From 014aa325b791b860b289031a2b1e9a4eff297747 Mon Sep 17 00:00:00 2001 From: Nex Date: Wed, 26 Sep 2018 23:05:46 +0200 Subject: [PATCH 1/2] Added missing country values --- clusters/threat-actor.json | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index caeb116b..002afddc 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -5760,7 +5760,8 @@ "cfr-type-of-incident": "Espionage", "cfr-target-category": [ "Private sector" - ] + ], + "country": "RU" }, "uuid": "75ae52b2-bca3-11e8-af90-a78f33eee6c1" }, @@ -5796,7 +5797,8 @@ "cfr-target-category": [ "Government", "Private sector" - ] + ], + "country": "RU" }, "uuid": "358b8982-bcaa-11e8-8a5b-4b618197c5b0", "related": [ @@ -5827,7 +5829,8 @@ "cfr-type-of-incident": "Espionage", "cfr-target-category": [ "Government" - ] + ], + "country": "RU" }, "uuid": "1572f618-bcb3-11e8-841b-1fd7f9cfe126", "related": [ @@ -5858,7 +5861,8 @@ "cfr-target-category": [ "Civil society", "Government" - ] + ], + "country": "CN" }, "uuid": "bea5e256-bcc0-11e8-a478-bbf7e7585a1e" }, From 46eddf18743b15573b880e08120e869c619dc4f1 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 27 Sep 2018 15:43:49 +0200 Subject: [PATCH 2/2] chg: [botnet] Torii added --- clusters/botnet.json | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/clusters/botnet.json b/clusters/botnet.json index 12f09bea..db9b92dc 100644 --- a/clusters/botnet.json +++ b/clusters/botnet.json @@ -886,7 +886,16 @@ } ], "uuid": "025ab0ce-bffc-11e8-be19-d70ec22c5d56" + }, + { + "value": "Torii", + "description": " we have been observing a new malware strain, which we call Torii, that differs from Mirai and other botnets we know of, particularly in the advanced techniques it uses.", + "meta": { + "refs": [ + "https://blog.avast.com/new-torii-botnet-threat-research" + ] + } } ], - "version": 12 + "version": 13 }