MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Update threat-actor.json

pull/748/head
Rony 2022-08-16 10:49:13 +05:30 committed by GitHub
parent f4b63d4514
commit de76aef023
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
clusters/threat-actor.json
View File

@ -4455,12 +4455,19 @@
{
"description": "The Callisto Group is an advanced threat actor whose known targets include military personnel, government officials, think tanks, and journalists in Europe and the South Caucasus. Their primary interest appears to be gathering intelligence related to foreign and security policy in the Eastern Europe and South Caucasus regions.",
"meta": {
"country": "RU",
"refs": [
"https://www.f-secure.com/documents/996508/1030745/callisto-group",
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag"
"https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe",
"https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe",
"https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag",
"https://www.microsoft.com/security/blog/2022/08/15/disrupting-seaborgiums-ongoing-phishing-operations",
"https://blog.sekoia.io/calisto-continues-its-credential-harvesting-campaign"
],
"synonyms": [
"COLDRIVER"
"COLDRIVER",
"SEABORGIUM",
"TA446"
]
},
"uuid": "fbd279ab-c095-48dc-ba48-4bece3dd5b0f",