mirror of https://github.com/MISP/misp-galaxy
add PwC naming to CN actors
Rony
parent
3fabd58416
commit
2e8a577b0c
|
|
@ -651,9 +651,7 @@
|
||||||
"Winnti Group",
|
"Winnti Group",
|
||||||
"Suckfly",
|
"Suckfly",
|
||||||
"APT41",
|
"APT41",
|
||||||
"APT 41",
|
|
||||||
"Group72",
|
"Group72",
|
||||||
"Group 72",
|
|
||||||
"Blackfly",
|
"Blackfly",
|
||||||
"LEAD",
|
"LEAD",
|
||||||
"WICKED SPIDER",
|
"WICKED SPIDER",
|
||||||
|
|
@ -897,7 +895,8 @@
|
||||||
"DRAGONFISH",
|
"DRAGONFISH",
|
||||||
"BRONZE ELGIN",
|
"BRONZE ELGIN",
|
||||||
"ATK1",
|
"ATK1",
|
||||||
"G0030"
|
"G0030",
|
||||||
|
"Red Salamander"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
|
@ -1409,7 +1408,9 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"IceFog",
|
"IceFog",
|
||||||
"Dagger Panda",
|
"Dagger Panda",
|
||||||
"Trident"
|
"Trident",
|
||||||
|
"RedFoxtrot",
|
||||||
|
"Red Wendigo"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "32c534b9-abec-4823-b223-a810f897b47b",
|
"uuid": "32c534b9-abec-4823-b223-a810f897b47b",
|
||||||
|
|
@ -6327,8 +6328,12 @@
|
||||||
"description": "Recorded Future’s Insikt Group has identified two new cyberespionage campaigns targeting the Tibetan Community over the past two years. The campaigns, which we are collectively naming RedAlpha, combine light reconnaissance, selective targeting, and diverse malicious tooling. We discovered this activity as the result of pivoting off of a new malware sample observed targeting the Tibetan community based in India.",
|
"description": "Recorded Future’s Insikt Group has identified two new cyberespionage campaigns targeting the Tibetan Community over the past two years. The campaigns, which we are collectively naming RedAlpha, combine light reconnaissance, selective targeting, and diverse malicious tooling. We discovered this activity as the result of pivoting off of a new malware sample observed targeting the Tibetan community based in India.",
|
||||||
"meta": {
|
"meta": {
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.recordedfuture.com/redalpha-cyber-campaigns/",
|
"https://www.recordedfuture.com/chinese-cyberespionage-operations",
|
||||||
"https://go.recordedfuture.com/hubfs/reports/cta-2018-0626.pdf"
|
"https://go.recordedfuture.com/hubfs/reports/cta-2018-0626.pdf"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"DeepCliff",
|
||||||
|
"Red Dev 3"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "71a3b962-9a36-11e8-88f8-b31d20c6fa2a",
|
"uuid": "71a3b962-9a36-11e8-88f8-b31d20c6fa2a",
|
||||||
|
|
@ -7425,7 +7430,8 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"ZIRCONIUM",
|
"ZIRCONIUM",
|
||||||
"JUDGMENT PANDA",
|
"JUDGMENT PANDA",
|
||||||
"BRONZE VINEWOOD"
|
"BRONZE VINEWOOD",
|
||||||
|
"Red keres"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "6bf7e6b6-5917-45a6-9567-f0baba79768c",
|
"uuid": "6bf7e6b6-5917-45a6-9567-f0baba79768c",
|
||||||
|
|
@ -7483,7 +7489,8 @@
|
||||||
"Palmerworm",
|
"Palmerworm",
|
||||||
"G0098",
|
"G0098",
|
||||||
"T-APT-03",
|
"T-APT-03",
|
||||||
"Manga Taurus"
|
"Manga Taurus",
|
||||||
|
"Red Djinn"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "320c42f7-eab7-4ef9-b09a-74396caa6c3e",
|
"uuid": "320c42f7-eab7-4ef9-b09a-74396caa6c3e",
|
||||||
|
|
@ -7821,10 +7828,6 @@
|
||||||
"country": "CN",
|
"country": "CN",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.proofpoint.com/us/threat-insight/post/chinese-apt-operation-lagtime-it-targets-government-information-technology"
|
"https://www.proofpoint.com/us/threat-insight/post/chinese-apt-operation-lagtime-it-targets-government-information-technology"
|
||||||
],
|
|
||||||
"synonyms": [
|
|
||||||
"Temp.Hex",
|
|
||||||
"Vicious Panda"
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "5533d062-18ab-4c70-9472-0eac03f95a1d",
|
"uuid": "5533d062-18ab-4c70-9472-0eac03f95a1d",
|
||||||
|
|
@ -8667,7 +8670,8 @@
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"ATK233",
|
"ATK233",
|
||||||
"G0125",
|
"G0125",
|
||||||
"Operation Exchange Marauder"
|
"Operation Exchange Marauder",
|
||||||
|
"Red Dev 13"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "4f05d6c1-3fc1-4567-91cd-dd4637cc38b5",
|
"uuid": "4f05d6c1-3fc1-4567-91cd-dd4637cc38b5",
|
||||||
|
|
@ -9722,13 +9726,15 @@
|
||||||
"https://www.recordedfuture.com/chinese-group-tag-22-targets-nepal-philippines-taiwan",
|
"https://www.recordedfuture.com/chinese-group-tag-22-targets-nepal-philippines-taiwan",
|
||||||
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi",
|
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi",
|
||||||
"https://media-exp1.licdn.com/dms/document/C561FAQHhWFRcWmdCPw/feedshare-document-pdf-analyzed/0/1639591145314?e=1658966400&v=beta&t=_uCcyEVg6b_VDiBTvWQIXtBOdQ1GQAAydqGyq62KA3E",
|
"https://media-exp1.licdn.com/dms/document/C561FAQHhWFRcWmdCPw/feedshare-document-pdf-analyzed/0/1639591145314?e=1658966400&v=beta&t=_uCcyEVg6b_VDiBTvWQIXtBOdQ1GQAAydqGyq62KA3E",
|
||||||
"https://www.sentinelone.com/wp-content/uploads/2021/08/SentinelOne_-SentinelLabs_ShadowPad_WP_V2.pdf"
|
"https://www.sentinelone.com/wp-content/uploads/2021/08/SentinelOne_-SentinelLabs_ShadowPad_WP_V2.pdf",
|
||||||
|
"https://www.pwc.co.uk/issues/cyber-security-services/research/chasing-shadows.html"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"CHROMIUM",
|
"CHROMIUM",
|
||||||
"ControlX",
|
"ControlX",
|
||||||
"TAG-22",
|
"TAG-22",
|
||||||
"FISHMONGER"
|
"FISHMONGER",
|
||||||
|
"Red Dev 10"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "39150b30-61af-4d9c-9682-1595e145f3c1",
|
"uuid": "39150b30-61af-4d9c-9682-1595e145f3c1",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue