Commit Graph

1361 Commits (5363e63cae6c55e280c5aef088b7ce51079517f4)

Author SHA1 Message Date
StefanKelm 92bc206879
Update threat-actor.json
APT30
2020-06-23 14:54:09 +02:00
StefanKelm 583f1d2fc2
Update threat-actor.json
TA505
2020-06-17 11:56:29 +02:00
Alexandre Dulaunoy 0cb36249a4
chg: [jq] all the things 2020-06-12 09:26:30 +02:00
Rony 29be5ac7e1
fixed typo! 2020-06-12 00:09:59 +05:30
Rony 9365bfb7cd
Adding GALLIUM Threat Actor 2020-06-11 23:42:35 +05:30
StefanKelm f042f98247
Update threat-actor.json
Higaisa
2020-06-08 14:09:39 +02:00
StefanKelm 9c25d5e8c5
Update threat-actor.json
Cycldek
2020-06-04 17:18:45 +02:00
Alexandre Dulaunoy 3867b1f602
Merge pull request #552 from danielplohmann/reference-fixes
Reference fixes
2020-05-29 09:26:05 +02:00
Alexandre Dulaunoy 2a074f23fd
chg: [preventive-measure] packet filtering added 2020-05-27 10:02:16 +02:00
Daniel Plohmann (jupiter) a705d1402f fixing deadlinks where possible 2020-05-27 09:49:58 +02:00
Daniel Plohmann (jupiter) 171f272a1e default to HTTPS to be consistent with other links to same page 2020-05-27 09:27:52 +02:00
Alexandre Dulaunoy 8a0a4cb02d
Merge pull request #551 from nyx0/master
Add CrackMapExec, metasploit, Cobalt Strike and Covenant
2020-05-27 09:10:08 +02:00
Thomas Dupuy 291fb41502 Remove duplicate TA (Chafer), fix symantec link, add synonyme for DarkHotel 2020-05-26 09:50:43 -04:00
Thomas Dupuy 143bd521be Add CrackMapExec, metasploit, Cobalt Strike and Covenant 2020-05-26 09:35:01 -04:00
Rony fbd351590a
Update threat-actor.json 2020-05-24 23:18:54 +05:30
Rony 5f8094d16f
fix 2020-05-24 23:14:43 +05:30
Alexandre Dulaunoy b5bbc34f5d
chg: [threat-actor] remove the non-unique elements 2020-05-22 14:01:32 +02:00
Nils Kuhnert fbfe9d23c3
Merged (most) SecureWorks threat actor profiles && jq 2020-05-22 13:45:29 +02:00
iglocska dee9a56460
fix: small fixes to the bhadra framework 2020-05-19 16:45:40 +02:00
iglocska 43703f1a96
new: added Bhadra framework for mobile attacks
- based on the paper published here: https://arxiv.org/pdf/2005.05110.pdf
- thanks to the ATT&CK EU community conference speakers highlighting this framework!
2020-05-19 16:34:59 +02:00
Alexandre Dulaunoy 006b61bc44
Merge pull request #547 from Delta-Sierra/master
add Snake Ransomware
2020-05-15 17:55:47 +02:00
Deborah Servili b943a7daca
fix missing description 2020-05-15 09:00:34 +02:00
Deborah Servili 6d6da39da4
add Snake Ransomware 2020-05-13 11:58:33 +02:00
Daniel Plohmann 5101c5a828
msft name: BORON for APT3
as per tweet: https://twitter.com/bkMSFT/status/1259578051962306562
2020-05-11 15:37:38 +02:00
Alexandre Dulaunoy 09429eda5a
chg: [ta] fix the JSON 2020-05-11 10:20:10 +02:00
Thomas Dupuy fc9505cadf Add Sednit's Exploit-kit Sedkit 2020-05-08 13:29:14 -04:00
Thomas Dupuy 69fe870803 Add Higaisa Threat Actor 2020-05-08 13:01:48 -04:00
Deborah Servili 1d331a9ab1
Merge branch 'master' into master 2020-04-28 15:19:38 +02:00
Thomas Dupuy 46a6d9fcb1 Add DenesRAT/METALJACK 2020-04-28 01:08:50 -04:00
Alexandre Dulaunoy 2a70893352
chg: [jq] JSON fixed 2020-04-27 15:03:25 +02:00
de Rosen a428ad565e Added misp info 2020-04-27 15:16:33 +03:00
Deborah Servili f6fd07fbc9
add speculoos bakdoor 2020-04-27 09:36:23 +02:00
Alexandre Dulaunoy 86157a6b96
Merge pull request #539 from r0ny123/MergingTA
Adding alias Thallium and merging STOLEN PENCIL
2020-04-26 21:16:56 +02:00
Rony 112f9e4a08
Adding alias Thallium and merging STOLEN PENCIL
Pretty much confirmed from the crowdstrike talk at ATT&CKon 2.0.
And also Netscout named the campaign as STOLEN PENCIL.
2020-04-26 23:47:37 +05:30
Alexandre Dulaunoy de71a444f8
chg: [json] add missing comma 2020-04-26 14:23:59 +02:00
rvs1st d449eb94fc
Update threat-actor.json
Added on line 1403: Trident per campaign malicious RTF documents to exploit CVE-2017-11882 and CVE-2012-0158
2020-04-24 09:03:58 -05:00
Alexandre Dulaunoy 4234d44052
Merge pull request #537 from danielplohmann/patch-28
Adding Nazar APT as described by JAGS in his OPCDE talk yesterday.
2020-04-24 15:33:47 +02:00
Daniel Plohmann 858621ebdc
Adding Nazar APT as described by JAGS in his OPCDE talk yesterday. 2020-04-23 15:47:35 +02:00
Daniel Plohmann b0f0bbae33
adding VOYEUR as alias (used by NSA) for MAGIC KITTEN (source reference included) 2020-04-23 14:52:08 +02:00
Deborah Servili 6b49d81b13 Merge branch 'master' of https://github.com/MISP/misp-galaxy 2020-04-23 10:06:04 +02:00
itayc0hen 667d5b8850 Add ItaDuke/DarkUniverse actor 2020-04-22 19:44:38 +03:00
pnx@pyrite 974ece3a7c adding FIN1 2020-04-20 14:20:22 +02:00
Rony aa34775390
typo
thanks to @patricksvgr
2020-04-19 23:17:44 +05:30
Rony ddfa280672
Update threat-actor.json 2020-04-19 23:06:57 +05:30
Rony 7ac2648dbc
more fix 2020-04-19 23:00:42 +05:30
Rony 573b4807ee
fix broken links 2020-04-19 16:03:21 +05:30
Rony 42a4820823
dead link 2020-04-19 11:45:45 +05:30
Rony 0aa34187e9
add link 2020-04-19 11:29:36 +05:30
Rony d6bf42254f
Merging APT23 & Tropic Trooper 2020-04-18 13:22:25 +05:30
Rony c161080175
Update threat-actor.json 2020-04-15 21:36:48 +05:30