mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add Storm-1575
parent
a42dc67fb6
commit
e497ec2b38
|
@ -14717,6 +14717,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "2da09284-be56-49cd-ad18-993a6eb17af2",
|
"uuid": "2da09284-be56-49cd-ad18-993a6eb17af2",
|
||||||
"value": "Storm-0835"
|
"value": "Storm-0835"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Storm-1575 is a threat actor identified by Microsoft as being involved in phishing campaigns using the Dadsec platform. They utilize hundreds of Domain Generated Algorithm domains to host credential harvesting pages and target global organizations to steal Microsoft 365 credentials.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.bridewell.com/insights/blogs/detail/analysing-widespread-microsoft365-credential-harvesting-campaign",
|
||||||
|
"https://twitter.com/MsftSecIntel/status/1712936244987019704?lang=en"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "2485a9cb-b41c-43bd-8b1c-c64e919c0a4e",
|
||||||
|
"value": "Storm-1575"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 298
|
"version": 298
|
||||||
|
|
Loading…
Reference in New Issue