MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

update threat actor galaxy

pull/414/head
Deborah Servili 2019-06-11 16:14:58 +02:00
parent 347ed5d529
commit 1ba7f19ca2
No known key found for this signature in database
GPG Key ID: 7E3A832850D4D7D1
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
clusters/threat-actor.json
View File

@ -7047,7 +7047,18 @@
},
"uuid": "bc8390aa-8c4e-11e9-a9cb-e37c361210af",
"value": "Group5"
},
{
"description": "McAfee Advanced Threat Research analysts have discovered a new operation targeting humanitarian aid organizations and using North Korean political topics as bait to lure victims into opening malicious Microsoft Word documents. Our analysts have named this Operation Honeybee, based on the names of the malicious documents used in the attacks.\nAdvanced Threat Research analysts have also discovered malicious documents authored by the same actor that indicate a tactical shift. These documents do not contain the typical lures by this actor, instead using Word compatibility messages to entice victims into opening them.\nThe Advanced Threat Research team also observed a heavy concentration of the implant in Vietnam from January 1517.",
"meta": {
"refs": [
"https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/",
"https://attack.mitre.org/groups/G0072/"
]
},
"uuid": "2d82a18e-8c53-11e9-b0ec-536b62fa3d86",
"value": "Honeybee"
}
],
"version": 112
"version": 113
}