Thomas Patzke
26f0c344a1
Added O365 techniques
...
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
2021-09-18 23:27:38 +02:00
Jakub Onderka
ca9608da6d
fix: Cryptominers type
2021-03-27 22:07:33 +01:00
Alexandre Dulaunoy
38a0d2d32d
chg: [rsit] rsit as galaxy name
2021-01-29 16:43:26 +01:00
Koen Van Impe
87b22f363c
Move cfr-type-of-incident to meta
2021-01-28 12:25:39 +01:00
Koen Van Impe
23778666ba
RSIT Galaxy/Cluster
2021-01-28 10:03:12 +01:00
Alexandre Dulaunoy
5d31753e6a
chg: [cryptominer] updated
2020-10-30 09:48:08 +01:00
JJ Cummings
c48a38c2f1
Added a new cryptominer galaxy and additional missing recent families to various clusters
2020-10-29 14:40:22 -06:00
Alexandre Dulaunoy
0ccbdb862b
chg: [tea] first version
2020-10-23 11:16:50 +02:00
Christophe Vandeplas
f95e88b1f9
MITRE ATT&CK for ICS fixes #586
...
fixed issues in pull request #586
2020-10-01 20:42:40 +02:00
Alexandre Dulaunoy
6bb0f74b97
chg: [galaxy] fix the name to China Defence Universities Tracker
2020-08-24 09:57:28 +02:00
VVX7
b4c3ffc8eb
new: [dev] add ASPI's China Defence University Tracker.
...
Thanks to Cormac Doherty for writing the web scraper! To update the galaxy run the included gen_defence_university.py script.
"The China Defence Universities Tracker is a database of Chinese institutions engaged in military or security-related science and technology research. It was created by ASPI’s International Cyber Policy Centre.
It includes entries on nearly 100 civilian universities, 50 People’s Liberation Army institutions, China’s nuclear weapons program, three Ministry of State Security institutions, four Ministry of Public Security universities, and 12 state-owned defence industry conglomerates.
The Tracker is a tool to inform universities, governments and scholars as they engage with the entities from the People’s Republic of China. It aims to build understanding of the expansion of military-civil fusion—the Chinese government’s policy of integrating military and civilian efforts—into the education sector.
The Tracker should be used to inform due diligence of Chinese institutions. However, the fact that an institution is not included here does not indicate that it should not raise risks or is not involved in defence research. Similarly, entries in the database may not reflect the full range and nature of an institution’s defence and security links." - ASPI (https://unitracker.aspi.org.au/about/ )
2020-08-21 11:24:22 -04:00
Koen Van Impe
d3e22ef14c
SoD Matrix
...
Described at https://github.com/cudeso/SoD-Matrix
2020-07-10 14:08:45 +02:00
iglocska
dee9a56460
fix: small fixes to the bhadra framework
2020-05-19 16:45:40 +02:00
iglocska
43703f1a96
new: added Bhadra framework for mobile attacks
...
- based on the paper published here: https://arxiv.org/pdf/2005.05110.pdf
- thanks to the ATT&CK EU community conference speakers highlighting this framework!
2020-05-19 16:34:59 +02:00
Alexandre Dulaunoy
c7104e8819
chg: [country] jq all
2020-03-23 13:09:14 +01:00
iglocska
777c3188db
new: [country] galaxy added
2020-03-23 12:10:16 +01:00
Alexandre Dulaunoy
8e73612b09
Merge pull request #488 from Delta-Sierra/master
...
create new galaxy - surveillance-vendor
2019-12-05 14:48:44 +01:00
Deborah Servili
a049009453
add new galaxy - surveillance-vendor
2019-12-04 16:22:58 +01:00
Jean-Louis Huynen
872df00262
chg: [dark-pattern] namespace: misp
2019-12-04 09:31:56 +01:00
Jean-Louis Huynen
44a9897f2a
add: [dark-pattern] galaxy to tag dark patterns
2019-12-03 16:26:29 +01:00
Christophe Vandeplas
cb29013231
fix: [region] inconsistent type
2019-10-20 18:55:11 +02:00
mokaddem
4d4bd3a70c
fix: [misinfosec] fixed kill_chain fields
2019-10-09 09:45:52 +02:00
VVX7
e4998efec9
chg: [galaxy] added AMITT galaxy/cluster generator script
2019-10-08 13:52:08 -04:00
VVX7
a0357c735e
chg: [galaxy] version number to int
2019-10-07 19:19:45 -04:00
VVX7
0a29445b44
new: [galaxy] AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools.
2019-10-07 19:07:25 -04:00
Deborah Servili
c305640290
new galaxy - Region based on UN M49
2019-09-26 13:01:41 +02:00
Deborah Servili
bb46e32d90
add target-information galaxy file
2019-07-19 13:50:22 +02:00
Alexandre Dulaunoy
dbb67dd7d2
Merge pull request #426 from mokaddem/patch-2
...
Update mitre-course-of-action.json
2019-07-16 16:59:31 +02:00
Alexandre Dulaunoy
3e70bfc738
Merge pull request #425 from mokaddem/patch-1
...
Update banker.json
2019-07-16 16:59:18 +02:00
Alexandre Dulaunoy
c981afbbe9
Merge pull request #424 from mokaddem/patch-3
...
Update mitre-enterprise-attack-course-of-action.json
2019-07-16 16:59:01 +02:00
Sami Mokaddem
3d4bfa7924
Update mitre-mobile-attack-course-of-action.json
...
Changed icon
2019-07-16 16:56:35 +02:00
Sami Mokaddem
00d1de6fdc
Update mitre-enterprise-attack-course-of-action.json
...
Changed icon
2019-07-16 16:56:28 +02:00
Sami Mokaddem
1035d1c71b
Update mitre-course-of-action.json
...
Changed icon
2019-07-16 16:56:10 +02:00
Sami Mokaddem
573b8366e7
Update banker.json
...
Changed icon name
2019-07-16 16:53:46 +02:00
mokaddem
9ad5279939
chg: [attack-pattern] Sync kill-chain with data from MITRE.
2019-05-13 10:59:30 +02:00
Alexandre Dulaunoy
a2df5c46d8
chg: [o365-exchange-techniques] [WiP] based on John Lambert matrix techniques
2019-05-12 09:51:41 +02:00
Raphaël Vinot
988586fde0
fix: Duplicate values, typos.
2019-05-06 17:17:16 +02:00
Alexandre Dulaunoy
e56cb33097
chg: [attck4fraud] fix the type issue
2019-03-19 10:03:33 +01:00
Alexandre Dulaunoy
824465d879
add: [attck4fraud] initial attck-like matrix for fraud from https://github.com/burritoblue/attck4fraud (WiP)
2019-03-19 08:09:23 +01:00
Alexandre Dulaunoy
1f27ac26ac
chg: [mitre-attack-pattern] jq
2019-02-15 09:13:47 +01:00
Alexandre Dulaunoy
77ff566b9e
Merge pull request #343 from mokaddem/newMitre
...
Added kill_chain_order in mitre-attack-pattern
2019-02-15 09:13:18 +01:00
Alexandre Dulaunoy
924bc091b1
chg: [election-guidelines] sorting is important ;-)
2019-02-15 09:03:12 +01:00
Alexandre Dulaunoy
ee09226c55
chg: [election-guidelines] jq
2019-02-15 08:53:51 +01:00
mokaddem
34042abe23
new: Added draft of the election guildelines galaxy
2019-02-15 08:44:33 +01:00
mokaddem
46a095012a
chg: [mitre-attack-pattern] bumped version number
2019-02-14 10:57:22 +01:00
mokaddem
aedbd6aa05
chg: [mitre-attack-pattern] Added kill_chain_order
2019-02-14 10:51:05 +01:00
Christophe Vandeplas
93ae4660c5
chg: [mitre] Deprecated pre/enterprise/mobile separate galaxies
2018-12-29 18:58:53 +01:00
Christophe Vandeplas
2bb4df134b
chg: removal of older unused relationships
2018-10-17 08:20:12 +02:00
Christophe Vandeplas
2fbd8ce485
jq sort keys
...
Allows automation to edit the files
2018-10-12 10:35:31 +02:00
Davide Arcuri
253fbed356
Added Malpedia Galaxy
...
based on malpedia git repo
Co-Authored-By: garanews <garanews@users.noreply.github.com>
2018-10-05 14:30:31 +02:00
raw-data
77cfaa8221
[add] new backdoor galaxy and cluster
2018-07-06 20:09:52 +01:00
Deborah Servili
26cb324aee
Update cert-eu-govsector.json
2018-06-22 13:01:00 +02:00
raw-data
b381d03207
[ADD] Stealer galaxy definition
2018-06-01 16:02:36 +01:00
Thirion Aurélien
728f861362
fix typo mitre-pre-attack-relationship
2018-05-28 11:37:03 +02:00
Alexandre Dulaunoy
1adcfbf0c0
chg: old MITRE ATT&CK (2017) is moving to deprecated namespace
2018-05-20 09:45:18 +02:00
Alexandre Dulaunoy
9e37388cdf
chg: namespace mitre-attack added for version 2 of the MITRE ATT&CK after 2018
2018-05-20 09:42:40 +02:00
Deborah Servili
22cb1618a5
Merge pull request #214 from Delta-Sierra/master
...
update mitre galaxies - add external id and killchain
2018-05-19 13:21:18 +02:00
Deborah Servili
6c8edd3f61
jq
2018-05-19 13:09:50 +02:00
Deborah Servili
d82a76c08f
fix scripts for nobile and pre attack attack pattern
2018-05-19 13:09:30 +02:00
Deborah Servili
f6d7291e7a
jq
2018-05-19 12:57:20 +02:00
Deborah Servili
730353f63d
update mitre galaxies - add external id and killchain
2018-05-19 12:56:20 +02:00
Alexandre Dulaunoy
5f566dd683
chg: [misp-galaxy] namespace misp added
2018-05-18 13:34:55 +02:00
Deborah Servili
8d4053741b
jq
2018-04-04 12:54:04 +02:00
Deborah Servili
804fcedb5c
add external_id to values
2018-04-03 15:53:17 +02:00
StefanKelm
a0eaf5bb32
Update mitre-enterprise-attack-intrusion-set.json
2018-03-22 14:11:34 +01:00
StefanKelm
6a2be53649
Update and rename mitre-entreprise-attack-tool.json to mitre-enterprise-attack-tool.json
2018-03-22 14:07:34 +01:00
StefanKelm
65f198fe81
Rename mitre-entreprise-attack-relationship.json to mitre-enterprise-attack-relationship.json
2018-03-22 14:07:04 +01:00
StefanKelm
a3460716cb
Update mitre-entreprise-attack-relationship.json
2018-03-22 14:06:35 +01:00
StefanKelm
1df43affe2
Update and rename mitre-entreprise-attack-malware.json to mitre-enterprise-attack-malware.json
2018-03-22 14:06:10 +01:00
StefanKelm
d51124b7ee
Update and rename mitre-entreprise-attack-intrusion-set.json to mitre-enterprise-attack-intrusion-set.json
2018-03-22 14:05:40 +01:00
StefanKelm
b82efac9d5
Update and rename mitre-entreprise-attack-course-of-action.json to mitre-enterprise-attack-course-of-action.json
2018-03-22 14:05:07 +01:00
StefanKelm
a20413b177
Update and rename mitre-entreprise-attack-attack-pattern.json to mitre-enterprise-attack-attack-pattern.json
2018-03-22 14:04:33 +01:00
Deborah Servili
fd9919e67a
jq all the things
2018-02-23 08:38:32 +01:00
Deborah Servili
4ddb598de4
add MITRE Galaxies V2.0
2018-02-21 16:28:11 +01:00
Deborah Servili
384e26a1b4
create botnet galaxy
2018-02-20 15:33:24 +01:00
Deborah Servili
9dd9810167
rename files + update README.md
2018-01-09 09:20:13 +01:00
Deborah Servili
225ce1f3ee
New galaxy Branded Vulnerability
2018-01-09 09:02:29 +01:00
Raphaël Vinot
eef988e9ad
Cosmetic updates
2017-10-27 10:50:47 -04:00
Raphaël Vinot
40e26a59f1
Merge branch 'master' of github.com:MISP/misp-galaxy
2017-10-26 18:54:56 -04:00
Raphaël Vinot
6d0952e4ed
Add android and banker galaxies
2017-10-26 18:53:01 -04:00
Deborah Servili
709b78c2de
jq
2017-10-26 10:28:53 +02:00
Deborah Servili
3a41799542
add galaxy icon to mitre-cti tools & regenerate galaxies
2017-10-26 10:28:05 +02:00
Deborah Servili
fa8c4ec839
delete x_ prefix from mitre_attack_pattern
2017-10-26 09:44:23 +02:00
Deborah Servili
5b7e2de87a
add cert EU govsectors galaxy
2017-10-24 11:15:05 +02:00
Deborah Servili
949e39bbde
typo
2017-10-24 10:40:19 +02:00
Deborah Servili
aa5e823801
add sectors galaxy
2017-10-11 09:52:33 +02:00
Alexandre Dulaunoy
ba6f5b4eb1
As now everything is in the Blockchain, ransomware are too.
2017-09-28 11:33:18 +02:00
Alexandre Dulaunoy
446bda1b09
icons for the grand Master who is redesigning the overall graphical view
2017-09-28 11:29:01 +02:00
Deborah Servili
ad22bafdba
jq
2017-08-17 15:54:44 +02:00
Deborah Servili
91cd3a6eec
update mitre galaxies
2017-08-17 15:53:41 +02:00
iglocska
cf780290be
Fixed some issues with a misnamed galaxy
2017-08-16 21:40:05 +02:00
Deborah Servili
7e391e8a39
version is integer
2017-08-16 15:23:58 +02:00
Deborah Servili
fb5560f927
add mitre based galaxies
2017-08-16 12:17:00 +02:00
Deborah Servili
17c0ffb255
add RAT listed in https://github.com/kevthehermit/RATDecoders
2017-06-02 15:40:06 +02:00
Raphaël Vinot
47ac01ee96
Initial Json schema
2017-02-13 18:32:53 +01:00
Déborah Servili
39c1b0be8d
fix galaxy ##comma##
2017-01-31 08:21:31 +01:00
Déborah Servili
720246fd33
ransomware galaxy
2017-01-30 16:25:40 +01:00
Déborah Servili
733f065851
begin preventive-measure galaxy
2017-01-11 16:14:45 +01:00
root
49808e969f
EK galaxie
2017-01-05 14:16:51 +01:00
root
8389a3e1f3
Init
2017-01-05 14:07:14 +01:00