mirror of https://github.com/MISP/misp-galaxy
[Threat-Actor] Added Storm-0558
parent
c585caa4db
commit
11bf649626
|
@ -12047,6 +12047,27 @@
|
|||
],
|
||||
"uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e",
|
||||
"value": "Void Rabisu"
|
||||
},
|
||||
{
|
||||
"description": "Storm-0558 is a China-based threat actor with espionage objectives. While there are some minimal overlaps with other Chinese groups such as Violet Typhoon (ZIRCONIUM, APT31), Microsoft maintain high confidence that Storm-0558 operates as its own distinct group",
|
||||
"meta": {
|
||||
"cfr-suspected-victims": [
|
||||
"United States"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government"
|
||||
],
|
||||
"attribution-confidence": "50",
|
||||
"country": "CN",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"references": [
|
||||
"https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/",
|
||||
"https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/"
|
||||
]
|
||||
},
|
||||
"uuid": "5b30bcb8-4923-45cc-bc89-29651ca5d54e",
|
||||
"value": "Storm-0558"
|
||||
}
|
||||
],
|
||||
"version": 287
|
||||
|
|
Loading…
Reference in New Issue