MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

add: Nexus Zeta is no stranger when it comes to implementing SOAP 

relatedrelated exploit ;-)
pull/152/head
Alexandre Dulaunoy 2018-01-25 15:41:47 +01:00
parent 5070314aae
commit 193b474ad2
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/threat-actor.json
View File

@ -2264,6 +2264,10 @@
},
"value": "Dark Caracal",
"description": "Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor, who at the time of writing is believed to be administered out of a building belonging to the Lebanese General Security Directorate in Beirut. At present, we have knowledge of hundreds of gigabytes of exfiltrated data, in 21+ countries, across thousands of victims. Stolen data includes enterprise intellectual property and personally identifiable information."
},
{
"value": "Nexus Zeta",
"description": "Nexus Zeta is no stranger when it comes to implementing SOAP related exploits. The threat actor has already been observed in implementing two other known SOAP related exploits, CVE-20148361 and CVE-201717215 in his Satori botnet project. A third SOAP exploit, TR-069 bug has also been observed previously in IoT botnets. This makes EDB 38722 the fourth SOAP related exploit which is discovered in the wild by IoT botnets."
}
],
"name": "Threat actor",
@ -2278,5 +2282,5 @@
],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 31
"version": 33
}