mirror of https://github.com/MISP/misp-galaxy
Merge APT30 and Naikon
parent
5e4a4c3453
commit
a046e8094d
|
@ -1215,13 +1215,6 @@
|
|||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
||||
"tags": [
|
||||
|
@ -1414,13 +1407,6 @@
|
|||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "fb261c56-b80e-43a9-8351-c84081e7213d",
|
||||
"tags": [
|
||||
|
|
|
@ -9232,13 +9232,6 @@
|
|||
],
|
||||
"type": "uses"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "fb261c56-b80e-43a9-8351-c84081e7213d",
|
||||
"tags": [
|
||||
|
@ -18420,13 +18413,6 @@
|
|||
],
|
||||
"type": "uses"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "ff6caf67-ea1f-4895-b80e-4bb0fc31c6db",
|
||||
"tags": [
|
||||
|
|
|
@ -812,7 +812,11 @@
|
|||
"https://attack.mitre.org/groups/G0019/",
|
||||
"https://www.secureworks.com/research/threat-profiles/bronze-geneva",
|
||||
"https://cyware.com/news/chinese-naikon-group-back-with-new-espionage-attack-66a8413d",
|
||||
"https://cluster25.io/2022/04/29/lotus-panda-awake-last-strike/"
|
||||
"https://cluster25.io/2022/04/29/lotus-panda-awake-last-strike/",
|
||||
"https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/",
|
||||
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf",
|
||||
"https://attack.mitre.org/wiki/Group/G0013",
|
||||
"https://www.mandiant.com/sites/default/files/2021-09/rpt-apt30.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"PLA Unit 78020",
|
||||
|
@ -820,7 +824,9 @@
|
|||
"Camerashy",
|
||||
"Lotus Panda",
|
||||
"BRONZE GENEVA",
|
||||
"G0019"
|
||||
"G0019",
|
||||
"APT 30",
|
||||
"G0013"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -838,13 +844,6 @@
|
|||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
||||
"tags": [
|
||||
|
@ -3486,78 +3485,6 @@
|
|||
"uuid": "f3179cfb-9c86-4980-bd6b-e4fa74adaaa7",
|
||||
"value": "ProjectSauron"
|
||||
},
|
||||
{
|
||||
"description": "APT 30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches.",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-suspected-victims": [
|
||||
"India",
|
||||
"Saudi Arabia",
|
||||
"Vietnam",
|
||||
"Myanmar",
|
||||
"Singapore",
|
||||
"Thailand",
|
||||
"Malaysia",
|
||||
"Cambodia",
|
||||
"China",
|
||||
"Phillipines",
|
||||
"South Korea",
|
||||
"United States",
|
||||
"Indonesia",
|
||||
"Laos"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government",
|
||||
"Private sector"
|
||||
],
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/",
|
||||
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf",
|
||||
"https://attack.mitre.org/wiki/Group/G0013",
|
||||
"https://www.cfr.org/interactive/cyber-operations/apt-30",
|
||||
"https://www.mandiant.com/sites/default/files/2021-09/rpt-apt30.pdf"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT30",
|
||||
"G0013"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "2a158b0a-7ef8-43cb-9985-bf34d1e12050",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "2f1fd017-9df6-4759-91fb-e7039609b5ff",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "5e0a7cf2-6107-4d5f-9dd0-9df38b1fcba8",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "f047ee18-7985-4946-8bfb-4ed754d3a0dd",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
}
|
||||
],
|
||||
"uuid": "f26144c5-8593-4e78-831a-11f6452d809b",
|
||||
"value": "APT 30"
|
||||
},
|
||||
{
|
||||
"description": "TA530, who we previously examined in relation to large-scale personalized phishing campaigns",
|
||||
"meta": {
|
||||
|
|
Loading…
Reference in New Issue