mirror of https://github.com/MISP/misp-galaxy
tryto fix duplicate
parent
e4245ee991
commit
11c2f43c9f
|
@ -2111,16 +2111,15 @@
|
|||
"cfr-type-of-incident": "Espionage",
|
||||
"country": "IR",
|
||||
"refs": [
|
||||
"http://cdn2.hubspot.net/hubfs/270968/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf",
|
||||
"https://www.secureworks.com/research/the-curious-case-of-mia-ash",
|
||||
"http://www.secureworks.com/cyber-threat-intelligence/threats/suspected-iran-based-hacker-group-creates-network-of-fake-linkedin-profiles/",
|
||||
"https://www.cfr.org/interactive/cyber-operations/operation-cleaver",
|
||||
"https://www.cfr.org/interactive/cyber-operations/magic-hound",
|
||||
"https://www.secureworks.com/research/the-curious-case-of-mia-ash",
|
||||
"https://www.cfr.org/interactive/cyber-operations/operation-cleaver",
|
||||
"http://cdn2.hubspot.net/hubfs/270968/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf",
|
||||
"http://www.secureworks.com/cyber-threat-intelligence/threats/suspected-iran-based-hacker-group-creates-network-of-fake-linkedin-profiles/",
|
||||
"https://www.cylance.com/content/dam/cylance/pages/operation-cleaver/Cylance_Operation_Cleaver_Report.pdf",
|
||||
"https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-when-kittens-go-phishing",
|
||||
"https://unit42.paloaltonetworks.com/unit42-magic-hound-campaign-attacks-saudi-targets/",
|
||||
"https://www.secureworks.com/blog/iranian-pupyrat-bites-middle-eastern-organizations",
|
||||
"https://www.secureworks.com/research/the-curious-case-of-mia-ash",
|
||||
"https://blogs.microsoft.com/on-the-issues/2019/03/27/new-steps-to-protect-customers-from-hacking/",
|
||||
"https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-spy-kittens-are-back.pdf",
|
||||
"https://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf",
|
||||
|
@ -2134,7 +2133,6 @@
|
|||
"2889",
|
||||
"TG-2889",
|
||||
"Cobalt Gypsy",
|
||||
"Ghambar",
|
||||
"Rocket_Kitten",
|
||||
"Cutting Kitten",
|
||||
"Group 41",
|
||||
|
@ -2897,15 +2895,15 @@
|
|||
"refs": [
|
||||
"https://threatpost.com/operation-blockbuster-coalition-ties-destructive-attacks-to-lazarus-group/116422/",
|
||||
"https://www.us-cert.gov/ncas/alerts/TA17-164A",
|
||||
"https://securelist.com/lazarus-under-the-hood/77908/",
|
||||
"http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf",
|
||||
"https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity",
|
||||
"https://www.us-cert.gov/ncas/alerts/TA17-318A",
|
||||
"https://www.us-cert.gov/ncas/alerts/TA17-318B",
|
||||
"https://securelist.com/operation-applejeus/87553/",
|
||||
"https://securelist.com/lazarus-under-the-hood/77908/",
|
||||
"https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity",
|
||||
"http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf",
|
||||
"https://www.bleepingcomputer.com/news/security/north-korean-hackers-are-up-to-no-good-again/",
|
||||
"https://www.cfr.org/interactive/cyber-operations/lazarus-group",
|
||||
"https://www.cfr.org/interactive/cyber-operations/operation-ghostsecret",
|
||||
"https://securelist.com/operation-applejeus/87553/",
|
||||
"https://www.cfr.org/interactive/cyber-operations/compromise-cryptocurrency-exchanges-south-korea",
|
||||
"https://www.bleepingcomputer.com/news/security/lazarus-group-deploys-its-first-mac-malware-in-cryptocurrency-exchange-hack/",
|
||||
"https://content.fireeye.com/apt/rpt-apt38",
|
||||
|
@ -2920,17 +2918,15 @@
|
|||
"https://www.welivesecurity.com/2018/04/03/lazarus-killdisk-central-american-casino/",
|
||||
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant/",
|
||||
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide/",
|
||||
"https://securelist.com/operation-applejeus/87553/",
|
||||
"https://www.us-cert.gov/ncas/analysis-reports/AR19-129A",
|
||||
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/",
|
||||
"https://securelist.com/cryptocurrency-businesses-still-being-targeted-by-lazarus/90019/",
|
||||
"https://www.theregister.co.uk/2019/04/10/lazarus_group_malware/",
|
||||
"https://www.us-cert.gov/ncas/analysis-reports/AR19-129A",
|
||||
"https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf",
|
||||
"https://www.justice.gov/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and",
|
||||
"https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-look-into-the-lazarus-groups-operations",
|
||||
"https://www.kaspersky.com/about/press-releases/2017_chasing-lazarus-a-hunt-for-the-infamous-hackers-to-prevent-large-bank-robberies",
|
||||
"https://medium.com/threat-intel/lazarus-attacks-wannacry-5fdeddee476c",
|
||||
"https://content.fireeye.com/apt/rpt-apt38",
|
||||
"https://attack.mitre.org/groups/G0032/",
|
||||
"https://threatpost.com/lazarus-apt-spinoff-linked-to-banking-hacks/124746/",
|
||||
"https://www.symantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers",
|
||||
|
@ -5545,7 +5541,6 @@
|
|||
"https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html",
|
||||
"https://www.recordedfuture.com/chinese-threat-actor-tempperiscope/",
|
||||
"https://www.fireeye.com/blog/threat-research/2018/07/chinese-espionage-group-targets-cambodia-ahead-of-elections.html",
|
||||
"https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html",
|
||||
"https://attack.mitre.org/groups/G0065/"
|
||||
],
|
||||
"synonyms": [
|
||||
|
|
Loading…
Reference in New Issue