mirror of https://github.com/MISP/misp-galaxy
new: [threat-actor] Storm-0558 added + Fix #880
parent
38afdbb80f
commit
e7ca55277c
|
@ -12059,7 +12059,29 @@
|
|||
},
|
||||
"uuid": "9ee446fd-b0cd-4662-9cd1-a60b429192db",
|
||||
"value": "Camaro Dragon"
|
||||
},
|
||||
{
|
||||
"description": "Storm-0558 is a China-based threat actor with espionage objectives. While there are some minimal overlaps with other Chinese groups such as Violet Typhoon (ZIRCONIUM, APT31), Microsoft maintain high confidence that Storm-0558 operates as its own distinct group",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-suspected-victims": [
|
||||
"United States"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government"
|
||||
],
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"country": "CN",
|
||||
"references": [
|
||||
"https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/",
|
||||
"https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr",
|
||||
"https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/"
|
||||
]
|
||||
},
|
||||
"uuid": "5b30bcb8-4923-45cc-bc89-29651ca5d54e",
|
||||
"value": "Storm-0558"
|
||||
}
|
||||
],
|
||||
"version": 287
|
||||
"version": 288
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue