mirror of https://github.com/MISP/misp-galaxy
chg: [tool] Karkoff tool added
parent
e727a6eb63
commit
088e7477a6
|
@ -7630,7 +7630,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "e1ca79ea-5628-4266-bb36-3892c7126ef4",
|
"uuid": "e1ca79ea-5628-4266-bb36-3892c7126ef4",
|
||||||
"value": "Brushaloader"
|
"value": "Brushaloader"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"uuid": "a9fc6d3d-09d5-45c3-a91e-e8c61ef37908",
|
||||||
|
"value": "Karkoff",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"description": "In addition to increased reports of threat activity, we have also discovered new evidence that the threat actors behind the DNSpionage campaign continue to change their tactics, likely in an attempt to improve the efficacy of their operations. In February, we discovered some changes to the actors' tactics, techniques and procedures (TTPs), including the use of a new reconnaissance phase that selectively chooses which targets to infect with malware. In April 2019, we also discovered the actors using a new malware, which we are calling Karkoff."
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 116
|
"version": 117
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue