MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity
3,208 Commits
3 Branches
43 Tags
294 MiB
Commit Graph

929 Commits (409363267412188bc30ee15fd650ef9ceef22022)

Author SHA1 Message Date
Jürgen Löhel 15297c7b5f
chg [threat-actors] Add RedGolf 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-04-24 16:59:18 -06:00
Christophe Vandeplas 79b80b0869
chg: [rels] more threat actor relations 2023-04-23 17:54:58 +02:00
Christophe Vandeplas 3c6c204f01
chg: [rels] more threat actor relations 2023-04-23 17:45:58 +02:00
Christophe Vandeplas 138c7c7ba8
chg: [rels] more relations on cluster "value" 2023-04-23 17:36:02 +02:00
Christophe Vandeplas bf7c5f1dd9
chg: [rels] threat-actor & MS activity group - on synonym 2023-04-23 11:56:41 +02:00
Christophe Vandeplas a5e7e0c95f
chg: [rels] threat-actor & MS activity group - on value 2023-04-23 11:55:57 +02:00
Sebastien Larinier 862badf2c9 Update threat-actor.json 2023-04-19 17:41:44 +02:00
Sebastien Larinier 1c751b1ea8 Update threat-actor.json 2023-04-19 17:34:50 +02:00
Sebastien Larinier 165ce70a28
Merge branch 'MISP:main' into main 2023-04-19 16:48:02 +02:00
Sebastien Larinier 87ef0a400e Update threat-actor.json 2023-04-19 15:42:14 +02:00
Sebastien Larinier a77dc82c0a Update threat-actor.json 
new apt30 group
 2023-04-19 15:35:36 +02:00
Delta-Sierra ecb7e79a6e Merge https://github.com/MISP/misp-galaxy 2023-04-19 15:06:51 +02:00
Sebastien Larinier 926035633f
Merge branch 'MISP:main' into main 2023-04-19 11:55:57 +02:00
Daniel Plohmann 41afab1c06
adding Trend Micro alias Earth Smilodon for APT27 2023-04-18 20:11:57 +02:00
Delta-Sierra 6b8994271e add relationships for HALFRIG & QUATTERRIG 2023-04-18 12:20:20 +02:00
Daniel Plohmann 02e23a9a47
adding Google alias HOODOO for APT41 2023-04-17 22:32:50 +02:00
Delta-Sierra 4a4fa6d16f fix versions 2023-04-17 11:32:51 +02:00
Delta-Sierra 233a066a03 Merge https://github.com/MISP/misp-galaxy 2023-04-17 11:16:23 +02:00
Delta-Sierra d4225c5469 add some SNOWYAMBER relationships 2023-04-17 11:16:21 +02:00
Daniel Plohmann a966b3ff88
adding Trend Micro alias Earth Preta for Mustang Panda 2023-04-12 16:59:36 +02:00
Sebdraven 8713618777 Update threat-actor.json 
add new ref for sidecopy
 2023-03-23 09:13:23 +01:00
Sebdraven f5d68aa08d Update threat-actor.json 
delete ref to APT30 for Naikon
 2023-03-23 08:49:17 +01:00
Sebdraven d5843d46e2 Update threat-actor.json 
add ref to Aoqin Dragon
 2023-03-21 18:40:10 +01:00
Mathieu Beligon d82ff1ecfb [threat-actors] Add Anonymous Sudan 2023-03-15 17:38:03 -05:00
Daniel Plohmann c39b46e9d5
Update threat-actor.json 
when value "Sofacy" was changed to "APT28", it seems Sofacy was not added to aliases, so it's missing right now.
