mirror of https://github.com/MISP/misp-galaxy
Merge pull request #660 from r0ny123/patch-1
References for APT40, APT31 & HAFNIUMpull/662/head v2.4.147
commit
8f0a1642e0
|
@ -5751,7 +5751,19 @@
|
||||||
"https://www.secureworks.com/research/threat-profiles/bronze-mohawk",
|
"https://www.secureworks.com/research/threat-profiles/bronze-mohawk",
|
||||||
"https://www.mycert.org.my/portal/advisory?id=MA-774.022020",
|
"https://www.mycert.org.my/portal/advisory?id=MA-774.022020",
|
||||||
"https://www.elastic.co/blog/advanced-techniques-used-in-malaysian-focused-apt-campaign",
|
"https://www.elastic.co/blog/advanced-techniques-used-in-malaysian-focused-apt-campaign",
|
||||||
"https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/"
|
"https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/",
|
||||||
|
"https://www.justice.gov/opa/pr/four-chinese-nationals-working-ministry-state-security-charged-global-computer-intrusion",
|
||||||
|
"https://www.justice.gov/opa/press-release/file/1412916/download",
|
||||||
|
"https://www.justice.gov/opa/press-release/file/1412921/download",
|
||||||
|
"https://us-cert.cisa.gov/ncas/alerts/aa21-200a",
|
||||||
|
"https://us-cert.cisa.gov/ncas/alerts/aa21-200b",
|
||||||
|
"https://www.canada.ca/en/global-affairs/news/2021/07/statement-on-chinas-cyber-campaigns.html",
|
||||||
|
"https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking",
|
||||||
|
"https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
|
||||||
|
"https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks",
|
||||||
|
"https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china",
|
||||||
|
"https://www.mofa.go.jp/press/danwa/press6e_000312.html",
|
||||||
|
"https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"TEMP.Periscope",
|
"TEMP.Periscope",
|
||||||
|
@ -7205,7 +7217,18 @@
|
||||||
"https://www.secureworks.com/research/bronze-vinewood-targets-supply-chains",
|
"https://www.secureworks.com/research/bronze-vinewood-targets-supply-chains",
|
||||||
"https://www.secureworks.com/research/threat-profiles/bronze-vinewood",
|
"https://www.secureworks.com/research/threat-profiles/bronze-vinewood",
|
||||||
"https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report",
|
"https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report",
|
||||||
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
|
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
|
||||||
|
"https://research.checkpoint.com/2021/the-story-of-jian",
|
||||||
|
"https://supo.fi/-/suojelupoliisi-tunnisti-eduskuntaan-kohdistuneen-kybervakoiluoperaation-apt31-ksi",
|
||||||
|
"https://poliisi.fi/-/eduskunnan-tietojarjestelmiin-kohdistuneen-tietomurron-tutkinnassa-selvitetaan-yhteytta-apt31-toimijaan",
|
||||||
|
"https://pst.no/alle-artikler/pressemeldinger/etterforskningen-av-datanettverksoperasjonen-mot-fylkesmannsembetene-er-avsluttet",
|
||||||
|
"https://www.nrk.no/norge/pst_-har-etterretning-om-at-kinesisk-gruppe-stod-bak-dataangrep-mot-statsforvaltere-1.15540601",
|
||||||
|
"https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking",
|
||||||
|
"https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
|
||||||
|
"https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china",
|
||||||
|
"https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory/",
|
||||||
|
"https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003",
|
||||||
|
"https://twitter.com/bkMSFT/status/1417823714922610689"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"APT 31",
|
"APT 31",
|
||||||
|
@ -8383,7 +8406,10 @@
|
||||||
"https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries/blob/master/Execution/exchange-iis-worker-dropping-webshell.md",
|
"https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries/blob/master/Execution/exchange-iis-worker-dropping-webshell.md",
|
||||||
"https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server",
|
"https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server",
|
||||||
"https://www.nextron-systems.com/2021/03/06/scan-for-hafnium-exploitation-evidence-with-thor-lite",
|
"https://www.nextron-systems.com/2021/03/06/scan-for-hafnium-exploitation-evidence-with-thor-lite",
|
||||||
"https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk"
|
"https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk",
|
||||||
|
"https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks",
|
||||||
|
"https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
|
||||||
|
"https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "4f05d6c1-3fc1-4567-91cd-dd4637cc38b5",
|
"uuid": "4f05d6c1-3fc1-4567-91cd-dd4637cc38b5",
|
||||||
|
|
Loading…
Reference in New Issue