mirror of https://github.com/MISP/misp-galaxy
update threat actor
parent
468800ed59
commit
189c3066a5
|
@ -45,7 +45,14 @@
|
||||||
"https://en.wikipedia.org/wiki/PLA_Unit_61398",
|
"https://en.wikipedia.org/wiki/PLA_Unit_61398",
|
||||||
"http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf",
|
"http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf",
|
||||||
"https://www.cfr.org/interactive/cyber-operations/pla-unit-61398",
|
"https://www.cfr.org/interactive/cyber-operations/pla-unit-61398",
|
||||||
"https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf"
|
"https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf",
|
||||||
|
"https://blog.trendmicro.com/trendlabs-security-intelligence/the-siesta-campaign-a-new-targeted-attack-awakens/",
|
||||||
|
"https://www.fireeye.com/blog/threat-research/2014/03/a-detailed-examination-of-the-siesta-campaign.html",
|
||||||
|
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/operation-oceansalt-delivers-wave-after-wave/",
|
||||||
|
"https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-oceansalt.pdf",
|
||||||
|
"https://www.symantec.com/connect/blogs/apt1-qa-attacks-comment-crew",
|
||||||
|
"https://attack.mitre.org/groups/G0006/",
|
||||||
|
"https://www.nytimes.com/2014/05/20/us/us-to-charge-chinese-workers-with-cyberspying.html"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Comment Panda",
|
"Comment Panda",
|
||||||
|
@ -58,7 +65,9 @@
|
||||||
"TG-8223",
|
"TG-8223",
|
||||||
"Comment Group",
|
"Comment Group",
|
||||||
"Brown Fox",
|
"Brown Fox",
|
||||||
"GIF89a"
|
"GIF89a",
|
||||||
|
"ShadyRAT",
|
||||||
|
"Shanghai Group"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
@ -4606,7 +4615,9 @@
|
||||||
"https://blog.domaintools.com/2017/03/hunt-case-study-hunting-campaign-indicators-on-privacy-protected-attack-infrastructure/",
|
"https://blog.domaintools.com/2017/03/hunt-case-study-hunting-campaign-indicators-on-privacy-protected-attack-infrastructure/",
|
||||||
"http://www.clearskysec.com/copykitten-jpost/",
|
"http://www.clearskysec.com/copykitten-jpost/",
|
||||||
"http://www.clearskysec.com/tulip/",
|
"http://www.clearskysec.com/tulip/",
|
||||||
"https://www.cfr.org/interactive/cyber-operations/copykittens"
|
"https://www.cfr.org/interactive/cyber-operations/copykittens",
|
||||||
|
"https://www.clearskysec.com/wp-content/uploads/2017/07/Operation_Wilted_Tulip.pdf",
|
||||||
|
"https://attack.mitre.org/groups/G0052/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Slayer Kitten"
|
"Slayer Kitten"
|
||||||
|
@ -5243,7 +5254,8 @@
|
||||||
"attribution-confidence": "50",
|
"attribution-confidence": "50",
|
||||||
"country": "LB",
|
"country": "LB",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf"
|
"https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf",
|
||||||
|
"https://attack.mitre.org/groups/G0070/"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "3d449c83-4426-431a-b06a-cb4f8a0fca94",
|
"uuid": "3d449c83-4426-431a-b06a-cb4f8a0fca94",
|
||||||
|
|
Loading…
Reference in New Issue