MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #863 from Delta-Sierra/main 

Add targeted sectors
pull/864/head
Alexandre Dulaunoy 2023-09-08 23:11:29 +02:00 committed by GitHub
parent a783cc6621 df0e103727
commit b6e0279211
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 123 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
clusters/threat-actor.json
View File

@ -286,6 +286,9 @@
"BORON", "BORON",
"BRONZE MAYFAIR", "BRONZE MAYFAIR",
"Red Sylvan" "Red Sylvan"
],
"targeted-sector": [
"Political party"
] ]
}, },
"related": [ "related": [
@ -502,6 +505,14 @@
"G0001", "G0001",
"Axiom", "Axiom",
"HELIUM" "HELIUM"
],
"targeted-sector": [
"Defense",
"Intelligence",
"Technology",
"Mining",
"Government, Administration",
"Justice"
] ]
}, },
"related": [ "related": [
@ -558,6 +569,13 @@
"PLA Navy", "PLA Navy",
"Wekby", "Wekby",
"G0026" "G0026"
],
"targeted-sector": [
"Aerospace",
"Defense",
"Health",
"High tech",
"Telecoms"
] ]
}, },
"related": [ "related": [
@ -639,6 +657,11 @@
"G0073", "G0073",
"Pupa", "Pupa",
"Sunshop Group" "Sunshop Group"
],
"targeted-sector": [
"Technology",
"Finance",
"Non-profit organisation"
] ]
}, },
"related": [ "related": [
@ -819,6 +842,10 @@
"G0030", "G0030",
"Red Salamander", "Red Salamander",
"Lotus BLossom" "Lotus BLossom"
],
"targeted-sector": [
"Military",
"Government, Administration"
] ]
}, },
"related": [ "related": [
@ -843,6 +870,10 @@
"https://www.crowdstrike.com/blog/crowdstrike-discovers-use-64-bit-zero-day-privilege-escalation-exploit-cve-2014-4113-hurricane-panda/", "https://www.crowdstrike.com/blog/crowdstrike-discovers-use-64-bit-zero-day-privilege-escalation-exploit-cve-2014-4113-hurricane-panda/",
"https://www.crowdstrike.com/blog/storm-chasing/", "https://www.crowdstrike.com/blog/storm-chasing/",
"https://www.crowdstrike.com/blog/cyber-deterrence-in-action-a-story-of-one-long-hurricane-panda-campaign/" "https://www.crowdstrike.com/blog/cyber-deterrence-in-action-a-story-of-one-long-hurricane-panda-campaign/"
],
"targeted-sector": [
"Technology",
"Telecoms"
] ]
}, },
"uuid": "0286e80e-b0ed-464f-ad62-beec8536d0cb", "uuid": "0286e80e-b0ed-464f-ad62-beec8536d0cb",
@ -915,6 +946,11 @@
"G0027", "G0027",
"Iron Taurus", "Iron Taurus",
"Earth Smilodon" "Earth Smilodon"
],
"targeted-sector": [
"Technology",
"Government, Administration",
"Defense"
] ]
}, },
"related": [ "related": [
@ -1023,6 +1059,10 @@
"refs": [ "refs": [
"https://www.cfr.org/interactive/cyber-operations/hellsing", "https://www.cfr.org/interactive/cyber-operations/hellsing",
"https://securelist.com/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/69567/" "https://securelist.com/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/69567/"
],
"targeted-sector": [
"Infrastructure",
"Diplomacy"
] ]
}, },
"uuid": "af482dde-9e47-48d5-9cb2-cf8f6d6303d3", "uuid": "af482dde-9e47-48d5-9cb2-cf8f6d6303d3",
@ -1142,6 +1182,15 @@
"ANCHOR PANDA", "ANCHOR PANDA",
"QAZTeam", "QAZTeam",
"ALUMINUM" "ALUMINUM"
],
"targeted-sector": [
"Other",
"Aerospace",
"Defense",
"Intelligence",
"Maritime",
"Military",
"Space"
] ]
}, },
"related": [ "related": [
@ -1262,6 +1311,13 @@
"RedFoxtrot", "RedFoxtrot",
"Red Wendigo", "Red Wendigo",
"PLA Unit 69010" "PLA Unit 69010"
],
"targeted-sector": [
"Other",
"Maritime",
"Military",
"Government, Administration",
"Telecoms"
] ]
}, },
"uuid": "32c534b9-abec-4823-b223-a810f897b47b", "uuid": "32c534b9-abec-4823-b223-a810f897b47b",
@ -1494,6 +1550,12 @@
"MAGNESIUM", "MAGNESIUM",
"admin@338", "admin@338",
"G0018" "G0018"
],
"targeted-sector": [
"Activists",
"Trade",
"Finance",
"Political party"
] ]
}, },
"related": [ "related": [
@ -1534,6 +1596,10 @@
"BRONZE HOBART", "BRONZE HOBART",
"G0081", "G0081",
"Red Orthrus" "Red Orthrus"
],
"targeted-sector": [
"Military",
"Government, Administration"
] ]
}, },
"uuid": "7f16d1f5-04ee-4d99-abf0-87e1f23f9fee", "uuid": "7f16d1f5-04ee-4d99-abf0-87e1f23f9fee",
@ -1723,6 +1789,13 @@
"Group 83", "Group 83",
"NewsBeef", "NewsBeef",
"G0058" "G0058"
],
"targeted-sector": [
"Defense",
"Diplomacy",
"Military",
"Technology",
"Government, Administration"
] ]
}, },
"related": [ "related": [
@ -1893,6 +1966,11 @@
"synonyms": [ "synonyms": [
"Group 42", "Group 42",
"VOYEUR" "VOYEUR"
],
"targeted-sector": [
"Opposition",
"Dissidents",
"Political party"
] ]
}, },
"uuid": "2e77511d-f72f-409e-9b64-e2a15efe9bf4", "uuid": "2e77511d-f72f-409e-9b64-e2a15efe9bf4",
@ -1943,6 +2021,14 @@
"Operation Woolen-Goldfish", "Operation Woolen-Goldfish",
"Thamar Reservoir", "Thamar Reservoir",
"Timberworm" "Timberworm"
],
"targeted-sector": [
"Activists",
"Defense",
"Journalist",
"Research - Innovation",
"Academia - University",
"Government, Administration"
] ]
}, },
"related": [ "related": [
@ -2066,6 +2152,13 @@
"TG-2889", "TG-2889",
"Cobalt Gypsy", "Cobalt Gypsy",
"G0003" "G0003"
],
"targeted-sector": [
"Defense",
"Energy",
"Technology",
"Government, Administration",
"Academia - University"
] ]
}, },
"related": [ "related": [
@ -2291,6 +2384,11 @@
"UAC-0028", "UAC-0028",
"FROZENLAKE", "FROZENLAKE",
"Sofacy" "Sofacy"
],
"targeted-sector": [
"Military",
"Government, Administration",
"Security Service"
] ]
}, },
"related": [ "related": [
@ -2383,6 +2481,10 @@
"Blue Kitsune", "Blue Kitsune",
"ITG11", "ITG11",
"BlueBravo" "BlueBravo"
],
"targeted-sector": [
"Think Tanks",
"Government, Administration"
] ]
}, },
"related": [ "related": [
@ -2511,6 +2613,13 @@
"Blue Python", "Blue Python",
"SUMMIT", "SUMMIT",
"UNC4210" "UNC4210"
],
"targeted-sector": [
"Government, Administration",
"Education",
"Electric",
"Energy",
"Health"
] ]
}, },
"related": [ "related": [
@ -2599,6 +2708,9 @@
"ITG15", "ITG15",
"BROMINE", "BROMINE",
"Blue Kraken" "Blue Kraken"
],
"targeted-sector": [
"Energy"
] ]
}, },
"related": [ "related": [
@ -2675,6 +2787,11 @@
"IRIDIUM", "IRIDIUM",
"Blue Echidna", "Blue Echidna",
"FROZENBARENTS" "FROZENBARENTS"
],
"targeted-sector": [
"Electric",
"Energy",
"Industrial"
] ]
}, },
"related": [ "related": [
@ -2833,6 +2950,11 @@
"Team Bear", "Team Bear",
"Anger Bear", "Anger Bear",
"IRON LYRIC" "IRON LYRIC"
],
"targeted-sector": [
"Activists",
"Intelligence",
"Government, Administration"
] ]
}, },
"related": [ "related": [
@ -11526,5 +11648,5 @@
"value": "MoustachedBouncer" "value": "MoustachedBouncer"
} }
], ],
"version": 279 "version": 281
} }