Keksec 2023-11-02 06:29:30 -07:00
Mathieu Beligon
be89fcd370 [threat-actors] jq 2023-11-02 13:25:13 +01:00
Mathieu Béligon
63b422c7d0
Merge branch 'main' into threat-actor/scarred-manticore-6a6965e2-0843-47b1-990d-d43016dd4dd1 2023-11-02 13:19:14 +01:00
Mathieu4141
9ced077269 [threat-actors] Add Scarred Manticore 2023-11-02 05:17:14 -07:00
e7ca55277c
new: [threat-actor] Storm-0558 added + Fix #880 2023-10-31 09:05:19 +01:00
Mathieu Beligon
dcde706078 [threat-actors] Add Camaro Dragon 2023-10-26 13:20:54 +02:00
416cd6706a
fix: [threat-actor] JQ all the things + version updated 2023-10-20 12:00:48 +02:00
jstnk9
ec9dc0f2e3 threat actors update 2023-10-20 11:51:13 +02:00
jstnk9
aa5a6eb062 threat actor updated 2023-10-19 12:39:37 +02:00
Christophe Vandeplas
a4ae58afcb
chg: [threat-actor] increased version number 2023-10-17 11:29:52 +02:00
Christophe Vandeplas
e9f884e3f3
Merge pull request #876 from Mathieu4141/threat-actors/cobalt-mirage
[threat-actors] More aliases of Iranian apts
2023-10-17 11:29:01 +02:00
Mathieu Beligon
e086bee02e [threat-actors] More aliases of iranian apts 2023-10-17 11:21:48 +02:00
Mathieu Beligon
537ef08735 [threat-actors] Add Void Rabisu 2023-10-16 18:14:47 +02:00
059b20e705
chg: [threat-actor] clean-up 2023-10-13 16:31:48 +02:00
jstnk9
faef21e15d Added information related to Wizard Spider 2023-10-13 12:02:20 +02:00
jstnk9
613e9feb12 added suspected victims to Gelsemium 2023-10-13 10:53:36 +02:00
Delta-Sierra
1bb336fdbe add AtlasCross 2023-10-10 09:17:25 +02:00
Delta-Sierra
fd6bccae8b Merge https://github.com/MISP/misp-galaxy 2023-10-09 09:18:51 +02:00
Delta-Sierra
73d7c038b2 adding targeted sectors 2023-10-09 09:18:43 +02:00
Daniel Plohmann
1b33cad11d
adding aliases to ProphetSpider 2023-10-04 16:39:01 +01:00
8760ea0c52
Merge branch 'main' of github.com:MISP/misp-galaxy into main 2023-10-04 10:49:56 +02:00
89a193d315
fix: [threat-actor] version updated + jq all the things 2023-10-04 10:48:44 +02:00
Paul Stark
ce7d54c96a chg [misp-galaxy] update Nigeria from name to 2-digit code 2023-10-03 11:56:45 -04:00
jstnk9
89ab7728b0 updated TA505 countries and industries affected
updated TA505 countries and industries affected
2023-10-03 12:44:44 +02:00
Mathieu Beligon
e6266e8e59 fixes 2023-10-02 19:25:10 +02:00
Mathieu Beligon
081b2e619b fixes 2023-10-02 19:18:00 +02:00
Mathieu Beligon
b2599deaae fixes 2023-10-02 19:17:47 +02:00
Mathieu Beligon
0fba8d3f27 [threat-actors] bump version 2023-10-02 15:19:20 +02:00
Mathieu Beligon
b8f8fce4b6 [threa-actors] Add Scattered Spider 2023-10-02 15:17:40 +02:00
Mathieu Beligon
e393780af8 [threa-actors] Add Scattered Canary 2023-10-02 15:11:10 +02:00
5d78834520
Merge pull request #866 from Mathieu4141/actors/add-storm-0324
[threat-actors] Add Storm-0324
2023-09-16 11:02:33 +02:00
Mathieu Beligon
e2fd005821 [threat-actors] Add Storm-0324 2023-09-15 16:29:45 +02:00
Delta-Sierra
ac4d003c3e fix caps 2023-09-15 16:00:38 +02:00
Delta-Sierra
5efe483858 adding targeted sectors 2023-09-15 15:49:43 +02:00
Delta-Sierra
db23d6eb4c adding targeted sectors 2023-09-15 10:21:44 +02:00
Delta-Sierra
df0e103727 Add targeted sectors 2023-09-08 11:08:08 +02:00
Delta-Sierra
dc498bd199 more targeted-sectors meta 2023-08-28 15:06:57 +02:00
Delta-Sierra
639686be75 Merge https://github.com/MISP/misp-galaxy 2023-08-24 09:13:58 +02:00
Delta-Sierra
090b501c4c add targeted sectors meta 2023-08-24 09:03:57 +02:00
Daniel Plohmann
d978998a5d
RecordedFuture: RedHotel == EarthLusca 2023-08-23 14:02:15 +02:00
Daniel Plohmann (Saturn)
e207218534 version bump 2023-08-15 12:34:06 +02:00
Daniel Plohmann (Saturn)
4127ce9694 replaced various broken links with reachable equivalents 2023-08-15 12:32:51 +02:00
Daniel Plohmann
b083ae12bc
jq fix 2023-08-10 15:57:58 +02:00
Daniel Plohmann
c1d3164ef6
adding MoustachedBouncer 2023-08-10 15:49:11 +02:00
Daniel Plohmann
e228ffc432
alias Callisto -> BlueCharlie
not sure, if you also want to have the Microsoft names in here (I think they are tracked separately?), otherwise, that would be Star Blizzard according to the article.
2023-08-03 09:53:10 +02:00
Rony
9b9ce4777a chg: [threat-actor] added references, origin country, aliases to Sea Turtle 2023-07-28 11:04:11 +00:00
Thomas Dupuy
2dcd1d3544 upd: Add Worok TA and update APT-Q-12 to APT-C-60 as it was the first
name mention in an article.
2023-07-18 19:53:54 +00:00
Delta-Sierra
c51d177abd add SmugX & RedDelta 2023-07-10 15:46:01 +02:00
Delta-Sierra
20d3b3780a merge 2023-06-19 08:35:48 +02:00
iglocska
14301a9c4c
chg: [threat actors] added Volt Typhoon 2023-05-25 07:29:48 +02:00
Delta-Sierra
e87b7bbf73 complete VENOM SPIDER threat actor 2023-05-23 11:43:20 +02:00
Delta-Sierra
18ee466ae4 add Hagga threat actor 2023-05-22 15:44:18 +02:00
Delta-Sierra
d202ed9f3f Merge https://github.com/MISP/misp-galaxy 2023-05-15 09:54:25 +02:00
Delta-Sierra
a3fffacab3 add APT43 + tools 2023-05-15 08:41:17 +02:00
Daniel Plohmann
094d56057c
adding APT43 (Mandiant) for Kimsuky. 2023-05-09 14:35:41 +02:00
Sebastien Larinier
ddc285581d Update threat-actor.json 2023-04-26 21:52:57 +02:00
Sebastien Larinier
d60cca9302 Update threat-actor.json
fix mistake
2023-04-26 21:46:33 +02:00
Sebastien Larinier
142d4aeaef Update threat-actor.json 2023-04-26 14:26:48 +02:00
Jürgen Löhel
15297c7b5f
chg [threat-actors] Add RedGolf
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2023-04-24 16:59:18 -06:00
Christophe Vandeplas
79b80b0869
chg: [rels] more threat actor relations 2023-04-23 17:54:58 +02:00
Christophe Vandeplas
3c6c204f01
chg: [rels] more threat actor relations 2023-04-23 17:45:58 +02:00
Christophe Vandeplas
138c7c7ba8
chg: [rels] more relations on cluster "value" 2023-04-23 17:36:02 +02:00
Christophe Vandeplas
bf7c5f1dd9
chg: [rels] threat-actor & MS activity group - on synonym 2023-04-23 11:56:41 +02:00
Christophe Vandeplas
a5e7e0c95f
chg: [rels] threat-actor & MS activity group - on value 2023-04-23 11:55:57 +02:00
Sebastien Larinier
862badf2c9 Update threat-actor.json 2023-04-19 17:41:44 +02:00
Sebastien Larinier
1c751b1ea8 Update threat-actor.json 2023-04-19 17:34:50 +02:00
Sebastien Larinier
165ce70a28
Merge branch 'MISP:main' into main 2023-04-19 16:48:02 +02:00
Sebastien Larinier
87ef0a400e Update threat-actor.json 2023-04-19 15:42:14 +02:00
Sebastien Larinier
a77dc82c0a Update threat-actor.json
new apt30 group
2023-04-19 15:35:36 +02:00
Delta-Sierra
ecb7e79a6e Merge https://github.com/MISP/misp-galaxy 2023-04-19 15:06:51 +02:00
Sebastien Larinier
926035633f
Merge branch 'MISP:main' into main 2023-04-19 11:55:57 +02:00
Daniel Plohmann
41afab1c06
adding Trend Micro alias Earth Smilodon for APT27 2023-04-18 20:11:57 +02:00
Delta-Sierra
6b8994271e add relationships for HALFRIG & QUATTERRIG 2023-04-18 12:20:20 +02:00
Daniel Plohmann
02e23a9a47
adding Google alias HOODOO for APT41 2023-04-17 22:32:50 +02:00
Delta-Sierra
4a4fa6d16f fix versions 2023-04-17 11:32:51 +02:00
Delta-Sierra
233a066a03 Merge https://github.com/MISP/misp-galaxy 2023-04-17 11:16:23 +02:00
Delta-Sierra
d4225c5469 add some SNOWYAMBER relationships 2023-04-17 11:16:21 +02:00
Daniel Plohmann
a966b3ff88
adding Trend Micro alias Earth Preta for Mustang Panda 2023-04-12 16:59:36 +02:00
Sebdraven
8713618777 Update threat-actor.json
add new ref for sidecopy
2023-03-23 09:13:23 +01:00
Sebdraven
f5d68aa08d Update threat-actor.json
delete ref to APT30 for Naikon
2023-03-23 08:49:17 +01:00
Sebdraven
d5843d46e2 Update threat-actor.json
add ref to Aoqin Dragon
2023-03-21 18:40:10 +01:00
Mathieu Beligon
d82ff1ecfb [threat-actors] Add Anonymous Sudan 2023-03-15 17:38:03 -05:00
Daniel Plohmann
c39b46e9d5
Update threat-actor.json
when value "Sofacy" was changed to "APT28", it seems Sofacy was not added to aliases, so it's missing right now.
2023-03-15 14:55:25 +01:00
Jürgen Löhel
2d30785af5
chg [threat-actors] Add TA866
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2023-03-08 21:44:16 -06:00
Mathieu Beligon
395ffda94f [threat-actors] bump version 2023-03-02 10:29:52 -08:00
Mathieu Beligon
e1407c3c3f [threat-actors] Add SLIPPY SPIDER alias to LAPSUS 2023-03-02 10:29:29 -08:00
Mathieu Beligon
4bbee8c1e7 [threat-actors] Add PROPHET SPIDER 2023-03-02 10:19:24 -08:00
Mathieu Beligon
61cb24a3fc [threat-actors] Add Nemesis Kitten 2023-03-01 16:37:42 -08:00
Mathieu Beligon
84faa3c92b [threat-actors] Add Karakurt 2023-03-01 16:34:03 -08:00
Mathieu Beligon
7d371b4c80 [threat-actors] Add CYBORG SPIDER alias to GOCLD BURLAP 2023-03-01 15:45:41 -08:00
Mathieu Beligon
fa57354471 [threat-actors] Add Chamelgang 2023-03-01 15:40:23 -08:00
Mathieu Beligon
bff978e4d1 [threat-actors] Add TA453 2023-03-01 15:24:55 -08:00
Mathieu Beligon
3406ad3aa9 [threat-actors] Add APT42 2023-03-01 15:18:53 -08:00
Mathieu Beligon
2567d6f1f8 [threat-actors] Add TA406 2023-03-01 15:01:22 -08:00
Rony
50624af741 add DEV-0147 https://twitter.com/MsftSecIntel/status/1625181255754039318 2023-02-25 20:18:09 +00:00
Rony
cf727f034c
add other actor synonyms from Google's report https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf 2023-02-26 01:05:50 +05:30
6460fde2e4
chg: [threat-actor] version updated 2023-02-16 14:43:45 +01:00
Daniel Plohmann
91255413d8
adding Google names for RU threat actors
https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/
2023-02-16 14:30:05 +01:00
73bd7d0983
Merge pull request #818 from Mathieu4141/threat-actors/proofpoint-aliases
[threat actors] Adding some actors from ProofPoint
2023-02-14 06:40:22 +01:00
Mathieu Beligon
9f09699047 [threat-actors] Fix: country was in the wrong place 2023-02-13 16:47:38 -08:00
Mathieu Beligon
ac067a236e [threat-actors] fix: Add missing uuids 2023-02-13 16:36:41 -08:00
Mathieu Beligon
a792115dd8 fix 2023-02-13 16:26:10 -08:00
Mathieu Beligon
8193b05e14 [threat-actors] bump version 2023-02-13 14:18:58 -08:00
Mathieu Beligon
d34e894d2d [threat-actors] Add TA2536 2023-02-13 13:45:41 -08:00
Mathieu Beligon
20c31a5d10 [threat-actors] Add TA577 2023-02-13 13:32:24 -08:00
Mathieu Beligon
e836a4a63c [threat-actors] Add TA575 2023-02-13 12:02:32 -08:00
Mathieu Beligon
c52ac53765 [threat-actors] Add TA570 2023-02-13 11:54:47 -08:00
Mathieu Beligon
5f274f58c9 [threat-actors] Add Moskalvzapoe 2023-02-13 11:44:59 -08:00
Daniel Plohmann
62256854bc
adding Broadcom name for SaintBear. 2023-02-13 14:05:35 +01:00
Mathieu Beligon
33ff650327 [threat-actors] Add more information about NoName057(16) 2023-02-10 14:14:52 -08:00
Daniel Plohmann
9710e09e17
new APT29 name used by Recorded Future
cf. https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf
2023-02-02 11:46:50 +01:00
b7543c5012
Merge pull request #789 from Mathieu4141/threat-actors/fix-sectorj04
[threat-actors] Remove SectorJ04 duplicate
2023-01-27 15:05:37 +01:00
Mathieu Beligon
a452263ace [threat-actors] pr.review: Add SectorJ04 as alias of TA505 2023-01-27 13:32:58 +01:00
e54366fb87
chg: [threat-actor] added the missing synonyms 2023-01-10 15:55:30 +01:00
Delta-Sierra
3f4edb480b add Malteiro 2022-12-16 16:43:50 +01:00
Delta-Sierra
5931f51d7a add TAG-53 2022-12-08 11:31:02 +01:00
Delta-Sierra
3ea2d62a83 Version Update 2022-11-28 16:27:54 +01:00
Delta-Sierra
6016b1000c Merge https://github.com/MISP/misp-galaxy 2022-11-28 16:17:08 +01:00
Delta-Sierra
6c36295318 Update several RAT & Ransomwares 2022-11-28 16:13:38 +01:00
e3126ef857
fix: [clusters] Fixed some other few meta field names 2022-11-24 09:17:28 +01:00
Delta-Sierra
f4abf37b01 fix versions 2022-11-22 12:45:15 +01:00
Delta-Sierra
c02b74f999 merge 2022-11-22 12:43:18 +01:00
Delta-Sierra
8bf6d73d66 add BazarCall campaign 2022-11-22 09:08:28 +01:00
Thomas Dupuy
be7450494e Add Evasive Panda Threat Actor 2022-11-18 16:38:11 +00:00
Delta-Sierra
91d535925f version fix 2022-11-15 13:36:49 +01:00
Delta-Sierra
3837058ab1 merge 2022-11-15 12:54:03 +01:00
Delta-Sierra
d020efd276 add raspberry Robin worm & others 2022-11-15 11:57:10 +01:00
b787bbeb23
Merge pull request #792 from nyx0/main
Add RomCom TA.
2022-11-05 07:50:20 +01:00
3b196f8361
Merge pull request #791 from Mathieu4141/threat-actors/add-phosphorus-alias-to-apt-35
[threat-actors] Add Phosphorus in APT35 aliases
2022-11-05 07:49:55 +01:00
Thomas Dupuy
9ac53e5d5e Add RomCom TA. 2022-11-04 02:34:10 +00:00
6c4da5dd55
Merge pull request #790 from Mathieu4141/threat-actors/fix-dust-storm
[threat-actors] Remove DustStorm alias from APT10
2022-11-03 11:35:20 +01:00
52a6fff6a2
Merge pull request #788 from Mathieu4141/threat-actors/fix-cobalt-dickens
[threat-actors] Remove cobalt dickens duplicate
2022-11-03 11:27:08 +01:00
3b4dcd6ad3
Merge pull request #787 from Mathieu4141/threat-actors/fix-subaat-duplicate
[threat-actors] Remove subaat duplicate
2022-11-03 11:26:21 +01:00
Mathieu Beligon
8a9dd47f8f [threat-actors] Add Phosphorus in APT35 aliases 2022-11-02 23:49:22 -07:00
Mathieu Beligon
21d4292faf [threat-actors] Remove DustStorm alias from APT10 2022-11-02 23:31:31 -07:00
Mathieu Beligon
e61733591f [threat-actors] Remove SectorJ04 duplicate 2022-11-02 20:30:40 -07:00
Mathieu Beligon
9f0869097a [threat-actors] Remove cobalt dickens duplicate 2022-11-02 18:09:42 -07:00
Mathieu Beligon
e3e5560e37 [threat-actors] Remove subaat duplicate 2022-11-02 17:57:47 -07:00
Mathieu Beligon
5801bbcfc1 [threat-actors] Remove Skeleton Spider duplicate 2022-11-02 17:38:07 -07:00
Delta-Sierra
355025eb5b fix metadata in wrong slot 2022-10-04 13:28:42 +02:00
Delta-Sierra
e5b3062912 add Volatile Cedar synonym 2022-10-03 16:06:13 +02:00
409c82f40c
Merge pull request #781 from Mathieu4141/threat-actors/fix-neodymium
[threat-actors] Fix G0055 (NEODYMIUM) alias
2022-09-30 06:39:31 +02:00
588184bacd
Merge pull request #780 from Mathieu4141/threat-actors/fix-svmondr
[threat-actors] Remove SVCMONDR duplicate
2022-09-30 06:38:56 +02:00
800006e6ab
Merge pull request #778 from Mathieu4141/threat-actors/fix-malware-reuser-duplicate
[threat-actors] Fix Volatile Cedar and Dancing Salome conflicts
2022-09-30 06:37:15 +02:00
Mathieu Beligon
74c6835d18 [threat-actors] Fix G0055 (NEODYMIUM) alias 2022-09-29 17:16:57 -07:00
Mathieu Beligon
a740e35687 [threat-actors] Remove SVCMONDR duplicate 2022-09-29 16:11:19 -07:00
Mathieu Beligon
5994fa4160 [threat-actors] Fix Volatile Cedar and Dancing Salome conflicts 2022-09-29 14:51:38 -07:00
Mathieu Beligon
4f47e6e2d3 [threat-actors] Equation group: separate from Lamberts and add tools 2022-09-29 11:28:54 -07:00
Thomas Dupuy
c66d6823a1 Add APT-Q-12 Threat Actor. 2022-09-29 02:30:41 +00:00
c3b65a2d15
chg: [threat-actor] JSON fix 2022-09-27 08:18:13 +02:00
Thomas Dupuy
bfd1812cef Add Void Balaur. 2022-09-27 00:11:20 +00:00
Mathieu Beligon
22a39f4fdc [threat-actors] Add BITWISE SPIDER 2022-09-20 11:23:33 -07:00
9b8b51fe53
Merge pull request #769 from Mathieu4141/threat-actors-add/no-name-057-06
[threat-actors] Add NoName057(16)
2022-09-17 07:43:42 +02:00
2f169e4258
Merge pull request #766 from Mathieu4141/threat-actors/fix-ta505
[threat-actors] Clean TA505 aliases
2022-09-17 07:43:18 +02:00
Mathieu Beligon
580d2c6931 [threat-actors] Add NoName057(16) 2022-09-16 20:11:06 -06:00
1c8d82cfcc
new: [threat-actor] hezb added 2022-09-14 11:00:33 +02:00
Mathieu Beligon
e1f5d3b5d8 [threat-actors] Keep meta from old Xenotime 2022-09-13 11:40:17 -07:00
Mathieu Beligon
4ff0bdfe8e [threat-actors] Clean TA505 aliases 2022-09-13 11:34:02 -07:00
Mathieu Beligon
273c7c9b97 [threat-actors] Remove Xenotime duplicate 2022-09-12 17:10:49 -07:00
Delta-Sierra
0440db12e9 add DangerousSavanna campaign 2022-09-07 11:01:23 +02:00
Rony
aea413cebf chg: [threat-actor] version bump 2022-09-01 10:32:01 +00:00
Rony
db913e5ab4 fix: [threat-actor] remove duplicate entries 2022-09-01 09:53:11 +00:00
Rony
6aea5ee05c chg: [threat-actor] add Aoqin Dragon 2022-09-01 09:46:43 +00:00
Rony
fb0cf3c7e5 chg: [threat-actor] miscellaneous updates 2022-09-01 09:17:31 +00:00
Daniel Plohmann
d18f5bc8b6
mini-fix: adding https protocol to a reference
in automated processing and display, this may otherwise lead to a malformed local / relative link.
2022-08-30 17:08:03 +02:00
Rony
e7178a1e08 fix: [threat-actor] remove duplicate entries from APT9 2022-08-27 12:54:32 +00:00
Rony
27300c6381 chg: [threat-actor] add avast blog to APT40 2022-08-27 12:41:31 +00:00
Rony
7f526e230b chg: [threat-actor] add Microsoft and PwC report to actors' references 2022-08-27 12:34:36 +00:00
Rony
6ad9699a38 chg: [threat-actor] add recorded future reference to RedAlpha 2022-08-27 12:10:51 +00:00
Rony
2dc138ae01 chg: [threat-actor] add Adam Kozy's testimony ro APT41 and APT26 2022-08-27 12:08:11 +00:00
Rony
0b140b7097 chg: [threat-actor] miscellaneous updates including merge of some actors and fix the error committed in 9cfcc0d9ac 2022-08-27 11:58:03 +00:00
8bea9f3b4b
Merge pull request #755 from Mathieu4141/threat-actors/fix-winnti
[threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts
2022-08-27 08:25:20 +02:00
Mathieu Béligon
9cfcc0d9ac
Add aliases to APT41
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-26 14:54:02 -07:00
Mathieu Beligon
6e00329ba6 [threat-actors] Fix aliases 2022-08-26 11:09:29 -07:00
Mathieu Beligon
9b714dcd76 [threat-actors] Merge Axiom into APT17 2022-08-25 13:49:07 -07:00
9efca4c41b
fix: [threat-actor] UUID reused fixed (UUIDs cannot be reused across different cluster)
Add the missing the relationship for the new UUID
2022-08-21 09:17:56 +02:00
Rony
5b42a09dc2 add PARINACOTA to threat-actor.json
MSTIC names digital crime actors based on global volcanoes
2022-08-20 17:10:15 +00:00
6b137ea12c
Merge pull request #749 from Mathieu4141/threat-actors/fix-naikon-cluster
[threat actors] Fix threat actors related to Lotus Panda
2022-08-20 11:46:15 +02:00
Mathieu Beligon
7f82616c10 fix axiom related field 2022-08-19 12:48:40 -07:00
Mathieu Beligon
969f461709 merge into apt41 2022-08-19 12:45:47 -07:00
Mathieu Beligon
fd9201e9e0 Merge APT22 and suckfly 2022-08-19 12:16:30 -07:00
Mathieu Beligon
768c94671c Fix hellsing ref 2022-08-19 11:34:16 -07:00
a8b234d694
Merge pull request #753 from Mathieu4141/threat-actors/fix-bronze-president
[threat-actors] Remove duplicated BRONZE PRESIDENT entity
2022-08-19 06:26:11 +02:00
Mathieu Béligon
fcd6faec78
Capitalize override panda alias
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-18 20:51:03 -07:00
Mathieu Béligon
54f3ef2831
capitalize lotus panda alias
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-18 20:50:32 -07:00
Mathieu Béligon
c9b11553eb
normalize APT30 alias
Co-authored-by: Rony <rony_123@protonmail.ch>
2022-08-18 20:32:44 -07:00
Mathieu Beligon
c1abedb446 Move Lotus Panda alias to Lotus Blossom 2022-08-18 20:21:31 -07:00
Mathieu Beligon
a61ef2a88f [threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts 2022-08-18 17:03:26 -07:00
Mathieu Beligon
1acc51a7a6 [threat-actors] Add more data about APT-C-27 2022-08-18 15:44:18 -07:00
Mathieu Beligon
ec988c97d0 [threat-actors] Remove duplicated APT-C-27 2022-08-18 15:34:08 -07:00
Mathieu Beligon
d9046c8619 [threat-actors] Remove duplicated BRONZE PRESIDENT entity 2022-08-18 15:12:18 -07:00
Mathieu Beligon
a046e8094d Merge APT30 and Naikon 2022-08-18 11:36:45 -07:00
Mathieu Beligon
5e4a4c3453 Merge branch 'main' into threat-actors/fix-naikon-cluster 2022-08-18 09:01:36 -07:00
Mathieu Beligon
264e764dfa Remove ATK34 alias 2022-08-18 08:59:04 -07:00
Delta-Sierra
3f036db1e3 add TA558 2022-08-18 15:54:28 +02:00
Mathieu Beligon
71e3e1f3eb Fix ATK aliases 2022-08-17 13:39:43 -07:00
Mathieu Beligon
a6242d4732 Merge branch 'main' into threat-actors/fix-naikon-cluster 2022-08-17 13:37:01 -07:00
Mathieu Beligon
0d6399aa2b Add ATK78 alias for Thrip 2022-08-17 12:04:32 -07:00
Mathieu Beligon
53282255ce Branch out Goblin Panda from Hellsing 2022-08-17 11:55:35 -07:00
Mathieu Beligon
3f50cf0175 Create a tool for Esile 2022-08-17 11:19:30 -07:00
Rony
ccd10b54f4
remove duplicate reference 2022-08-17 12:49:56 +05:30