MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity
3,285 Commits
6 Branches
46 Tags
42 MiB
Commit Graph

993 Commits (29baf77740d4698b985b7f238fa4f6310b166938)

Author SHA1 Message Date
Daniel Plohmann e228ffc432
alias Callisto -> BlueCharlie 
not sure, if you also want to have the Microsoft names in here (I think they are tracked separately?), otherwise, that would be Star Blizzard according to the article.
 2023-08-03 09:53:10 +02:00
Rony 9b9ce4777a chg: [threat-actor] added references, origin country, aliases to `Sea Turtle` 2023-07-28 11:04:11 +00:00
Thomas Dupuy 2dcd1d3544 upd: Add Worok TA and update APT-Q-12 to APT-C-60 as it was the first 
name mention in an article.
 2023-07-18 19:53:54 +00:00
Delta-Sierra c51d177abd add SmugX & RedDelta 2023-07-10 15:46:01 +02:00
Delta-Sierra 20d3b3780a merge 2023-06-19 08:35:48 +02:00
iglocska 14301a9c4c
chg: [threat actors] added Volt Typhoon 2023-05-25 07:29:48 +02:00
Delta-Sierra e87b7bbf73 complete VENOM SPIDER threat actor 2023-05-23 11:43:20 +02:00
Delta-Sierra 18ee466ae4 add Hagga threat actor 2023-05-22 15:44:18 +02:00
Delta-Sierra d202ed9f3f Merge https://github.com/MISP/misp-galaxy 2023-05-15 09:54:25 +02:00
Delta-Sierra a3fffacab3 add APT43 + tools 2023-05-15 08:41:17 +02:00
Daniel Plohmann 094d56057c
adding APT43 (Mandiant) for Kimsuky. 2023-05-09 14:35:41 +02:00
Sebastien Larinier ddc285581d Update threat-actor.json 2023-04-26 21:52:57 +02:00
Sebastien Larinier d60cca9302 Update threat-actor.json 
fix mistake
 2023-04-26 21:46:33 +02:00
Sebastien Larinier 142d4aeaef Update threat-actor.json 2023-04-26 14:26:48 +02:00
Jürgen Löhel 15297c7b5f
chg [threat-actors] Add RedGolf 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-04-24 16:59:18 -06:00
Christophe Vandeplas 79b80b0869
chg: [rels] more threat actor relations 2023-04-23 17:54:58 +02:00
Christophe Vandeplas 3c6c204f01
chg: [rels] more threat actor relations 2023-04-23 17:45:58 +02:00
Christophe Vandeplas 138c7c7ba8
chg: [rels] more relations on cluster "value" 2023-04-23 17:36:02 +02:00
Christophe Vandeplas bf7c5f1dd9
chg: [rels] threat-actor & MS activity group - on synonym 2023-04-23 11:56:41 +02:00
Christophe Vandeplas a5e7e0c95f
chg: [rels] threat-actor & MS activity group - on value 2023-04-23 11:55:57 +02:00
Sebastien Larinier 862badf2c9 Update threat-actor.json 2023-04-19 17:41:44 +02:00
Sebastien Larinier 1c751b1ea8 Update threat-actor.json 2023-04-19 17:34:50 +02:00
Sebastien Larinier 165ce70a28
Merge branch 'MISP:main' into main 2023-04-19 16:48:02 +02:00
Sebastien Larinier 87ef0a400e Update threat-actor.json 2023-04-19 15:42:14 +02:00
Sebastien Larinier a77dc82c0a Update threat-actor.json 
new apt30 group
 2023-04-19 15:35:36 +02:00
Delta-Sierra ecb7e79a6e Merge https://github.com/MISP/misp-galaxy 2023-04-19 15:06:51 +02:00
Sebastien Larinier 926035633f
Merge branch 'MISP:main' into main 2023-04-19 11:55:57 +02:00
Daniel Plohmann 41afab1c06
adding Trend Micro alias Earth Smilodon for APT27 2023-04-18 20:11:57 +02:00
Delta-Sierra 6b8994271e add relationships for HALFRIG & QUATTERRIG 2023-04-18 12:20:20 +02:00
Daniel Plohmann 02e23a9a47
adding Google alias HOODOO for APT41 2023-04-17 22:32:50 +02:00
Delta-Sierra 4a4fa6d16f fix versions 2023-04-17 11:32:51 +02:00
Delta-Sierra 233a066a03 Merge https://github.com/MISP/misp-galaxy 2023-04-17 11:16:23 +02:00
Delta-Sierra d4225c5469 add some SNOWYAMBER relationships 2023-04-17 11:16:21 +02:00
Daniel Plohmann a966b3ff88
adding Trend Micro alias Earth Preta for Mustang Panda 2023-04-12 16:59:36 +02:00
Sebdraven 8713618777 Update threat-actor.json 
add new ref for sidecopy
 2023-03-23 09:13:23 +01:00
Sebdraven f5d68aa08d Update threat-actor.json 
delete ref to APT30 for Naikon
 2023-03-23 08:49:17 +01:00
Sebdraven d5843d46e2 Update threat-actor.json 
add ref to Aoqin Dragon
 2023-03-21 18:40:10 +01:00
Mathieu Beligon d82ff1ecfb [threat-actors] Add Anonymous Sudan 2023-03-15 17:38:03 -05:00
Daniel Plohmann c39b46e9d5
Update threat-actor.json 
when value "Sofacy" was changed to "APT28", it seems Sofacy was not added to aliases, so it's missing right now.
 2023-03-15 14:55:25 +01:00
Jürgen Löhel 2d30785af5
chg [threat-actors] Add TA866 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-03-08 21:44:16 -06:00
Mathieu Beligon 395ffda94f [threat-actors] bump version 2023-03-02 10:29:52 -08:00
Mathieu Beligon e1407c3c3f [threat-actors] Add SLIPPY SPIDER alias to LAPSUS 2023-03-02 10:29:29 -08:00
Mathieu Beligon 4bbee8c1e7 [threat-actors] Add PROPHET SPIDER 2023-03-02 10:19:24 -08:00
Mathieu Beligon 61cb24a3fc [threat-actors] Add Nemesis Kitten 2023-03-01 16:37:42 -08:00
Mathieu Beligon 84faa3c92b [threat-actors] Add Karakurt 2023-03-01 16:34:03 -08:00
Mathieu Beligon 7d371b4c80 [threat-actors] Add CYBORG SPIDER alias to GOCLD BURLAP 2023-03-01 15:45:41 -08:00
Mathieu Beligon fa57354471 [threat-actors] Add Chamelgang 2023-03-01 15:40:23 -08:00
Mathieu Beligon bff978e4d1 [threat-actors] Add TA453 2023-03-01 15:24:55 -08:00
Mathieu Beligon 3406ad3aa9 [threat-actors] Add APT42 2023-03-01 15:18:53 -08:00
Mathieu Beligon 2567d6f1f8 [threat-actors] Add TA406 2023-03-01 15:01:22 -08:00
Rony 50624af741 add DEV-0147 https://twitter.com/MsftSecIntel/status/1625181255754039318 2023-02-25 20:18:09 +00:00
Rony cf727f034c
add other actor synonyms from Google's report https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf 2023-02-26 01:05:50 +05:30
Alexandre Dulaunoy 6460fde2e4
chg: [threat-actor] version updated 2023-02-16 14:43:45 +01:00
Daniel Plohmann 91255413d8
adding Google names for RU threat actors 
