replaced various broken links with reachable equivalents

pull/858/head
Daniel Plohmann (Saturn) 2023-08-15 12:32:51 +02:00
parent 7462830337
commit 4127ce9694
1 changed files with 15 additions and 15 deletions

View File

@ -165,7 +165,7 @@
"attribution-confidence": "50", "attribution-confidence": "50",
"country": "CN", "country": "CN",
"refs": [ "refs": [
"http://files.sans.org/summit/Threat_Hunting_Incident_Response_Summit_2016/PDFs/Detecting-and-Responding-to-Pandas-and-Bears-Christopher-Scott-CrowdStrike-and-Wendi-Whitmore-IBM.pdf" "https://dokumen.tips/documents/detecting-and-responding-pandas-and-bears.html"
] ]
}, },
"uuid": "7195b51f-500e-4034-a851-bf34a2728dc8", "uuid": "7195b51f-500e-4034-a851-bf34a2728dc8",
@ -187,7 +187,7 @@
"attribution-confidence": "50", "attribution-confidence": "50",
"country": "CN", "country": "CN",
"refs": [ "refs": [
"http://files.sans.org/summit/Threat_Hunting_Incident_Response_Summit_2016/PDFs/Detecting-and-Responding-to-Pandas-and-Bears-Christopher-Scott-CrowdStrike-and-Wendi-Whitmore-IBM.pdf" "https://dokumen.tips/documents/detecting-and-responding-pandas-and-bears.html"
] ]
}, },
"uuid": "432b0304-768f-4fb9-9762-e745ef524ec7", "uuid": "432b0304-768f-4fb9-9762-e745ef524ec7",
@ -606,7 +606,7 @@
"https://www.bleepingcomputer.com/news/security/us-arrests-chinese-man-involved-with-sakula-malware-used-in-opm-and-anthem-hacks/", "https://www.bleepingcomputer.com/news/security/us-arrests-chinese-man-involved-with-sakula-malware-used-in-opm-and-anthem-hacks/",
"https://gizmodo.com/u-s-indicts-chinese-hacker-spies-in-conspiracy-to-stea-1830111695", "https://gizmodo.com/u-s-indicts-chinese-hacker-spies-in-conspiracy-to-stea-1830111695",
"https://www.cyberscoop.com/anthem-breach-indictment-chinese-national/", "https://www.cyberscoop.com/anthem-breach-indictment-chinese-national/",
"https://www-west.symantec.com/content/dam/symantec/docs/security-center/white-papers/black-vine-cyberespionage-group-15-en.pdf", "https://docs.broadcom.com/doc/the-black-vine-cyberespionage-group",
"https://attack.mitre.org/groups/G0009/", "https://attack.mitre.org/groups/G0009/",
"https://www.secureworks.com/research/threat-profiles/bronze-firestone", "https://www.secureworks.com/research/threat-profiles/bronze-firestone",
"https://www.proofpoint.com/us/exploring-bergard-old-malware-new-tricks", "https://www.proofpoint.com/us/exploring-bergard-old-malware-new-tricks",
@ -873,7 +873,7 @@
"https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Li-To-Loot-Or-Not-To-Loot-That-Is-Not-a-Question.pdf", "https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Li-To-Loot-Or-Not-To-Loot-That-Is-Not-a-Question.pdf",
"https://web.archive.org/web/20140129192702/https://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/", "https://web.archive.org/web/20140129192702/https://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/",
"https://labs.bitdefender.com/2018/02/operation-pzchao-a-possible-return-of-the-iron-tiger-apt/", "https://labs.bitdefender.com/2018/02/operation-pzchao-a-possible-return-of-the-iron-tiger-apt/",
"https://labs.bitdefender.com/wp-content/uploads/downloads/operation-pzchao-inside-a-highly-specialized-espionage-infrastructure/", "https://www.bitdefender.com/files/News/CaseStudies/study/185/Bitdefender-Business-2017-WhitePaper-PZCHAO-crea2452-en-EN-GenericUse.pdf",
"https://www.cfr.org/interactive/cyber-operations/iron-tiger", "https://www.cfr.org/interactive/cyber-operations/iron-tiger",
"https://www.bleepingcomputer.com/news/security/chinese-cyber-espionage-group-hacked-government-data-center/", "https://www.bleepingcomputer.com/news/security/chinese-cyber-espionage-group-hacked-government-data-center/",
"https://www.secureworks.com/research/bronze-union", "https://www.secureworks.com/research/bronze-union",
@ -1328,7 +1328,7 @@
"country": "CN", "country": "CN",
"refs": [ "refs": [
"https://www.cfr.org/interactive/cyber-operations/sneaky-panda", "https://www.cfr.org/interactive/cyber-operations/sneaky-panda",
"https://www-west.symantec.com/content/dam/symantec/docs/security-center/white-papers/elderwood-project-12-en.pdf", "https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=3b0d679a-3707-4075-a2a9-37d1af16d411&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments",
"https://attack.mitre.org/groups/G0066/" "https://attack.mitre.org/groups/G0066/"
