From 52e7d5a0a90c0652b212acace0fcf4f7df75dff6 Mon Sep 17 00:00:00 2001 From: Rony Date: Wed, 21 Jul 2021 18:28:40 +0530 Subject: [PATCH] multiple updates to apt40, apt31 & hafnium --- clusters/threat-actor.json | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 051190e6..a4e301d5 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -5757,10 +5757,12 @@ "https://www.justice.gov/opa/press-release/file/1412921/download", "https://us-cert.cisa.gov/ncas/alerts/aa21-200a", "https://us-cert.cisa.gov/ncas/alerts/aa21-200b", - "https://www.mofa.go.jp/mofaj/press/danwa/page6_000583.html", "https://www.canada.ca/en/global-affairs/news/2021/07/statement-on-chinas-cyber-campaigns.html", "https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking", "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking", + "https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks", + "https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china", + "https://www.mofa.go.jp/press/danwa/press6e_000312.html" "https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory" ], "synonyms": [ @@ -7223,7 +7225,10 @@ "https://www.nrk.no/norge/pst_-har-etterretning-om-at-kinesisk-gruppe-stod-bak-dataangrep-mot-statsforvaltere-1.15540601", "https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking", "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking", + "https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china", "https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory/" + "https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003" + "https://twitter.com/bkMSFT/status/1417823714922610689" ], "synonyms": [ "APT 31", @@ -8401,7 +8406,10 @@ "https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries/blob/master/Execution/exchange-iis-worker-dropping-webshell.md", "https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server", "https://www.nextron-systems.com/2021/03/06/scan-for-hafnium-exploitation-evidence-with-thor-lite", - "https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk" + "https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk", + "https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks", + "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking", + "https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china" ] }, "uuid": "4f05d6c1-3fc1-4567-91cd-dd4637cc38b5",