mirror of https://github.com/MISP/misp-galaxy
add SedKit
parent
51a4868a3f
commit
e787efce72
|
@ -10,7 +10,7 @@
|
||||||
],
|
],
|
||||||
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
||||||
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
|
"uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
|
||||||
"version": 44,
|
"version": 45,
|
||||||
"values": [
|
"values": [
|
||||||
{
|
{
|
||||||
"meta": {
|
"meta": {
|
||||||
|
@ -3227,6 +3227,16 @@
|
||||||
"http://blog.trendmicro.com/trendlabs-security-intelligence/ratankba-watering-holes-against-enterprises/"
|
"http://blog.trendmicro.com/trendlabs-security-intelligence/ratankba-watering-holes-against-enterprises/"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "Sedkit",
|
||||||
|
"description": "Sedkit was an exploit kit used exclusively by the Sednit group. During its lifetime, Sednit leveraged vulnerabilities in various persistently vulnerable applications, but mostly Adobe Flash and Internet Explorer. When Sedkit was first discovered, potential victims were redirected to its landing page through a watering-hole scheme. Following that campaign, their preferred method consisted of malicious links embedded in emails sent to Sednit’s targets. Sedkit’s workflow is illustrated below.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.welivesecurity.com/2014/10/08/sednit-espionage-group-now-using-custom-exploit-kit/",
|
||||||
|
"https://www.welivesecurity.com/2017/12/21/sednit-update-fancy-bear-spent-year/"
|
||||||
|
]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue