Commit graph

1374 commits

Author SHA1 Message Date
Mathieu4141
68d61732d1 [threat-actors] Add Water Sigbin 2024-07-08 02:28:35 -07:00
Mathieu4141
d8e7fbaa79 [threat-actors] Add CloudSorcerer 2024-07-08 02:28:35 -07:00
Mathieu4141
f7cb975c54 [threat-actors] Add Chamelgang aliases 2024-07-08 02:28:35 -07:00
Mathieu4141
c82f1a4dc8 [threat-actors] Add Boolka 2024-06-28 02:17:32 -07:00
Mathieu4141
da77ee6a61 [threat-actors] Add Dragonbridge 2024-06-28 02:17:32 -07:00
Mathieu4141
05f449dae3 [threat-actors] Add IntelBroker 2024-06-25 05:17:03 -07:00
Mathieu4141
c6fc6f248b [threat-actors] Add HellHounds 2024-06-25 05:17:02 -07:00
Mathieu4141
0ad87ccef4 [threat-actors] Add BlueHornet 2024-06-24 02:35:58 -07:00
Mathieu4141
5347bcb95c [threat-actors] Add ALTDOS 2024-06-24 02:35:58 -07:00
Mathieu4141
a16cff8e44 [threat-actors] Add SneakyChef 2024-06-24 02:35:58 -07:00
Mathieu4141
13fc125694 [threat-actors] Add RedJuliett 2024-06-24 02:35:57 -07:00
Mathieu4141
4d94ff0c12 [threat-actors] Add JuiceLedger 2024-06-24 02:35:57 -07:00
Mathieu4141
09bd93f488 [threat-actors] Add Adrastea 2024-06-24 02:35:57 -07:00
Mathieu4141
965f1f5be4 [threat-actors] Add Markopolo 2024-06-24 02:35:57 -07:00
Mathieu4141
879ae26c55 [threat-actors] Add Void Arachne 2024-06-24 02:35:57 -07:00
dded13d5c2
chg: [threat-actor] version updated
Some checks failed
Python application / build (3.10) (push) Has been cancelled
Python application / build (3.8) (push) Has been cancelled
Python application / build (3.9) (push) Has been cancelled
2024-06-21 10:24:39 +02:00
Christophe Vandeplas
f3c8ccc032
Merge pull request #992 from Mathieu4141/threat-actors/fix-stone-panda-typo
[threat actors] fix stone panda typo
2024-06-19 10:20:17 +02:00
Mathieu Beligon
1e63bfca1b [threat actors] fix stone panda typo 2024-06-19 11:11:40 +03:00
25d7755f89
chg: [threat-actor] version updated 2024-06-18 15:43:48 +02:00
Mathieu4141
950a6bfa4e [threat-actors] Add TraderTraitor aliases 2024-06-18 04:51:30 -07:00
Mathieu4141
4cabbe3bc9 [threat-actors] Add UAC-0020 2024-06-18 04:51:30 -07:00
Mathieu4141
c8e623e84c [threat-actors] Add Bondnet 2024-06-18 04:51:30 -07:00
Mathieu4141
93cc634d1c [threat-actors] Add TA571 2024-06-18 04:51:29 -07:00
Mathieu4141
8ba48b446a [threat-actors] Add Sp1d3r 2024-06-18 04:51:29 -07:00
Mathieu4141
e7bb6de04a [threat-actors] Add UNC5537 2024-06-18 04:51:29 -07:00
Mathieu4141
b317c4ff6b [threat-actors] Add Gitloker 2024-06-18 04:51:29 -07:00
Mathieu4141
fb177f95db [threat-actors] Add UTG-Q-008 2024-06-18 04:51:29 -07:00
Mathieu4141
7c21eb7aa5 [threat-actors] Add Hunt3r Kill3rs 2024-06-06 01:27:07 -07:00
Mathieu4141
3c7f74913f [threat-actors] Add LilacSquid 2024-06-06 01:27:07 -07:00
Mathieu4141
7ade514644 [threat-actors] Add SEXi 2024-06-06 01:27:07 -07:00
Mathieu4141
b5f257c4e1 [threat-actors] Add FlyingYeti 2024-06-06 01:27:06 -07:00
Mathieu4141
eec91d1465 [threat-actors] Add StucxTeam 2024-06-06 01:27:06 -07:00
Mathieu4141
d0162e654e [threat-actors] Add APT28 aliases 2024-06-06 01:27:06 -07:00
Mathieu4141
4e6fa2191a [threat-actors] Add Unfading Sea Haze 2024-06-06 01:27:06 -07:00
Mathieu4141
f1bbd96d84 [threat-actors] Add RansomHub 2024-06-06 01:27:06 -07:00
97fd1ed309
chg: [threat-actor] jq all the things 2024-06-02 09:30:18 +02:00
ab6be85bc0
Merge pull request #980 from jstnk9/sidewinder-update
update sidewinder information
2024-06-02 09:29:08 +02:00
f3b93a6bef
chg: [threat-actor] version updated 2024-05-28 11:35:39 +02:00
jstnk9
ecf246a103 Update threat-actor.json 2024-05-24 09:39:04 +02:00
Mathieu4141
2698e76043 [threat-actors] Add Alpha Spider 2024-05-22 05:30:08 -07:00
Mathieu Beligon
32b9051873 [threat actors] fix merge 2024-05-21 19:29:26 +02:00
Mathieu Béligon
9e602a977f
Merge branch 'main' into threat-actors/5085bb5f-2aa6-485f-8e57-389d4020b408 2024-05-21 19:23:54 +02:00
Mathieu Béligon
e97ecd46b0
Add phantomcore reference
Co-authored-by: Rony <49360849+r0ny123@users.noreply.github.com>
2024-05-21 19:23:04 +02:00
f3a145c96f
chg: [threat-actor] updated following PR #977
The `master` branch should not be used
2024-05-21 16:59:07 +02:00
Mathieu4141
d172320fad [threat-actors] Add Kimsuky aliases 2024-05-21 06:56:42 -07:00
Mathieu4141
e17f2eda0c [threat-actors] Add Void Manticore 2024-05-21 06:56:41 -07:00
Mathieu4141
754a9b08f8 [threat-actors] Add CiberInteligenciaSV 2024-05-21 06:56:41 -07:00
Mathieu4141
6fe19ac915 [threat-actors] Add PhantomCore 2024-05-21 06:56:41 -07:00
Mathieu4141
303eb8a0d6 [threat-actors] Add SaintBear aliases 2024-05-02 04:50:10 -07:00
Mathieu4141
fc2b5abb6a [threat-actors] Add Water Orthrus 2024-05-02 04:50:10 -07:00
Rony
72402ce38b
chg: [threat-actor] STORM ->> Storm 2024-04-26 19:15:47 +00:00
Rony
3d5c61a8ef
fix: resolve conflict 2024-04-26 18:56:46 +00:00
Rony
dd8b317912
chg: [threat-actor] Earth Freybug added
Tracking it seperately for now though TM identified it as subset of APT41
2024-04-21 06:35:56 +00:00
Rony
07cc6be922
chg: [threat-actor] UNC3236 removed 2024-04-20 18:42:27 +00:00
Delta-Sierra
f9e40fc309 merge 2024-04-19 13:28:05 +02:00
Delta-Sierra
ad5992ff3d Feeding with Cutting Edge, Part 4 data 2024-04-19 13:23:59 +02:00
Mathieu Beligon
eed81e9a72 [threat-actors] r0ny123 review 2024-04-18 12:35:10 +02:00
Mathieu Beligon
b68e08de63 Merge branch 'main' into threat-actors/666b2554-9bea-42e8-9e11-299597de70b3 2024-04-18 12:31:41 +02:00
2a6bf0010c
chg: [threat-actor] APT44 added
Ref: https://services.google.com/fh/files/misc/apt44-unearthing-sandworm.pdf
2024-04-18 06:20:48 +02:00
Mathieu4141
148ff926c0 [threat-actors] Add APT41 aliases 2024-04-17 10:09:09 -07:00
Mathieu4141
640018599a [threat-actors] Add Starry Addax 2024-04-17 10:09:09 -07:00
Mathieu4141
8d8085530d [threat-actors] Add Volt Typhoon aliases 2024-04-17 10:09:09 -07:00
Mathieu4141
bf5dd6e382 [threat-actors] Add Earth Hundun 2024-04-17 10:09:09 -07:00
Mathieu4141
64533dba91 [threat-actors] Add RUBYCARP 2024-04-17 10:09:09 -07:00
Mathieu4141
9f33bdc13c [threat-actors] Add CoralRaider 2024-04-17 10:09:09 -07:00
Mathieu4141
b4628a815e [threat-actors] Add Sandworm aliases 2024-04-17 10:09:09 -07:00
Mathieu4141
94a76ab5a8 [threat-actors] Add BlackJack 2024-04-17 10:09:09 -07:00
Mathieu4141
6870ac7c42 [threat-actors] Add Smishing Triad 2024-04-17 10:09:09 -07:00
Mathieu4141
2cf8b058bb [threat-actors] Add Bignosa 2024-04-17 10:09:08 -07:00
Mathieu4141
bb09f64e8b [threat-actors] Add Opal Sleet aliases 2024-04-17 10:09:08 -07:00
Mathieu4141
1f67eeadf7 [threat-actors] Add CyberNiggers 2024-04-17 10:09:08 -07:00
Rony
ff07821cca
chg: [threat-actors] updated with references 2024-04-16 16:08:39 +00:00
Rony
bfceda0029
chg: [threat-actors] add Storm-0558 references 2024-04-11 04:15:38 +00:00
Rony
605676806b
Merge branch 'MISP:main' into cn 2024-03-29 22:28:22 +05:30
Mathieu4141
22bea56895 [threat-actors] Add UNC5174 2024-03-27 05:09:24 -07:00
Mathieu4141
541eb4a4a9 [threat-actors] Add Saad Tycoon 2024-03-27 05:09:24 -07:00
Mathieu4141
769cd4f47b [threat-actors] Add Edalat-e Ali 2024-03-27 05:09:24 -07:00
Mathieu4141
ab52990840 [threat-actors] Add SilitNetwork 2024-03-27 05:09:24 -07:00
Mathieu4141
120f5c9b3f [threat-actors] Add Lazarus Group aliases 2024-03-27 05:09:24 -07:00
Rony
bd7a3c90bb
fix: [threat-actor] remove comma 2024-03-25 19:39:46 +00:00
Rony
d0a1e04de6
chg: [threat-actors] updated with references 2024-03-26 00:59:48 +05:30
Delta-Sierra
f7eaa3d9d7 merge 2024-03-21 16:04:35 +01:00
Delta-Sierra
7e715b63e7 add Germany as target for several Threat actors 2024-03-21 16:00:31 +01:00
Mathieu4141
38d0804f9c [threat-actors] Add Earth Krahang 2024-03-20 10:23:42 -07:00
Mathieu4141
bef50816a4 [threat-actors] Add MuddyWater aliases 2024-03-20 10:23:42 -07:00
Mathieu4141
b2e9f6c152 [threat-actors] Add Earth Kapre 2024-03-20 10:23:42 -07:00
Mathieu4141
6490424201 [threat-actors] Add UNC5325 2024-03-20 10:23:42 -07:00
Daniel Plohmann
77b7ed2f01
adding aliases from UA's H1'2023 report 2024-03-12 10:15:12 +01:00
3f039b5932
fix: [threat-actor] fix #942
`Hyppo Team` was present in two clusters. We just kept the alias
for `Turla`.
2024-03-11 10:00:15 +01:00
Mathieu4141
c11834aec4 [threat-actors] Add R00tK1T 2024-02-29 10:38:27 -08:00
Mathieu4141
39f89c900c [threat-actors] Add Mogilevich 2024-02-29 10:38:27 -08:00
Mathieu4141
cc68b22fe2 [threat-actors] Add UNC1549 2024-02-29 10:38:27 -08:00
Mathieu4141
7b3c8a87c3 [threat-actors] Add UAC-0184 2024-02-29 10:38:27 -08:00
Mathieu4141
b010a75426 [threat-actors] Add SPIKEDWINE 2024-02-29 10:38:27 -08:00
364b835d8e
chg: [threat-actor] version updated 2024-02-23 15:46:11 +01:00
Mathieu4141
9c85cbc223 [threat-actors] Add GoldFactory 2024-02-20 05:22:26 -08:00
Mathieu4141
82b347682c [threat-actors] Add Winter Vivern aliases 2024-02-20 05:22:26 -08:00
Mathieu4141
4e61e7275a [threat-actors] Add Cyber.Anarchy.Squad 2024-02-20 05:22:26 -08:00
Mathieu4141
ccfd207e59 [threat-actors] Add LabHost 2024-02-20 05:22:26 -08:00
Mathieu4141
83198aa663 [threat-actors] Add ShadowSyndicate 2024-02-20 05:22:25 -08:00
Mathieu4141
d3f5a26ec0 [threat-actors] Add ResumeLooters 2024-02-20 05:22:25 -08:00
Mathieu4141
6ddf39e1ae [threat-actors] Add Charming Kitten aliases 2024-02-20 05:22:25 -08:00
Mathieu4141
96adf0ba8f [threat-actors] Add ProCC 2024-02-20 05:22:25 -08:00
7ed94eb865
chg: [threat-actor] fixed 2024-02-16 18:41:46 +01:00
jstnk9
b3a25c57b3 added new information in relation to the Mandiant-Google TAG Report
New information added via https://services.google.com/fh/files/misc/tool-of-first-resort-israel-hamas-war-cyber.pdf
2024-02-16 17:36:09 +01:00
Mathieu4141
f4d69382cf [threat-actors] Add Blackatom 2024-02-15 03:42:29 -08:00
Mathieu4141
ed26f4d246 [threat-actors] Add TA2725 2024-02-15 03:42:28 -08:00
Daniel Plohmann
8a359dbd43
merge KNOCKOUT SPIDER -> Evilnum
Based on newer public reporting grouping these.
