mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Separate ITSecTeam from Cleaver
Mathieu Beligon
parent
b8d4ffdbde
commit
d63c990dad
|
|
@ -2098,25 +2098,13 @@
|
||||||
"India",
|
"India",
|
||||||
"Kuwait",
|
"Kuwait",
|
||||||
"Qatar",
|
"Qatar",
|
||||||
"Turkey",
|
"Turkey"
|
||||||
"Bank of America",
|
|
||||||
"US Bancorp",
|
|
||||||
"Fifth Third Bank",
|
|
||||||
"Citigroup",
|
|
||||||
"PNC",
|
|
||||||
"BB&T",
|
|
||||||
"Wells Fargo",
|
|
||||||
"Capital One",
|
|
||||||
"HSBC"
|
|
||||||
],
|
],
|
||||||
"cfr-target-category": [
|
"cfr-target-category": [
|
||||||
"Private sector",
|
"Private sector",
|
||||||
"Government"
|
"Government"
|
||||||
],
|
],
|
||||||
"cfr-type-of-incident": [
|
"cfr-type-of-incident": "Espionage",
|
||||||
"Espionage",
|
|
||||||
"Denial of service"
|
|
||||||
],
|
|
||||||
"country": "IR",
|
"country": "IR",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://www.cfr.org/interactive/cyber-operations/magic-hound",
|
"https://www.cfr.org/interactive/cyber-operations/magic-hound",
|
||||||
|
|
@ -2132,7 +2120,6 @@
|
||||||
"https://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf",
|
"https://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf",
|
||||||
"https://attack.mitre.org/groups/G0059/",
|
"https://attack.mitre.org/groups/G0059/",
|
||||||
"https://attack.mitre.org/groups/G0003/",
|
"https://attack.mitre.org/groups/G0003/",
|
||||||
"https://www.cfr.org/interactive/cyber-operations/itsecteam",
|
|
||||||
"https://xorl.wordpress.com/2021/05/06/iran-cyber-operations-groups/"
|
"https://xorl.wordpress.com/2021/05/06/iran-cyber-operations-groups/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
|
|
@ -2152,8 +2139,7 @@
|
||||||
"TEMP.Beanie",
|
"TEMP.Beanie",
|
||||||
"Ghambar",
|
"Ghambar",
|
||||||
"G0059",
|
"G0059",
|
||||||
"G0003",
|
"G0003"
|
||||||
"ITSecTeam"
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
|
|
@ -9476,7 +9462,47 @@
|
||||||
},
|
},
|
||||||
"uuid": "091a0b69-74de-44b6-bb12-16b7a8fd078b",
|
"uuid": "091a0b69-74de-44b6-bb12-16b7a8fd078b",
|
||||||
"value": "ToddyCat"
|
"value": "ToddyCat"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "One of the threat actors responsible for the denial of service attacks against U.S in 2012–2013. Three individuals associated with the group—believed to be have been working on behalf of Iran’s Islamic Revolutionary Guard Corps—were indicted by the Justice Department in 2016.",
|
||||||
|
"meta": {
|
||||||
|
"attribution-confidence": "50",
|
||||||
|
"cfr-suspected-state-sponsor": "Iran (Islamic Republic of)",
|
||||||
|
"cfr-suspected-victims": [
|
||||||
|
"United States",
|
||||||
|
"Bank of America",
|
||||||
|
"US Bancorp",
|
||||||
|
"Fifth Third Bank",
|
||||||
|
"Citigroup",
|
||||||
|
"PNC",
|
||||||
|
"BB&T",
|
||||||
|
"Wells Fargo",
|
||||||
|
"Capital One",
|
||||||
|
"HSBC",
|
||||||
|
"AT&T",
|
||||||
|
"NYSE"
|
||||||
|
],
|
||||||
|
"cfr-type-of-incident": [
|
||||||
|
"Denial of service"
|
||||||
|
],
|
||||||
|
"country": "IR",
|
||||||
|
"refs": [
|
||||||
|
"https://www.cfr.org/interactive/cyber-operations/itsecteam",
|
||||||
|
"https://www.justice.gov/usao-sdny/file/835061/download"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "86724806-7ec9-4a48-a0a7-ecbde3bf4810",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "linked-to"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 229
|
"uuid": "7a3f505b-10e9-4177-a96f-d476b55fd3dd",
|
||||||
|
"value": "ITSecTeam"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"version": 230
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue