MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #753 from Mathieu4141/threat-actors/fix-bronze-president 

[threat-actors] Remove duplicated BRONZE PRESIDENT entity
pull/756/head
Alexandre Dulaunoy 2022-08-19 06:26:11 +02:00 committed by GitHub
parent 441bd8afe6 d9046c8619
commit a8b234d694
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
clusters/threat-actor.json
View File

@ -6349,7 +6349,8 @@
"https://www.cfr.org/interactive/cyber-operations/mustang-panda",
"https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-june-mustang-panda/",
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
"https://www.secureworks.com/research/threat-profiles/bronze-president"
"https://www.secureworks.com/research/threat-profiles/bronze-president",
"https://www.darkreading.com/threat-intelligence/chinese-apt-bronze-president-spy-campaign-russian-military"
],
"synonyms": [
"BRONZE PRESIDENT",
@ -7846,16 +7847,6 @@
"uuid": "69e11692-691e-4bfb-9557-4e2a271684ed",
"value": "luoxk"
},
{
"description": "The activities of some non-governmental organizations (NGOs) challenge governments on politically sensitive issues such as social, humanitarian, and environmental policies. As a result, these organizations are often exposed to increased government-directed threats aimed at monitoring their activities, discrediting their work, or stealing their intellectual property. BRONZE PRESIDENT is a likely People's Republic of China (PRC)-based targeted cyberespionage group that uses both proprietary and publicly available tools to target NGO networks. Secureworks® Counter Threat Unit (CTU) researchers have observed BRONZE PRESIDENT activity since mid-2018 but identified artifacts suggesting that the threat actors may have been conducting network intrusions as far back as 2014.",
"meta": {
"refs": [
"https://www.secureworks.com/research/bronze-president-targets-ngos"
]
},
"uuid": "f9702059-97f4-4fc0-810b-3041b918f5d7",
"value": "BRONZE PRESIDENT"
},
{
"description": "An actor mainly targeting Pakistan military targets, active since at least 2012. We have low confidence that this malware might be authored by an Indian company. To spread the malware, they use unique implementations to leverage the exploits of known vulnerabilities (such as CVE-2017-11882) and later deploy a Powershell payload in the final stages.",
"meta": {