MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [attck4fraud] more manual updates with E.A.S.T. data

pull/853/head
Christophe Vandeplas 2023-05-13 08:43:21 +02:00
parent b4e8d1389e
commit 1d9f59eb2d
No known key found for this signature in database
GPG Key ID: BDC48619FFDC5A5B
2 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
clusters/attck4fraud.json
View File

@ -51,7 +51,10 @@
"https://www.ibtimes.co.uk/russian-hackers-fancy-bear-likely-breached-olympic-drug-testing-agency-dnc-experts-say-1577508", "https://www.ibtimes.co.uk/russian-hackers-fancy-bear-likely-breached-olympic-drug-testing-agency-dnc-experts-say-1577508",
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
], ],
"victim": "end customer, enterprise" "victim": "end customer, enterprise",
"synonyms": [
"Spear-phishing"
]
}, },
"uuid": "41f7cfc1-51ed-4a8d-aba9-34f9c6b8388b", "uuid": "41f7cfc1-51ed-4a8d-aba9-34f9c6b8388b",
"value": "Spear phishing" "value": "Spear phishing"
@ -83,6 +86,9 @@
"https://blog.dieboldnixdorf.com/have-you-asked-yourself-this-question-about-skimming/", "https://blog.dieboldnixdorf.com/have-you-asked-yourself-this-question-about-skimming/",
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
], ],
"synonyms": [
"Skimming - CPP ATM"
],
"victim": "end customer, enterprise" "victim": "end customer, enterprise"
}, },
"uuid": "0e45e11c-9c24-49a2-b1fe-5d78a235844b", "uuid": "0e45e11c-9c24-49a2-b1fe-5d78a235844b",
@ -97,6 +103,9 @@
"refs": [ "refs": [
"https://medium.com/@netsentries/beware-of-atm-cash-trapping-9421e498dfcf", "https://medium.com/@netsentries/beware-of-atm-cash-trapping-9421e498dfcf",
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
],
"synonyms": [
"Cash Trapping"
] ]
}, },
"uuid": "1e709b6e-ff4a-4645-adec-42f9636d38f8", "uuid": "1e709b6e-ff4a-4645-adec-42f9636d38f8",
@ -147,6 +156,9 @@
], ],
"refs": [ "refs": [
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
],
"synonyms": [
"Skimming - CPP POS"
] ]
}, },
"uuid": "c33778e5-b5cc-4d12-8e4e-a329156d988c", "uuid": "c33778e5-b5cc-4d12-8e4e-a329156d988c",
@ -193,6 +205,9 @@
], ],
"refs": [ "refs": [
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
],
"synonyms": [
"Black Box Attack"
] ]
}, },
"uuid": "6bec22cb-9aed-426a-bffc-b0a78db6527a", "uuid": "6bec22cb-9aed-426a-bffc-b0a78db6527a",
@ -229,6 +244,9 @@
], ],
"refs": [ "refs": [
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
],
"synonyms": [
"Romance Fraud"
] ]
}, },
"uuid": "8ac64815-52c0-4d14-a4e4-4a19b2a6057d", "uuid": "8ac64815-52c0-4d14-a4e4-4a19b2a6057d",
@ -262,6 +280,9 @@
], ],
"refs": [ "refs": [
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/" "https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
],
"synonyms": [
"Invoice Fraud"
] ]
}, },
"uuid": "a0f764d1-b541-4ee7-bb30-21b9a735f644", "uuid": "a0f764d1-b541-4ee7-bb30-21b9a735f644",
@ -298,20 +319,32 @@
"value": "CxO Fraud" "value": "CxO Fraud"
}, },
{ {
"description": "Compromised Payment Cards", "description": "The loss of or theft of a card, which is subsequently used for illegal purposes until blocked by the card issuer.",
"meta": { "meta": {
"kill_chain": [ "kill_chain": [
"fraud-tactics:Obtain Fraudulent Assets" "fraud-tactics:Obtain Fraudulent Assets"
],
"synonyms": [
"Lost/Stolen Card"
],
"refs": [
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
] ]
}, },
"uuid": "d46e397f-8957-41f1-8736-13400b9e82fc", "uuid": "d46e397f-8957-41f1-8736-13400b9e82fc",
"value": "Compromised Payment Cards" "value": "Compromised Payment Cards"
}, },
{ {
"description": "Compromised Account Credentials", "description": "Account takeover fraud is a form of identity theft in which the fraudster gets access to a victim's bank or credit card accounts -- through a data breach, malware or phishing -- and uses them to make unauthorised transaction.",
"meta": { "meta": {
"kill_chain": [ "kill_chain": [
"fraud-tactics:Obtain Fraudulent Assets" "fraud-tactics:Obtain Fraudulent Assets"
],
"synonyms": [
"Account Takeover Fraud"
],
"refs": [
"https://www.association-secure-transactions.eu/industry-information/fraud-definitions/"
] ]
}, },
"uuid": "7d71e71c-502f-412a-8fc7-584de8a9d203", "uuid": "7d71e71c-502f-412a-8fc7-584de8a9d203",

5
galaxies/attck4fraud.json
View File

@ -8,12 +8,13 @@
"Perform Fraud", "Perform Fraud",
"Obtain Fraudulent Assets", "Obtain Fraudulent Assets",
"Assets Transfer", "Assets Transfer",
"Monetisation" "Monetisation",
"Due Diligence"
] ]
}, },
"name": "attck4fraud", "name": "attck4fraud",
"namespace": "misp", "namespace": "misp",
"type": "financial-fraud", "type": "financial-fraud",
"uuid": "cc0c8ae9-aec2-42c6-9939-f4f82b051836", "uuid": "cc0c8ae9-aec2-42c6-9939-f4f82b051836",
"version": 1 "version": 2
} }