 2023-03-15 14:55:25 +01:00
Jürgen Löhel 2d30785af5
chg [threat-actors] Add TA866 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-03-08 21:44:16 -06:00
Mathieu Beligon 395ffda94f [threat-actors] bump version 2023-03-02 10:29:52 -08:00
Mathieu Beligon e1407c3c3f [threat-actors] Add SLIPPY SPIDER alias to LAPSUS 2023-03-02 10:29:29 -08:00
Mathieu Beligon 4bbee8c1e7 [threat-actors] Add PROPHET SPIDER 2023-03-02 10:19:24 -08:00
Mathieu Beligon 61cb24a3fc [threat-actors] Add Nemesis Kitten 2023-03-01 16:37:42 -08:00
Mathieu Beligon 84faa3c92b [threat-actors] Add Karakurt 2023-03-01 16:34:03 -08:00
Mathieu Beligon 7d371b4c80 [threat-actors] Add CYBORG SPIDER alias to GOCLD BURLAP 2023-03-01 15:45:41 -08:00
Mathieu Beligon fa57354471 [threat-actors] Add Chamelgang 2023-03-01 15:40:23 -08:00
Mathieu Beligon bff978e4d1 [threat-actors] Add TA453 2023-03-01 15:24:55 -08:00
Mathieu Beligon 3406ad3aa9 [threat-actors] Add APT42 2023-03-01 15:18:53 -08:00
Mathieu Beligon 2567d6f1f8 [threat-actors] Add TA406 2023-03-01 15:01:22 -08:00
Rony 50624af741 add DEV-0147 https://twitter.com/MsftSecIntel/status/1625181255754039318 2023-02-25 20:18:09 +00:00
Rony cf727f034c
add other actor synonyms from Google's report https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf 2023-02-26 01:05:50 +05:30
Alexandre Dulaunoy 6460fde2e4
chg: [threat-actor] version updated 2023-02-16 14:43:45 +01:00
Daniel Plohmann 91255413d8
adding Google names for RU threat actors 
https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/
 2023-02-16 14:30:05 +01:00
Alexandre Dulaunoy 73bd7d0983
Merge pull request #818 from Mathieu4141/threat-actors/proofpoint-aliases 
[threat actors] Adding some actors from ProofPoint
 2023-02-14 06:40:22 +01:00
Mathieu Beligon 9f09699047 [threat-actors] Fix: country was in the wrong place 2023-02-13 16:47:38 -08:00
Mathieu Beligon ac067a236e [threat-actors] fix: Add missing uuids 2023-02-13 16:36:41 -08:00
Mathieu Beligon a792115dd8 fix 2023-02-13 16:26:10 -08:00
Mathieu Beligon 8193b05e14 [threat-actors] bump version 2023-02-13 14:18:58 -08:00
Mathieu Beligon d34e894d2d [threat-actors] Add TA2536 2023-02-13 13:45:41 -08:00
Mathieu Beligon 20c31a5d10 [threat-actors] Add TA577 2023-02-13 13:32:24 -08:00
Mathieu Beligon e836a4a63c [threat-actors] Add TA575 2023-02-13 12:02:32 -08:00
Mathieu Beligon c52ac53765 [threat-actors] Add TA570 2023-02-13 11:54:47 -08:00
Mathieu Beligon 5f274f58c9 [threat-actors] Add Moskalvzapoe 2023-02-13 11:44:59 -08:00
Daniel Plohmann 62256854bc
adding Broadcom name for SaintBear. 2023-02-13 14:05:35 +01:00
Mathieu Beligon 33ff650327 [threat-actors] Add more information about NoName057(16) 2023-02-10 14:14:52 -08:00
Daniel Plohmann 9710e09e17
new APT29 name used by Recorded Future 
cf. https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf
 2023-02-02 11:46:50 +01:00
Alexandre Dulaunoy b7543c5012
Merge pull request #789 from Mathieu4141/threat-actors/fix-sectorj04 
[threat-actors] Remove SectorJ04 duplicate
 2023-01-27 15:05:37 +01:00
Mathieu Beligon a452263ace [threat-actors] pr.review: Add SectorJ04 as alias of TA505 2023-01-27 13:32:58 +01:00
Alexandre Dulaunoy e54366fb87
chg: [threat-actor] added the missing synonyms 2023-01-10 15:55:30 +01:00
Delta-Sierra 3f4edb480b add Malteiro 2022-12-16 16:43:50 +01:00
Delta-Sierra 5931f51d7a add TAG-53 2022-12-08 11:31:02 +01:00
Delta-Sierra 3ea2d62a83 Version Update 2022-11-28 16:27:54 +01:00
Delta-Sierra 6016b1000c Merge https://github.com/MISP/misp-galaxy 2022-11-28 16:17:08 +01:00
Delta-Sierra 6c36295318 Update several RAT & Ransomwares 2022-11-28 16:13:38 +01:00
Christian Studer e3126ef857
fix: [clusters] Fixed some other few `meta` field names 2022-11-24 09:17:28 +01:00
Delta-Sierra f4abf37b01 fix versions 2022-11-22 12:45:15 +01:00
Delta-Sierra c02b74f999 merge 2022-11-22 12:43:18 +01:00
Delta-Sierra 8bf6d73d66 add BazarCall campaign 2022-11-22 09:08:28 +01:00
Thomas Dupuy be7450494e Add Evasive Panda Threat Actor 2022-11-18 16:38:11 +00:00
Delta-Sierra 91d535925f version fix 2022-11-15 13:36:49 +01:00
Delta-Sierra 3837058ab1 merge 2022-11-15 12:54:03 +01:00
Delta-Sierra d020efd276 add raspberry Robin worm & others 2022-11-15 11:57:10 +01:00
Alexandre Dulaunoy b787bbeb23
Merge pull request #792 from nyx0/main 
Add RomCom TA.
 2022-11-05 07:50:20 +01:00
Alexandre Dulaunoy 3b196f8361
Merge pull request #791 from Mathieu4141/threat-actors/add-phosphorus-alias-to-apt-35 
[threat-actors] Add Phosphorus in APT35 aliases
 2022-11-05 07:49:55 +01:00
Thomas Dupuy 9ac53e5d5e Add RomCom TA. 2022-11-04 02:34:10 +00:00
Alexandre Dulaunoy 6c4da5dd55
Merge pull request #790 from Mathieu4141/threat-actors/fix-dust-storm 
[threat-actors] Remove DustStorm alias from APT10
 2022-11-03 11:35:20 +01:00
Alexandre Dulaunoy 52a6fff6a2
Merge pull request #788 from Mathieu4141/threat-actors/fix-cobalt-dickens 
[threat-actors] Remove cobalt dickens duplicate
 2022-11-03 11:27:08 +01:00
Alexandre Dulaunoy 3b4dcd6ad3
Merge pull request #787 from Mathieu4141/threat-actors/fix-subaat-duplicate 
[threat-actors] Remove subaat duplicate
 2022-11-03 11:26:21 +01:00
Mathieu Beligon 8a9dd47f8f [threat-actors] Add Phosphorus in APT35 aliases 2022-11-02 23:49:22 -07:00
Mathieu Beligon 21d4292faf [threat-actors] Remove DustStorm alias from APT10 2022-11-02 23:31:31 -07:00
Mathieu Beligon e61733591f [threat-actors] Remove SectorJ04 duplicate 2022-11-02 20:30:40 -07:00
Mathieu Beligon 9f0869097a [threat-actors] Remove cobalt dickens duplicate 2022-11-02 18:09:42 -07:00
Mathieu Beligon e3e5560e37 [threat-actors] Remove subaat duplicate 2022-11-02 17:57:47 -07:00
Mathieu Beligon 5801bbcfc1 [threat-actors] Remove Skeleton Spider duplicate 2022-11-02 17:38:07 -07:00
Delta-Sierra 355025eb5b fix metadata in wrong slot 2022-10-04 13:28:42 +02:00
Delta-Sierra e5b3062912 add Volatile Cedar synonym 2022-10-03 16:06:13 +02:00
Alexandre Dulaunoy 409c82f40c
Merge pull request #781 from Mathieu4141/threat-actors/fix-neodymium 
[threat-actors] Fix G0055 (NEODYMIUM) alias
 2022-09-30 06:39:31 +02:00
Alexandre Dulaunoy 588184bacd
Merge pull request #780 from Mathieu4141/threat-actors/fix-svmondr 
[threat-actors] Remove SVCMONDR duplicate
 2022-09-30 06:38:56 +02:00
Alexandre Dulaunoy 800006e6ab
Merge pull request #778 from Mathieu4141/threat-actors/fix-malware-reuser-duplicate 
[threat-actors] Fix Volatile Cedar and Dancing Salome conflicts
 2022-09-30 06:37:15 +02:00
Mathieu Beligon 74c6835d18 [threat-actors] Fix G0055 (NEODYMIUM) alias 2022-09-29 17:16:57 -07:00
Mathieu Beligon a740e35687 [threat-actors] Remove SVCMONDR duplicate 2022-09-29 16:11:19 -07:00
Mathieu Beligon 5994fa4160 [threat-actors] Fix Volatile Cedar and Dancing Salome conflicts 2022-09-29 14:51:38 -07:00
Mathieu Beligon 4f47e6e2d3 [threat-actors] Equation group: separate from Lamberts and add tools 2022-09-29 11:28:54 -07:00
Thomas Dupuy c66d6823a1 Add APT-Q-12 Threat Actor. 2022-09-29 02:30:41 +00:00
Alexandre Dulaunoy c3b65a2d15
chg: [threat-actor] JSON fix 2022-09-27 08:18:13 +02:00
Thomas Dupuy bfd1812cef Add Void Balaur. 2022-09-27 00:11:20 +00:00
Mathieu Beligon 22a39f4fdc [threat-actors] Add BITWISE SPIDER 2022-09-20 11:23:33 -07:00
Alexandre Dulaunoy 9b8b51fe53
Merge pull request #769 from Mathieu4141/threat-actors-add/no-name-057-06 