https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/
 2023-02-16 14:30:05 +01:00
Alexandre Dulaunoy 73bd7d0983
Merge pull request #818 from Mathieu4141/threat-actors/proofpoint-aliases 
[threat actors] Adding some actors from ProofPoint
 2023-02-14 06:40:22 +01:00
Mathieu Beligon 9f09699047 [threat-actors] Fix: country was in the wrong place 2023-02-13 16:47:38 -08:00
Mathieu Beligon ac067a236e [threat-actors] fix: Add missing uuids 2023-02-13 16:36:41 -08:00
Mathieu Beligon a792115dd8 fix 2023-02-13 16:26:10 -08:00
Mathieu Beligon 8193b05e14 [threat-actors] bump version 2023-02-13 14:18:58 -08:00
Mathieu Beligon d34e894d2d [threat-actors] Add TA2536 2023-02-13 13:45:41 -08:00
Mathieu Beligon 20c31a5d10 [threat-actors] Add TA577 2023-02-13 13:32:24 -08:00
Mathieu Beligon e836a4a63c [threat-actors] Add TA575 2023-02-13 12:02:32 -08:00
Mathieu Beligon c52ac53765 [threat-actors] Add TA570 2023-02-13 11:54:47 -08:00
Mathieu Beligon 5f274f58c9 [threat-actors] Add Moskalvzapoe 2023-02-13 11:44:59 -08:00
Daniel Plohmann 62256854bc
adding Broadcom name for SaintBear. 2023-02-13 14:05:35 +01:00
Mathieu Beligon 33ff650327 [threat-actors] Add more information about NoName057(16) 2023-02-10 14:14:52 -08:00
Daniel Plohmann 9710e09e17
new APT29 name used by Recorded Future 
cf. https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf
 2023-02-02 11:46:50 +01:00
Alexandre Dulaunoy b7543c5012
Merge pull request #789 from Mathieu4141/threat-actors/fix-sectorj04 
[threat-actors] Remove SectorJ04 duplicate
 2023-01-27 15:05:37 +01:00
Mathieu Beligon a452263ace [threat-actors] pr.review: Add SectorJ04 as alias of TA505 2023-01-27 13:32:58 +01:00
Alexandre Dulaunoy e54366fb87
chg: [threat-actor] added the missing synonyms 2023-01-10 15:55:30 +01:00
Delta-Sierra 3f4edb480b add Malteiro 2022-12-16 16:43:50 +01:00
Delta-Sierra 5931f51d7a add TAG-53 2022-12-08 11:31:02 +01:00
Delta-Sierra 3ea2d62a83 Version Update 2022-11-28 16:27:54 +01:00
Delta-Sierra 6016b1000c Merge https://github.com/MISP/misp-galaxy 2022-11-28 16:17:08 +01:00
Delta-Sierra 6c36295318 Update several RAT & Ransomwares 2022-11-28 16:13:38 +01:00
Christian Studer e3126ef857
fix: [clusters] Fixed some other few `meta` field names 2022-11-24 09:17:28 +01:00
Delta-Sierra f4abf37b01 fix versions 2022-11-22 12:45:15 +01:00
Delta-Sierra c02b74f999 merge 2022-11-22 12:43:18 +01:00
Delta-Sierra 8bf6d73d66 add BazarCall campaign 2022-11-22 09:08:28 +01:00
Thomas Dupuy be7450494e Add Evasive Panda Threat Actor 2022-11-18 16:38:11 +00:00
Delta-Sierra 91d535925f version fix 2022-11-15 13:36:49 +01:00
Delta-Sierra 3837058ab1 merge 2022-11-15 12:54:03 +01:00
Delta-Sierra d020efd276 add raspberry Robin worm & others 2022-11-15 11:57:10 +01:00
Alexandre Dulaunoy b787bbeb23
Merge pull request #792 from nyx0/main 
Add RomCom TA.
 2022-11-05 07:50:20 +01:00
Alexandre Dulaunoy 3b196f8361
Merge pull request #791 from Mathieu4141/threat-actors/add-phosphorus-alias-to-apt-35 
[threat-actors] Add Phosphorus in APT35 aliases
 2022-11-05 07:49:55 +01:00
Thomas Dupuy 9ac53e5d5e Add RomCom TA. 2022-11-04 02:34:10 +00:00
Alexandre Dulaunoy 6c4da5dd55
Merge pull request #790 from Mathieu4141/threat-actors/fix-dust-storm 
[threat-actors] Remove DustStorm alias from APT10
 2022-11-03 11:35:20 +01:00
Alexandre Dulaunoy 52a6fff6a2
Merge pull request #788 from Mathieu4141/threat-actors/fix-cobalt-dickens 
[threat-actors] Remove cobalt dickens duplicate
 2022-11-03 11:27:08 +01:00
Alexandre Dulaunoy 3b4dcd6ad3
Merge pull request #787 from Mathieu4141/threat-actors/fix-subaat-duplicate 
[threat-actors] Remove subaat duplicate
 2022-11-03 11:26:21 +01:00
Mathieu Beligon 8a9dd47f8f [threat-actors] Add Phosphorus in APT35 aliases 2022-11-02 23:49:22 -07:00
Mathieu Beligon 21d4292faf [threat-actors] Remove DustStorm alias from APT10 2022-11-02 23:31:31 -07:00
Mathieu Beligon e61733591f [threat-actors] Remove SectorJ04 duplicate 2022-11-02 20:30:40 -07:00
Mathieu Beligon 9f0869097a [threat-actors] Remove cobalt dickens duplicate 2022-11-02 18:09:42 -07:00
Mathieu Beligon e3e5560e37 [threat-actors] Remove subaat duplicate 2022-11-02 17:57:47 -07:00
Mathieu Beligon 5801bbcfc1 [threat-actors] Remove Skeleton Spider duplicate 2022-11-02 17:38:07 -07:00
Delta-Sierra 355025eb5b fix metadata in wrong slot 2022-10-04 13:28:42 +02:00
Delta-Sierra e5b3062912 add Volatile Cedar synonym 2022-10-03 16:06:13 +02:00
Alexandre Dulaunoy 409c82f40c
Merge pull request #781 from Mathieu4141/threat-actors/fix-neodymium 
[threat-actors] Fix G0055 (NEODYMIUM) alias
 2022-09-30 06:39:31 +02:00
Alexandre Dulaunoy 588184bacd
Merge pull request #780 from Mathieu4141/threat-actors/fix-svmondr 
[threat-actors] Remove SVCMONDR duplicate
 2022-09-30 06:38:56 +02:00
Alexandre Dulaunoy 800006e6ab
Merge pull request #778 from Mathieu4141/threat-actors/fix-malware-reuser-duplicate 
[threat-actors] Fix Volatile Cedar and Dancing Salome conflicts
 2022-09-30 06:37:15 +02:00
Mathieu Beligon 74c6835d18 [threat-actors] Fix G0055 (NEODYMIUM) alias 2022-09-29 17:16:57 -07:00
Mathieu Beligon a740e35687 [threat-actors] Remove SVCMONDR duplicate 2022-09-29 16:11:19 -07:00
Mathieu Beligon 5994fa4160 [threat-actors] Fix Volatile Cedar and Dancing Salome conflicts 2022-09-29 14:51:38 -07:00
Mathieu Beligon 4f47e6e2d3 [threat-actors] Equation group: separate from Lamberts and add tools 2022-09-29 11:28:54 -07:00
Thomas Dupuy c66d6823a1 Add APT-Q-12 Threat Actor. 2022-09-29 02:30:41 +00:00
Alexandre Dulaunoy c3b65a2d15
chg: [threat-actor] JSON fix 2022-09-27 08:18:13 +02:00
Thomas Dupuy bfd1812cef Add Void Balaur. 2022-09-27 00:11:20 +00:00
Mathieu Beligon 22a39f4fdc [threat-actors] Add BITWISE SPIDER 2022-09-20 11:23:33 -07:00
Alexandre Dulaunoy 9b8b51fe53
Merge pull request #769 from Mathieu4141/threat-actors-add/no-name-057-06 
[threat-actors] Add NoName057(16)
 2022-09-17 07:43:42 +02:00
Alexandre Dulaunoy 2f169e4258
Merge pull request #766 from Mathieu4141/threat-actors/fix-ta505 
[threat-actors] Clean TA505 aliases
 2022-09-17 07:43:18 +02:00
Mathieu Beligon 580d2c6931 [threat-actors] Add NoName057(16) 2022-09-16 20:11:06 -06:00
Alexandre Dulaunoy 1c8d82cfcc
new: [threat-actor] hezb added 2022-09-14 11:00:33 +02:00
Mathieu Beligon e1f5d3b5d8 [threat-actors] Keep meta from old Xenotime 2022-09-13 11:40:17 -07:00
Mathieu Beligon 4ff0bdfe8e [threat-actors] Clean TA505 aliases 2022-09-13 11:34:02 -07:00
Mathieu Beligon 273c7c9b97 [threat-actors] Remove Xenotime duplicate 2022-09-12 17:10:49 -07:00
Delta-Sierra 0440db12e9 add DangerousSavanna campaign 2022-09-07 11:01:23 +02:00
Rony aea413cebf chg: [threat-actor] version bump 2022-09-01 10:32:01 +00:00
Rony db913e5ab4 fix: [threat-actor] remove duplicate entries 2022-09-01 09:53:11 +00:00
Rony 6aea5ee05c chg: [threat-actor] add Aoqin Dragon 2022-09-01 09:46:43 +00:00
Rony fb0cf3c7e5 chg: [threat-actor] miscellaneous updates 2022-09-01 09:17:31 +00:00
Daniel Plohmann d18f5bc8b6
mini-fix: adding https protocol to a reference 
in automated processing and display, this may otherwise lead to a malformed local / relative link.
 2022-08-30 17:08:03 +02:00
Rony e7178a1e08 fix: [threat-actor] remove duplicate entries from APT9 2022-08-27 12:54:32 +00:00
Rony 27300c6381 chg: [threat-actor] add avast blog to APT40 2022-08-27 12:41:31 +00:00
Rony 7f526e230b chg: [threat-actor] add Microsoft and PwC report to actors' references 2022-08-27 12:34:36 +00:00
Rony 6ad9699a38 chg: [threat-actor] add recorded future reference to RedAlpha 2022-08-27 12:10:51 +00:00
Rony 2dc138ae01 chg: [threat-actor] add Adam Kozy's testimony ro APT41 and APT26 2022-08-27 12:08:11 +00:00
Rony 0b140b7097 chg: [threat-actor] miscellaneous updates including merge of some actors and fix the error committed in 9cfcc0d9ac 2022-08-27 11:58:03 +00:00
Alexandre Dulaunoy 8bea9f3b4b
Merge pull request #755 from Mathieu4141/threat-actors/fix-winnti 
[threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts
 2022-08-27 08:25:20 +02:00
Mathieu Béligon 9cfcc0d9ac
Add aliases to APT41 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-26 14:54:02 -07:00
Mathieu Beligon 6e00329ba6 [threat-actors] Fix aliases 2022-08-26 11:09:29 -07:00
Mathieu Beligon 9b714dcd76 [threat-actors] Merge Axiom into APT17 2022-08-25 13:49:07 -07:00
Alexandre Dulaunoy 9efca4c41b
fix: [threat-actor] UUID reused fixed (UUIDs cannot be reused across different cluster) 
Add the missing the relationship for the new UUID
 2022-08-21 09:17:56 +02:00
Rony 5b42a09dc2 add PARINACOTA to threat-actor.json 
MSTIC names digital crime actors based on global volcanoes
 2022-08-20 17:10:15 +00:00
Alexandre Dulaunoy 6b137ea12c
Merge pull request #749 from Mathieu4141/threat-actors/fix-naikon-cluster 
[threat actors] Fix threat actors related to Lotus Panda
 2022-08-20 11:46:15 +02:00
Mathieu Beligon 7f82616c10 fix axiom related field 2022-08-19 12:48:40 -07:00
Mathieu Beligon 969f461709 merge into apt41 2022-08-19 12:45:47 -07:00
Mathieu Beligon fd9201e9e0 Merge APT22 and suckfly 2022-08-19 12:16:30 -07:00
Mathieu Beligon 768c94671c Fix hellsing ref 2022-08-19 11:34:16 -07:00
Alexandre Dulaunoy a8b234d694
Merge pull request #753 from Mathieu4141/threat-actors/fix-bronze-president 
[threat-actors] Remove duplicated BRONZE PRESIDENT entity
 2022-08-19 06:26:11 +02:00
Mathieu Béligon fcd6faec78
Capitalize override panda alias 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-18 20:51:03 -07:00
Mathieu Béligon 54f3ef2831
capitalize lotus panda alias 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-18 20:50:32 -07:00
Mathieu Béligon c9b11553eb
normalize APT30 alias 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-18 20:32:44 -07:00
Mathieu Beligon c1abedb446 Move Lotus Panda alias to Lotus Blossom 2022-08-18 20:21:31 -07:00
Mathieu Beligon a61ef2a88f [threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts 2022-08-18 17:03:26 -07:00
Mathieu Beligon 1acc51a7a6 [threat-actors] Add more data about APT-C-27 2022-08-18 15:44:18 -07:00
Mathieu Beligon ec988c97d0 [threat-actors] Remove duplicated APT-C-27 2022-08-18 15:34:08 -07:00
Mathieu Beligon d9046c8619 [threat-actors] Remove duplicated BRONZE PRESIDENT entity 2022-08-18 15:12:18 -07:00
Mathieu Beligon a046e8094d Merge APT30 and Naikon 2022-08-18 11:36:45 -07:00
Mathieu Beligon 5e4a4c3453 Merge branch 'main' into threat-actors/fix-naikon-cluster 2022-08-18 09:01:36 -07:00
Mathieu Beligon 264e764dfa Remove ATK34 alias 2022-08-18 08:59:04 -07:00
Delta-Sierra 3f036db1e3 add TA558 2022-08-18 15:54:28 +02:00
Mathieu Beligon 71e3e1f3eb Fix ATK aliases 2022-08-17 13:39:43 -07:00
Mathieu Beligon a6242d4732 Merge branch 'main' into threat-actors/fix-naikon-cluster 2022-08-17 13:37:01 -07:00
Mathieu Beligon 0d6399aa2b Add ATK78 alias for Thrip 2022-08-17 12:04:32 -07:00
Mathieu Beligon 53282255ce Branch out Goblin Panda from Hellsing 2022-08-17 11:55:35 -07:00
Mathieu Beligon 3f50cf0175 Create a tool for Esile 2022-08-17 11:19:30 -07:00
Rony ccd10b54f4
remove duplicate reference 2022-08-17 12:49:56 +05:30
Rony 0cec882cc5 merge microcin/sixlittlemonkeys to vicious panda 2022-08-17 07:06:51 +00:00
Alexandre Dulaunoy a373909bb1
Merge pull request #748 from r0ny123/patch-2 
Update threat-actor.json
 2022-08-17 07:44:46 +02:00
Alexandre Dulaunoy 352998a84d
fix: [threat-actor] add missing refs for APT33 including CFR link 2022-08-17 07:40:23 +02:00
Mathieu Beligon d05b29c1af [threat-actors] Remove duplicate APT33 2022-08-16 17:15:30 -07:00
Mathieu Beligon 9c6f106928 [threat actor] Fix aliases related to Lotus Panda 2022-08-16 16:58:35 -07:00
Rony 5b25b574b3 add uac-0010 references from cert-ua 2022-08-16 10:19:53 +00:00
Rony 370045b01d Merge "red october" and "cloud atlas" to inception framework" 2022-08-16 09:30:29 +00:00
Rony 62b168600f
fix duplicates 2022-08-16 12:15:30 +05:30
Rony 490bc6a05c
fix duplicate 2022-08-16 12:10:27 +05:30
Rony bbe84c5985
updates to russian actors 2022-08-16 12:07:59 +05:30
Rony de76aef023
Update threat-actor.json 2022-08-16 10:49:13 +05:30
Rony f4b63d4514
updates to tianwu 2022-08-16 10:30:33 +05:30
Alexandre Dulaunoy 96d31aa8c7
chg: [threat-actor] jq all the things 2022-08-11 17:50:00 +02:00
Thomas Dupuy ed24dcaf19 Add link for SLIME29. 2022-08-11 15:41:01 +00:00
Thomas Dupuy 912050b9b7 Update commit based on feeback. 2022-08-11 15:20:32 +00:00
Thomas Dupuy 6e0df72ef4 Add Threat Actors from BH Asia22 prez. 2022-08-10 18:53:38 +00:00
Daniel Plohmann bdaadea58e
removing a leading double quote in a URL. 2022-08-02 18:17:58 +02:00
Daniel Plohmann bc20a463c8
merging TG2003 / Elephant Beetle into FIN13 
as indicated in the respective resources published by the organizations using these aliases.
 2022-08-02 14:11:43 +02:00
Alexandre Dulaunoy 6427746ad8
Merge pull request #727 from Mathieu4141/threat-actors/merge-cutting-kitten-cleaver 
Fix Cleaver aliases
 2022-07-27 23:17:42 +02:00
Alexandre Dulaunoy 63f5122ad4
Merge pull request #742 from r0ny123/patch-1 
Update threat-actor.json
 2022-07-27 18:56:47 +02:00
Mathieu Beligon 51aacd6b03 Reduce diff with old version 2022-07-26 23:53:22 -07:00
Mathieu Beligon acc6ada575 r0ny123.review: Use Cutting Kitten as main value for ITSecTeam 2022-07-26 23:27:39 -07:00
Mathieu Beligon d815bfa174 Merge remote-tracking branch 'upstream/main' into threat-actors/merge-cutting-kitten-cleaver 2022-07-26 23:22:03 -07:00
Daniel Plohmann 26f6a33695
more aliases from Unit 42 2022-07-26 11:09:33 +02:00
Rony 5a7f3a7207
fix 2022-07-25 17:17:52 +05:30
Rony 8ce0df6eb4
Update threat-actor.json 
Merge aquatic panda & earth lusca
 2022-07-25 17:15:23 +05:30
Alexandre Dulaunoy 6b6398bf2d
fix: [threat-actor] incorrect merge fixed 2022-07-20 18:45:50 +02:00
Alexandre Dulaunoy b4ce9a9453
Merge branch 'main' of https://github.com/r0ny123/misp-galaxy into r0ny123-main 2022-07-20 18:41:27 +02:00
Rony add6b27466 update 2022-07-20 21:39:33 +05:30
Rony 2b54df56f9 update 2022-07-20 21:32:11 +05:30
Rony 2e045d9c8c chg: [fix] resolve conflict 2022-07-20 21:28:15 +05:30
Daniel Plohmann 5825783a85
removed duplicate UUID for Kinsing 
my apologies, looks like I had not rolled a new UUID for one of the entries added...
 2022-07-20 17:07:05 +02:00
Rony 932fcf1871 added Red Nue 2022-07-20 15:07:35 +05:30
Rony 082039b3b0 added CN actors from secureworks threat profile 
https://www.secureworks.com/research/threat-profiles?filter=item-china and fixed some AKAs
 2022-07-20 14:52:58 +05:30
Daniel Plohmann ed32c508b7
added more Unit 42 aliases / groups 2022-07-20 08:38:03 +02:00
Rony 000bfe92d9 add APT9/Red Pegasus & BRONZE EDGEWOOD/Red Hariasa 2022-07-20 10:04:58 +05:30
Rony 2e8a577b0c add PwC naming to CN actors 2022-07-20 09:45:21 +05:30
Rony 3fabd58416 chg: [threat-actor] fixed 2022-07-19 23:36:30 +05:30
Rony 79c84d3768 add Earth Berberoka, Earth Lusca and Earth Wendigo 2022-07-19 22:42:50 +05:30
Daniel Plohmann 082d506b64
adding new Unit 42 names 
First PR: those are the directly mappable names. I will follow up after deconfliction and then with a few new entries.
 2022-07-19 08:45:09 +02:00
Daniel Plohmann 240a757826
Update threat-actor.json 
adding Predatory Sparrow due to recent events.
 2022-07-13 10:02:07 +02:00
Thomas Dupuy 90da0d798f Set country to LB instead of IR based on operational activity. 2022-07-12 16:21:41 +00:00
Thomas Dupuy 1a8835bcae Remove list from POLONIUM TA. 2022-07-12 13:11:11 +00:00