mirror of https://github.com/MISP/misp-galaxy
adding targeted sectors
parent
214ac5d329
commit
db23d6eb4c
|
@ -2982,6 +2982,11 @@
|
|||
"https://www.kaspersky.com/blog/financial-trojans-2019/25690/",
|
||||
"https://www.welivesecurity.com/2015/04/09/operation-buhtrap/",
|
||||
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Bank",
|
||||
"Payment",
|
||||
"Finance"
|
||||
]
|
||||
},
|
||||
"uuid": "b737c51f-b579-49d5-a907-743b2e6d03cb",
|
||||
|
@ -3002,6 +3007,11 @@
|
|||
"synonyms": [
|
||||
"FIN4",
|
||||
"G0085"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Health",
|
||||
"Finance",
|
||||
"Pharmacy"
|
||||
]
|
||||
},
|
||||
"uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57",
|
||||
|
@ -3020,7 +3030,10 @@
|
|||
"description": "This group's activity was first observed in November 2013. It leverages a banking Trojan more commonly known as Shylock which aims to compromise online banking credentials and credentials related to Bitcoin wallets.",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"country": "RU"
|
||||
"country": "RU",
|
||||
"targeted-sector": [
|
||||
"Bank"
|
||||
]
|
||||
},
|
||||
"uuid": "7dd7a8df-9012-4d14-977f-b3f9f71266b4",
|
||||
"value": "SHARK SPIDER"
|
||||
|
@ -3032,6 +3045,10 @@
|
|||
"country": "RU",
|
||||
"refs": [
|
||||
"https://docs.huihoo.com/rsaconference/usa-2014/anf-t07b-the-art-of-attribution-identifying-and-pursuing-your-cyber-adversaries-final.pdf"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Manufacturing",
|
||||
"Industrial"
|
||||
]
|
||||
},
|
||||
"uuid": "db774b7d-a0ee-4375-b24e-fd278f5ab2fd",
|
||||
|
@ -3264,6 +3281,10 @@
|
|||
"APT-C-35",
|
||||
"SectorE02",
|
||||
"Orange Kala"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Government, Administration",
|
||||
"Security Service"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3364,6 +3385,14 @@
|
|||
"synonyms": [
|
||||
"SyrianElectronicArmy",
|
||||
"SEA"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Country",
|
||||
"Defense",
|
||||
"Opposition",
|
||||
"Political party",
|
||||
"News - Media",
|
||||
"Government, Administration"
|
||||
]
|
||||
},
|
||||
"uuid": "4265d44e-8372-4ed0-b428-b331a5443d7d",
|
||||
|
@ -3403,6 +3432,11 @@
|
|||
"TMP.Lapis",
|
||||
"Green Havildar",
|
||||
"COPPER FIELDSTONE"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Activists",
|
||||
"Civil society",
|
||||
"Military"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3447,6 +3481,12 @@
|
|||
"synonyms": [
|
||||
"FruityArmor",
|
||||
"G0038"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Activists",
|
||||
"Dissidents",
|
||||
"Journalist",
|
||||
"Civil society"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3516,6 +3556,10 @@
|
|||
"G0040",
|
||||
"Orange Athos",
|
||||
"Thirsty Gemini"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Finance",
|
||||
"Diplomacy"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3558,6 +3602,9 @@
|
|||
"synonyms": [
|
||||
"G0029",
|
||||
"Golfing Taurus"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Activists"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3683,6 +3730,9 @@
|
|||
"Sauron",
|
||||
"Project Sauron",
|
||||
"G0041"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Intelligence"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3727,6 +3777,9 @@
|
|||
],
|
||||
"synonyms": [
|
||||
"G0036"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Bank"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -3825,7 +3878,10 @@
|
|||
"description": "Libyan Scorpions is a malware operation in use since September 2015 and operated by a politically motivated group whose main objective is intelligence gathering, spying on influentials and political figures and operate an espionage campaign within Libya.",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"country": "LY"
|
||||
"country": "LY",
|
||||
"targeted-sector": [
|
||||
"Intelligence"
|
||||
]
|
||||
},
|
||||
"uuid": "815cbe98-e157-4078-9caa-c5a25dd64731",
|
||||
"value": "Libyan Scorpions"
|
||||
|
@ -3911,6 +3967,15 @@
|
|||
"ATK40",
|
||||
"G0049",
|
||||
"Evasive Serpens"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Chemical",
|
||||
"Energy",
|
||||
"engineering",
|
||||
"Finance",
|
||||
"Government, Administration",
|
||||
"Telecoms",
|
||||
"Other"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -4059,6 +4124,10 @@
|
|||
],
|
||||
"suspected-victims": [
|
||||
"Ukraine"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Think Tanks",
|
||||
"Government, Administration"
|
||||
]
|
||||
},
|
||||
"uuid": "3d5192f2-f235-46fd-aa68-dd00cc17d632",
|
||||
|
@ -4069,6 +4138,9 @@
|
|||
"meta": {
|
||||
"refs": [
|
||||
"https://blogs.technet.microsoft.com/mmpc/2016/12/09/windows-10-protection-detection-and-response-against-recent-attacks/"
|
||||
],
|
||||
"targeted-sector": [
|
||||
"Energy"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
|
Loading…
Reference in New Issue