StefanKelm
f042f98247
Update threat-actor.json
...
Higaisa
2020-06-08 14:09:39 +02:00
Alexandre Dulaunoy
1dd764160d
Merge pull request #553 from StefanKelm/master
...
Update threat-actor.json
2020-06-04 17:22:53 +02:00
StefanKelm
9c25d5e8c5
Update threat-actor.json
...
Cycldek
2020-06-04 17:18:45 +02:00
Alexandre Dulaunoy
3867b1f602
Merge pull request #552 from danielplohmann/reference-fixes
...
Reference fixes
2020-05-29 09:26:05 +02:00
Alexandre Dulaunoy
2a074f23fd
chg: [preventive-measure] packet filtering added
2020-05-27 10:02:16 +02:00
Daniel Plohmann (jupiter)
a705d1402f
fixing deadlinks where possible
2020-05-27 09:49:58 +02:00
Daniel Plohmann (jupiter)
171f272a1e
default to HTTPS to be consistent with other links to same page
2020-05-27 09:27:52 +02:00
Alexandre Dulaunoy
8a0a4cb02d
Merge pull request #551 from nyx0/master
...
Add CrackMapExec, metasploit, Cobalt Strike and Covenant
2020-05-27 09:10:08 +02:00
Alexandre Dulaunoy
e8a82ebf8e
Merge pull request #550 from r0ny123/patch-1
...
fix
2020-05-27 09:09:21 +02:00
Thomas Dupuy
291fb41502
Remove duplicate TA (Chafer), fix symantec link, add synonyme for DarkHotel
2020-05-26 09:50:43 -04:00
Thomas Dupuy
143bd521be
Add CrackMapExec, metasploit, Cobalt Strike and Covenant
2020-05-26 09:35:01 -04:00
Rony
fbd351590a
Update threat-actor.json
2020-05-24 23:18:54 +05:30
Rony
5f8094d16f
fix
2020-05-24 23:14:43 +05:30
Alexandre Dulaunoy
313003ed65
Merge branch '3c7-secureworks_profiles'
2020-05-22 14:02:12 +02:00
Alexandre Dulaunoy
b5bbc34f5d
chg: [threat-actor] remove the non-unique elements
2020-05-22 14:01:32 +02:00
Nils Kuhnert
fbfe9d23c3
Merged (most) SecureWorks threat actor profiles && jq
2020-05-22 13:45:29 +02:00
iglocska
dee9a56460
fix: small fixes to the bhadra framework
2020-05-19 16:45:40 +02:00
iglocska
43703f1a96
new: added Bhadra framework for mobile attacks
...
- based on the paper published here: https://arxiv.org/pdf/2005.05110.pdf
- thanks to the ATT&CK EU community conference speakers highlighting this framework!
2020-05-19 16:34:59 +02:00
Alexandre Dulaunoy
006b61bc44
Merge pull request #547 from Delta-Sierra/master
...
add Snake Ransomware
2020-05-15 17:55:47 +02:00
Deborah Servili
b943a7daca
fix missing description
2020-05-15 09:00:34 +02:00
Deborah Servili
6d6da39da4
add Snake Ransomware
2020-05-13 11:58:33 +02:00
Alexandre Dulaunoy
82ae5cde81
Merge pull request #546 from danielplohmann/patch-29
...
msft name: BORON for APT3
2020-05-12 11:24:26 +02:00
Daniel Plohmann
5101c5a828
msft name: BORON for APT3
...
as per tweet: https://twitter.com/bkMSFT/status/1259578051962306562
2020-05-11 15:37:38 +02:00
Alexandre Dulaunoy
881a5664ac
Merge branch 'nyx0-master'
2020-05-11 10:20:35 +02:00
Alexandre Dulaunoy
09429eda5a
chg: [ta] fix the JSON
2020-05-11 10:20:10 +02:00
Thomas Dupuy
fc9505cadf
Add Sednit's Exploit-kit Sedkit
2020-05-08 13:29:14 -04:00
Thomas Dupuy
69fe870803
Add Higaisa Threat Actor
2020-05-08 13:01:48 -04:00
Alexandre Dulaunoy
cb9bff18e8
Merge pull request #542 from Delta-Sierra/master
...
add speculoos bakdoor
2020-04-28 16:01:24 +02:00
Deborah Servili
1d331a9ab1
Merge branch 'master' into master
2020-04-28 15:19:38 +02:00
Alexandre Dulaunoy
3c2d863cbc
Merge pull request #541 from nyx0/master
...
