MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #787 from Mathieu4141/threat-actors/fix-subaat-duplicate 

[threat-actors] Remove subaat duplicate
pull/792/head
Alexandre Dulaunoy 2022-11-03 11:26:21 +01:00 committed by GitHub
parent 610a38cd90 e3e5560e37
commit 3b4dcd6ad3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
clusters/threat-actor.json
View File

@ -5818,16 +5818,6 @@
"uuid": "a3cc5105-3bc6-498b-8d53-981e12d86909",
"value": "The Big Bang"
},
{
"description": "In mid-July, Palo Alto Networks Unit 42 identified a small targeted phishing campaign aimed at a government organization. While tracking the activities of this campaign, we identified a repository of additional malware, including a web server that was used to host the payloads used for both this attack as well as others.",
"meta": {
"refs": [
"https://researchcenter.paloaltonetworks.com/2017/10/unit42-tracking-subaat-targeted-phishing-attacks-point-leader-threat-actors-repository/"
]
},
"uuid": "a7bc4ef2-971a-11e8-9bf0-13aa7d6d8651",
"value": "Subaat"
},
{
"description": "Unit 42 researchers have been tracking Subaat, an attacker, since 2017. Recently Subaat drew our attention due to renewed targeted attack activity. Part of monitoring Subaat included realizing the actor was possibly part of a larger crew of individuals responsible for carrying out targeted attacks against worldwide governmental organizations. Technical analysis on some of the attacks as well as attribution links with Pakistan actors have been already depicted by 360 and Tuisec, in which they found interesting connections to a larger group of attackers Unit 42 researchers have been tracking, which we are calling Gorgon Group.",
"meta": {