], ],
"synonyms": [ "synonyms": [
@ -1871,7 +1871,7 @@
"attribution-confidence": "50", "attribution-confidence": "50",
"country": "IR", "country": "IR",
"refs": [ "refs": [
"http://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/", "https://web.archive.org/web/20161020180305/http://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/",
"https://carnegieendowment.org/2018/01/04/iran-s-cyber-ecosystem-who-are-threat-actors-pub-75140" "https://carnegieendowment.org/2018/01/04/iran-s-cyber-ecosystem-who-are-threat-actors-pub-75140"
], ],
"synonyms": [ "synonyms": [
@ -2455,7 +2455,7 @@
"https://www.welivesecurity.com/2017/03/30/carbon-paper-peering-turlas-second-stage-backdoor/", "https://www.welivesecurity.com/2017/03/30/carbon-paper-peering-turlas-second-stage-backdoor/",
"https://securelist.com/blog/research/72081/satellite-turla-apt-command-and-control-in-the-sky/", "https://securelist.com/blog/research/72081/satellite-turla-apt-command-and-control-in-the-sky/",
"https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/november/turla-png-dropper-is-back/", "https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/november/turla-png-dropper-is-back/",
"https://www-west.symantec.com/content/dam/symantec/docs/security-center/white-papers/waterbug-attack-group-16-en.pdf", "https://docs.broadcom.com/doc/waterbug-attack-group",
"https://www.theguardian.com/technology/2014/aug/07/turla-hackers-spying-governments-researcher-kaspersky-symantec", "https://www.theguardian.com/technology/2014/aug/07/turla-hackers-spying-governments-researcher-kaspersky-symantec",
"https://www.bleepingcomputer.com/news/security/turla-outlook-backdoor-uses-clever-tactics-for-stealth-and-persistence/", "https://www.bleepingcomputer.com/news/security/turla-outlook-backdoor-uses-clever-tactics-for-stealth-and-persistence/",
"https://download.bitdefender.com/resources/files/News/CaseStudies/study/115/Bitdefender-Whitepaper-PAC-A4-en-EN1.pdf", "https://download.bitdefender.com/resources/files/News/CaseStudies/study/115/Bitdefender-Whitepaper-PAC-A4-en-EN1.pdf",
@ -2548,7 +2548,7 @@
"country": "RU", "country": "RU",
"refs": [ "refs": [
"https://www.gov.uk/government/publications/russias-fsb-malign-cyber-activity-factsheet/russias-fsb-malign-activity-factsheet", "https://www.gov.uk/government/publications/russias-fsb-malign-cyber-activity-factsheet/russias-fsb-malign-activity-factsheet",
"http://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/", "https://web.archive.org/web/20161020180305/http://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/",
"https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2014/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf", "https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2014/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf",
"http://www.netresec.com/?page=Blog&month=2014-10&post=Full-Disclosure-of-Havex-Trojans", "http://www.netresec.com/?page=Blog&month=2014-10&post=Full-Disclosure-of-Havex-Trojans",
"https://threatpost.com/energy-watering-hole-attack-used-lightsout-exploit-kit/104772/", "https://threatpost.com/energy-watering-hole-attack-used-lightsout-exploit-kit/104772/",
@ -2634,7 +2634,7 @@
"https://ics.sans.org/blog/2016/01/09/confirmation-of-a-coordinated-attack-on-the-ukrainian-power-grid", "https://ics.sans.org/blog/2016/01/09/confirmation-of-a-coordinated-attack-on-the-ukrainian-power-grid",
"https://web.archive.org/web/20141016132823/https://www.symantec.com/connect/blogs/sandworm-windows-zero-day-vulnerability-being-actively-exploited-targeted-attacks", "https://web.archive.org/web/20141016132823/https://www.symantec.com/connect/blogs/sandworm-windows-zero-day-vulnerability-being-actively-exploited-targeted-attacks",
"https://ics.sans.org/blog/2015/12/30/current-reporting-on-the-cyber-attack-in-ukraine-resulting-in-power-outage", "https://ics.sans.org/blog/2015/12/30/current-reporting-on-the-cyber-attack-in-ukraine-resulting-in-power-outage",
"https://blog.trendmicro.com/trendlabs-security-intelligence/timeline-of-sandworm-attacks", "https://web.archive.org/web/20141224060545/http://blog.trendmicro.com/trendlabs-security-intelligence/timeline-of-sandworm-attacks/",
"https://attack.mitre.org/groups/G0034", "https://attack.mitre.org/groups/G0034",