[threat-actors] Add NoName057(16)
 2022-09-17 07:43:42 +02:00
Alexandre Dulaunoy 2f169e4258
Merge pull request #766 from Mathieu4141/threat-actors/fix-ta505 
[threat-actors] Clean TA505 aliases
 2022-09-17 07:43:18 +02:00
Mathieu Beligon 580d2c6931 [threat-actors] Add NoName057(16) 2022-09-16 20:11:06 -06:00
Alexandre Dulaunoy 1c8d82cfcc
new: [threat-actor] hezb added 2022-09-14 11:00:33 +02:00
Mathieu Beligon e1f5d3b5d8 [threat-actors] Keep meta from old Xenotime 2022-09-13 11:40:17 -07:00
Mathieu Beligon 4ff0bdfe8e [threat-actors] Clean TA505 aliases 2022-09-13 11:34:02 -07:00
Mathieu Beligon 273c7c9b97 [threat-actors] Remove Xenotime duplicate 2022-09-12 17:10:49 -07:00
Delta-Sierra 0440db12e9 add DangerousSavanna campaign 2022-09-07 11:01:23 +02:00
Rony aea413cebf chg: [threat-actor] version bump 2022-09-01 10:32:01 +00:00
Rony db913e5ab4 fix: [threat-actor] remove duplicate entries 2022-09-01 09:53:11 +00:00
Rony 6aea5ee05c chg: [threat-actor] add Aoqin Dragon 2022-09-01 09:46:43 +00:00
Rony fb0cf3c7e5 chg: [threat-actor] miscellaneous updates 2022-09-01 09:17:31 +00:00
Daniel Plohmann d18f5bc8b6
mini-fix: adding https protocol to a reference 
in automated processing and display, this may otherwise lead to a malformed local / relative link.
 2022-08-30 17:08:03 +02:00
Rony e7178a1e08 fix: [threat-actor] remove duplicate entries from APT9 2022-08-27 12:54:32 +00:00
Rony 27300c6381 chg: [threat-actor] add avast blog to APT40 2022-08-27 12:41:31 +00:00
Rony 7f526e230b chg: [threat-actor] add Microsoft and PwC report to actors' references 2022-08-27 12:34:36 +00:00
Rony 6ad9699a38 chg: [threat-actor] add recorded future reference to RedAlpha 2022-08-27 12:10:51 +00:00
Rony 2dc138ae01 chg: [threat-actor] add Adam Kozy's testimony ro APT41 and APT26 2022-08-27 12:08:11 +00:00
Rony 0b140b7097 chg: [threat-actor] miscellaneous updates including merge of some actors and fix the error committed in 9cfcc0d9ac 2022-08-27 11:58:03 +00:00
Alexandre Dulaunoy 8bea9f3b4b
Merge pull request #755 from Mathieu4141/threat-actors/fix-winnti 
[threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts
 2022-08-27 08:25:20 +02:00
Mathieu Béligon 9cfcc0d9ac
Add aliases to APT41 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-26 14:54:02 -07:00
Mathieu Beligon 6e00329ba6 [threat-actors] Fix aliases 2022-08-26 11:09:29 -07:00
Mathieu Beligon 9b714dcd76 [threat-actors] Merge Axiom into APT17 2022-08-25 13:49:07 -07:00
Alexandre Dulaunoy 9efca4c41b
fix: [threat-actor] UUID reused fixed (UUIDs cannot be reused across different cluster) 
Add the missing the relationship for the new UUID
 2022-08-21 09:17:56 +02:00
Rony 5b42a09dc2 add PARINACOTA to threat-actor.json 
MSTIC names digital crime actors based on global volcanoes
 2022-08-20 17:10:15 +00:00
Alexandre Dulaunoy 6b137ea12c
Merge pull request #749 from Mathieu4141/threat-actors/fix-naikon-cluster 
[threat actors] Fix threat actors related to Lotus Panda
 2022-08-20 11:46:15 +02:00
Mathieu Beligon 7f82616c10 fix axiom related field 2022-08-19 12:48:40 -07:00
Mathieu Beligon 969f461709 merge into apt41 2022-08-19 12:45:47 -07:00
Mathieu Beligon fd9201e9e0 Merge APT22 and suckfly 2022-08-19 12:16:30 -07:00
Mathieu Beligon 768c94671c Fix hellsing ref 2022-08-19 11:34:16 -07:00
Alexandre Dulaunoy a8b234d694
Merge pull request #753 from Mathieu4141/threat-actors/fix-bronze-president 
[threat-actors] Remove duplicated BRONZE PRESIDENT entity
 2022-08-19 06:26:11 +02:00
Mathieu Béligon fcd6faec78
Capitalize override panda alias 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-18 20:51:03 -07:00
Mathieu Béligon 54f3ef2831
capitalize lotus panda alias 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-18 20:50:32 -07:00
Mathieu Béligon c9b11553eb
normalize APT30 alias 
Co-authored-by: Rony <rony_123@protonmail.ch>
 2022-08-18 20:32:44 -07:00
Mathieu Beligon c1abedb446 Move Lotus Panda alias to Lotus Blossom 2022-08-18 20:21:31 -07:00
Mathieu Beligon a61ef2a88f [threat-actors] Fix Axiom/Winnti/Suckfly/APT41 conflicts 2022-08-18 17:03:26 -07:00
Mathieu Beligon 1acc51a7a6 [threat-actors] Add more data about APT-C-27 2022-08-18 15:44:18 -07:00
Mathieu Beligon ec988c97d0 [threat-actors] Remove duplicated APT-C-27 2022-08-18 15:34:08 -07:00
Mathieu Beligon d9046c8619 [threat-actors] Remove duplicated BRONZE PRESIDENT entity 2022-08-18 15:12:18 -07:00
Mathieu Beligon a046e8094d Merge APT30 and Naikon 2022-08-18 11:36:45 -07:00
Mathieu Beligon 5e4a4c3453 Merge branch 'main' into threat-actors/fix-naikon-cluster 2022-08-18 09:01:36 -07:00
Mathieu Beligon 264e764dfa Remove ATK34 alias 2022-08-18 08:59:04 -07:00
Delta-Sierra 3f036db1e3 add TA558 2022-08-18 15:54:28 +02:00
Mathieu Beligon 71e3e1f3eb Fix ATK aliases 2022-08-17 13:39:43 -07:00
Mathieu Beligon a6242d4732 Merge branch 'main' into threat-actors/fix-naikon-cluster 2022-08-17 13:37:01 -07:00
Mathieu Beligon 0d6399aa2b Add ATK78 alias for Thrip 2022-08-17 12:04:32 -07:00
Mathieu Beligon 53282255ce Branch out Goblin Panda from Hellsing 2022-08-17 11:55:35 -07:00
Mathieu Beligon 3f50cf0175 Create a tool for Esile 2022-08-17 11:19:30 -07:00
Rony ccd10b54f4
remove duplicate reference 2022-08-17 12:49:56 +05:30
Rony 0cec882cc5 merge microcin/sixlittlemonkeys to vicious panda 2022-08-17 07:06:51 +00:00
Alexandre Dulaunoy a373909bb1
Merge pull request #748 from r0ny123/patch-2 
Update threat-actor.json
 2022-08-17 07:44:46 +02:00
Alexandre Dulaunoy 352998a84d
fix: [threat-actor] add missing refs for APT33 including CFR link 2022-08-17 07:40:23 +02:00
Mathieu Beligon d05b29c1af [threat-actors] Remove duplicate APT33 2022-08-16 17:15:30 -07:00
Mathieu Beligon 9c6f106928 [threat actor] Fix aliases related to Lotus Panda 2022-08-16 16:58:35 -07:00
Rony 5b25b574b3 add uac-0010 references from cert-ua 2022-08-16 10:19:53 +00:00
Rony 370045b01d Merge "red october" and "cloud atlas" to inception framework" 2022-08-16 09:30:29 +00:00