MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

added ELECTRUM to threat-actor.json (afaik not confirmed as an alias atm)

pull/64/head
Daniel Plohmann 2017-06-13 13:25:16 +02:00
parent 9924a8875c
commit ff4f428bc1
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clusters/threat-actor.json
View File

@ -1565,6 +1565,16 @@
"https://blogs.technet.microsoft.com/mmpc/2016/04/26/digging-deep-for-platinum/" "https://blogs.technet.microsoft.com/mmpc/2016/04/26/digging-deep-for-platinum/"
] ]
} }
},
{
"value": "ELECTRUM",
"description": "Dragos, Inc. tracks the adversary group behind CRASHOVERRIDE as ELECTRUM and assesses with high confidence through confidential sources that ELECTRUM has direct ties to the Sandworm team. Our intelligence ICS WorldView customers have received a comprehensive report and this industry report will not get into sensitive technical details but instead focus on information needed for defense and impact awareness.",
"meta": {
"refs": [
"https://dragos.com/blog/crashoverride/CrashOverride-01.pdf",
"https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf"
]
}
} }
], ],
"name": "Threat actor", "name": "Threat actor",
@ -1579,5 +1589,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 23 "version": 24
} }