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag", "https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag",
"https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf", "https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf",
@ -3108,7 +3108,7 @@
"attribution-confidence": "50", "attribution-confidence": "50",
"country": "IN", "country": "IN",
"refs": [ "refs": [
"https://kung_foo.keybase.pub/papers_and_presentations/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf", "https://github.com/jack8daniels2/threat-INTel/blob/master/2013/Unveiling-an-Indian-Cyberattack-Infrastructure-appendixes.pdf",
"https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/", "https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/",
"https://www.netscout.com/blog/asert/donot-team-leverages-new-modular-malware-framework-south-asia", "https://www.netscout.com/blog/asert/donot-team-leverages-new-modular-malware-framework-south-asia",
"https://ti.360.net/blog/articles/donot-group-is-targeting-pakistani-businessman-working-in-china-en/", "https://ti.360.net/blog/articles/donot-group-is-targeting-pakistani-businessman-working-in-china-en/",
@ -4472,7 +4472,7 @@
"meta": { "meta": {
"country": "RU", "country": "RU",
"refs": [ "refs": [
"https://www.f-secure.com/documents/996508/1030745/callisto-group", "https://web.archive.org/web/20170417102235/https://www.f-secure.com/documents/996508/1030745/callisto-group",
"https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe", "https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe",
"https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe", "https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe",
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag", "https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag",
@ -5024,7 +5024,7 @@
{ {
"meta": { "meta": {
"refs": [ "refs": [
"https://www.rsaconference.com/writable/presentations/file_upload/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries_final.pdf" "https://docs.huihoo.com/rsaconference/usa-2014/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries-final.pdf"
] ]
}, },
"uuid": "7ad01582-d6a7-4a40-a0ee-7727e268cd15", "uuid": "7ad01582-d6a7-4a40-a0ee-7727e268cd15",
@ -7236,7 +7236,7 @@
"refs": [ "refs": [
"https://ti.360.net/blog/articles/apt-c-27-(goldmouse):-suspected-target-attack-against-the-middle-east-with-winrar-exploit-en/", "https://ti.360.net/blog/articles/apt-c-27-(goldmouse):-suspected-target-attack-against-the-middle-east-with-winrar-exploit-en/",
"https://ti.360.net/blog/articles/analysis-of-apt-c-27/", "https://ti.360.net/blog/articles/analysis-of-apt-c-27/",
"https://www.pbwcz.cz/Reporty/20180723_CSE_APT27_Syria_v1.pdf" "https://web.archive.org/web/20180827024318/http://csecybsec.com/download/zlab/20180723_CSE_APT27_Syria_v1.pdf"
], ],
"since": "2014", "since": "2014",
"suspected-victims": [ "suspected-victims": [
@ -9462,7 +9462,7 @@
"refs": [ "refs": [
"https://www.computerweekly.com/news/252471769/New-threat-group-behind-Airbus-cyber-attacks-claim-researchers", "https://www.computerweekly.com/news/252471769/New-threat-group-behind-Airbus-cyber-attacks-claim-researchers",
"https://www.contextis.com/en/news/context-identifies-new-avivore-threat-group", "https://www.contextis.com/en/news/context-identifies-new-avivore-threat-group",
"https://www.contextis.com/en/blog/avivore" "https://web.archive.org/web/20191208223958/https://www.contextis.com/en/blog/avivore"
] ]
}, },
"uuid": "8045fc09-13d6-4f90-b239-ed5060b9297b", "uuid": "8045fc09-13d6-4f90-b239-ed5060b9297b",
@ -10167,7 +10167,7 @@
"https://www.secureworks.com/blog/supernova-web-shell-deployment-linked-to-spiral-threat-group", "https://www.secureworks.com/blog/supernova-web-shell-deployment-linked-to-spiral-threat-group",
"https://www.sentinelone.com/labs/solarwinds-understanding-detecting-the-supernova-webshell-trojan", "https://www.sentinelone.com/labs/solarwinds-understanding-detecting-the-supernova-webshell-trojan",
"https://us-cert.cisa.gov/ncas/analysis-reports/ar21-027a", "https://us-cert.cisa.gov/ncas/analysis-reports/ar21-027a",
"https://us-cert.cisa.gov/ncas/analysis-reports/ar21-112" "https://www.cisa.gov/news-events/analysis-reports/ar21-112a"
] ]
}, },
"uuid": "3f04dbbc-69bc-409b-82a1-6135f0b6a41c", "uuid": "3f04dbbc-69bc-409b-82a1-6135f0b6a41c",