2024-02-08 10:38:04 +01:00
Mathieu4141
02bec6da4f [threat-actors] Add TwoSail Junk aliases 2024-02-06 07:30:07 -08:00
Mathieu4141
6235ee49f7 [threat-actors] Add Operation Emmental 2024-02-06 07:30:07 -08:00
Mathieu4141
c740c6f1e1 [threat-actors] Add Urpage 2024-02-06 07:30:06 -08:00
Mathieu4141
f58c20fc20 [threat-actors] Add APT23 aliases 2024-02-06 07:30:06 -08:00
Mathieu4141
9a2e09d86c [threat-actors] Add Operation C-Major aliases 2024-02-06 07:30:06 -08:00
Mathieu4141
5194939603 [threat-actors] Add Tonto Team aliases 2024-02-06 07:30:06 -08:00
Mathieu4141
cc4dca679b [threat-actors] Add Earth Yako 2024-02-06 07:30:06 -08:00
Mathieu4141
baaf153229 [threat-actors] Add Operation Red Signature 2024-02-06 07:30:06 -08:00
Mathieu4141
859d3f7ac0 [threat-actors] Add Earth Berberoka aliases 2024-02-06 07:30:06 -08:00
Mathieu4141
55083776a0 [threat-actors] Add Domestic Kitten aliases 2024-02-06 07:30:05 -08:00
Delta-Sierra
8643f5f555 Merge https://github.com/MISP/misp-galaxy 2024-02-06 15:11:53 +01:00
Delta-Sierra
ea16f1811a adding several webshells and open source tools 2024-02-06 15:09:41 +01:00
Mathieu4141
957e848a6f [threat-actors] Add Ferocious Kitten 2024-02-05 09:20:11 -08:00
Mathieu4141
3a44200a0c [threat-actors] Add APT5 aliases 2024-02-05 09:20:11 -08:00
Mathieu4141
d2586524e3 [threat-actors] Add CardinalLizard 2024-02-05 09:20:11 -08:00
Mathieu4141
045ec7071f [threat-actors] Add Operation Ghoul 2024-02-05 09:20:11 -08:00
Mathieu4141
3a15a27584 [threat-actors] Add Operation Triangulation 2024-02-05 09:20:11 -08:00
Mathieu4141
c97fc15d59 [threat-actors] Add GhostEmperor 2024-02-05 09:20:11 -08:00
Mathieu4141
cff0da0b3a [threat-actors] Add RevengeHotels 2024-02-05 09:20:10 -08:00
Mathieu4141
40becc0ee9 [threat-actors] Add Fishing Elephant 2024-02-05 09:20:10 -08:00
Mathieu4141
dd01813e51 [threat-actors] Add ShaggyPanther 2024-02-05 09:20:10 -08:00
Mathieu4141
bffb0ef644 [threat-actors] Add Tomiris 2024-02-05 09:20:10 -08:00
Mathieu4141
3379a0777b [threat-actors] Add Karkadann 2024-02-05 09:20:10 -08:00
b35d4bd07a
chg: [threat-actor] version updated 2024-02-05 15:21:25 +01:00
Mathieu4141
ffeed3447f [threat-actors] Add Silent Librarian aliases 2024-02-05 03:39:17 -08:00
Mathieu4141
9c5bc36ab4 [threat-actors] Add MuddyWater aliases 2024-02-05 03:39:17 -08:00
Mathieu4141
4699f65425 [threat-actors] Add TA2719 2024-02-05 03:39:17 -08:00
Mathieu4141
fc173c1a78 [threat-actors] Add APT10 aliases 2024-02-05 03:39:17 -08:00
Mathieu4141
bd0d541a7a [threat-actors] Add OilRig aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
9cb1fd6aa8 [threat-actors] Add Lazarus Group aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
57016ac3ae [threat-actors] Add TA2722 2024-02-05 03:39:16 -08:00
Mathieu4141
be8e127590 [threat-actors] Add APT39 aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
40f65a9d91 [threat-actors] Add Evilnum aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
3f6ff94c89 [threat-actors] Add APT33 aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
72504d286a [threat-actors] Add MUSTANG PANDA aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
3690ab0e24 [threat-actors] Add TA2552 2024-02-05 03:39:16 -08:00
Mathieu4141
a456e419d8 [threat-actors] Add APT31 aliases 2024-02-05 03:39:16 -08:00
Mathieu4141
e497ec2b38 [threat-actors] Add Storm-1575 2024-02-01 11:02:05 -08:00
Mathieu4141
a42dc67fb6 [threat-actors] Add Storm-0835 2024-02-01 11:02:05 -08:00
Mathieu4141
1589a943a9 [threat-actors] Add Storm-1674 2024-02-01 11:02:05 -08:00
Mathieu4141
0b571d7e76 [threat-actors] Add Storm-0829 2024-02-01 11:02:05 -08:00
Mathieu4141
7607dc70cf [threat-actors] Add Storm-1567 2024-02-01 11:02:05 -08:00