Add DenesRAT/METALJACK
2020-04-28 09:20:48 +02:00
Thomas Dupuy
46a6d9fcb1
Add DenesRAT/METALJACK
2020-04-28 01:08:50 -04:00
Alexandre Dulaunoy
07145a4759
Merge branch 'intezer-fix/reports'
2020-04-27 15:04:05 +02:00
Alexandre Dulaunoy
2a70893352
chg: [jq] JSON fixed
2020-04-27 15:03:25 +02:00
de Rosen
a428ad565e
Added misp info
2020-04-27 15:16:33 +03:00
Deborah Servili
f6fd07fbc9
add speculoos bakdoor
2020-04-27 09:36:23 +02:00
Alexandre Dulaunoy
86157a6b96
Merge pull request #539 from r0ny123/MergingTA
...
Adding alias Thallium and merging STOLEN PENCIL
2020-04-26 21:16:56 +02:00
Rony
112f9e4a08
Adding alias Thallium and merging STOLEN PENCIL
...
Pretty much confirmed from the crowdstrike talk at ATT&CKon 2.0.
And also Netscout named the campaign as STOLEN PENCIL.
2020-04-26 23:47:37 +05:30
Alexandre Dulaunoy
c2fe21f3b7
Merge branch 'rvs1st-patch-1'
2020-04-26 14:27:48 +02:00
Alexandre Dulaunoy
de71a444f8
chg: [json] add missing comma
2020-04-26 14:23:59 +02:00
rvs1st
d449eb94fc
Update threat-actor.json
...
Added on line 1403: Trident per campaign malicious RTF documents to exploit CVE-2017-11882 and CVE-2012-0158
2020-04-24 09:03:58 -05:00
Alexandre Dulaunoy
4234d44052
Merge pull request #537 from danielplohmann/patch-28
...
Adding Nazar APT as described by JAGS in his OPCDE talk yesterday.
2020-04-24 15:33:47 +02:00
Alexandre Dulaunoy
cac034064a
Merge pull request #536 from danielplohmann/patch-27
...
adding VOYEUR as alias (used by NSA) for MAGIC KITTEN (source referen…
2020-04-24 15:33:30 +02:00
Daniel Plohmann
858621ebdc
Adding Nazar APT as described by JAGS in his OPCDE talk yesterday.
2020-04-23 15:47:35 +02:00
Daniel Plohmann
b0f0bbae33
adding VOYEUR as alias (used by NSA) for MAGIC KITTEN (source reference included)
2020-04-23 14:52:08 +02:00
Alexandre Dulaunoy
13348879cc
Merge pull request #535 from ITAYC0HEN/feature/AddDarkUniverseActor
...
Add ItaDuke/DarkUniverse actor
2020-04-23 11:22:39 +02:00
Deborah Servili
6b49d81b13
Merge branch 'master' of https://github.com/MISP/misp-galaxy
2020-04-23 10:06:04 +02:00
itayc0hen
667d5b8850
Add ItaDuke/DarkUniverse actor
2020-04-22 19:44:38 +03:00
Alexandre Dulaunoy
2a5ea5f521
Merge pull request #534 from danielplohmann/fin1
...
adding FIN1
2020-04-20 14:59:54 +02:00
pnx@pyrite
974ece3a7c
adding FIN1
2020-04-20 14:20:22 +02:00
Alexandre Dulaunoy
f0257aed12
Merge pull request #533 from r0ny123/MergingTA
...
fix
2020-04-20 07:59:30 +02:00