Merge branch 'adammchugh-threatactor-cosmiclynx-add' into main

pull/713/head
Alexandre Dulaunoy 2022-05-09 13:43:58 +02:00
commit 2042fde3ff
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 11 additions and 2 deletions

View File

@ -9130,7 +9130,7 @@
"value": "BladeHawk" "value": "BladeHawk"
}, },
{ {
"description": "", "description": "The title Copy-paste compromises is derived from the actors heavy use of tools copied almost identically from open source given by The Australian Government.",
"meta": { "meta": {
"cfr-suspected-victims": [ "cfr-suspected-victims": [
"Australia" "Australia"
@ -9248,7 +9248,16 @@
}, },
"uuid": "bfe66711-32dc-4c1f-b78b-9b2f9e4c1525", "uuid": "bfe66711-32dc-4c1f-b78b-9b2f9e4c1525",
"value": "Red Menshen" "value": "Red Menshen"
},
{
"description": "Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.",
"meta": {
"cfr-type-of-incident": "Business Email Compromise",
"refs": "https://www.agari.com/cyber-intelligence-research/whitepapers/acid-agari-cosmic-lynx.pdf"
},
"uuid": "54ae5c75-8aab-41a8-971a-03d53db9b35c",
"value": "Cosmic Lynx"
} }
], ],
"version": 222 "version": 223
} }