Commit Graph

1587 Commits (833a6e0a8d72b3b6bf5a6b921c38fabefc0c0348)

Author SHA1 Message Date
Daniel Plohmann 833a6e0a8d
updated URLs for Gamaredon with Shuckworm alias reference 2022-02-02 09:40:10 +01:00
Daniel Plohmann 8f928d8eb3
adding Gamaredon alias Shuckworm used by Symantec 2022-02-02 09:35:53 +01:00
Alexandre Dulaunoy 1fda357a03
new: [surveillance] Cytrox added 2022-01-30 11:31:55 +01:00
Jürgen Löhel 22046a1eae
Adds WhisperGate
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-18 13:16:06 -06:00
Jürgen Löhel 3059c70ae6
Adds UPAS-Kit
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-13 11:53:32 -06:00
Thomas Dupuy c792bdd1b7 Add AQUATIC PANDA threat actor. 2022-01-12 13:51:11 -05:00
Thomas Dupuy afaf3a3110 Add Motnug tool. 2022-01-12 13:37:59 -05:00
Jürgen Löhel 5aa8a8a8b1
Adds Ragnatela RAT
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-10 15:57:10 -06:00
Sami Tainio dcb87b0dc6 chg: [threat-actor] Add SideCopy 2022-01-07 17:45:41 +02:00
Daniel Plohmann 3094283252
adding Mandiant's FIN13. 2022-01-03 09:32:43 +01:00
Alexandre Dulaunoy eba1b2839f
chg: [concordia] CMTMF killchain typo fixed 2021-12-20 10:41:00 +01:00
Raphaël Vinot b4d518d4f0 fix: cmtmf-attack-pattern had multiple duplicate UUIDs 2021-12-17 17:58:29 +01:00
Alexandre Dulaunoy 12617ff627
chg: [concordia] fix name inconsistencies 2021-12-17 17:41:00 +01:00
Alexandre Dulaunoy 69b582f9ba
chg: [concordia] duplicate removed 2021-12-17 17:31:38 +01:00
Alexandre Dulaunoy bc3ab62917
chg: [concordia] duplicate removed 2021-12-17 17:26:04 +01:00
Alexandre Dulaunoy ee2a3c83f4
chg: [concordia] duplicate techniques removed 2021-12-17 17:21:00 +01:00
Alexandre Dulaunoy 01d23b61b7
chg: [concordia] typo fixed 2021-12-17 17:15:43 +01:00
Alexandre Dulaunoy 01f2ce68d4
chg: [misp-galaxy] duplicate modify trusted environment and also different technique ID? 2021-12-17 17:13:57 +01:00
Alexandre Dulaunoy 5becac98e4
chg: [concordia] duplicates removed 2021-12-17 16:51:11 +01:00
Alexandre Dulaunoy ae7b7bd47d
chg: [cmtmf-attack-pattern] various fixes to make JSON ok 2021-12-17 16:08:07 +01:00
Alexandre Dulaunoy 7b587710b1
Merge branch 'concordia_mtmf' of https://github.com/BennSaturn/misp-galaxy into BennSaturn-concordia_mtmf 2021-12-17 15:55:03 +01:00
Jürgen Löhel b81ac7f01d Adds DarkWatchman RAT
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2021-12-17 07:20:58 -06:00
Delta-Sierra 78a8cf4ad2 add ESPecter Bootkit 2021-11-19 16:30:57 +01:00
Delta-Sierra c89623e945 add ESPecter bootkit 2021-11-16 08:17:37 +01:00
Christophe Vandeplas aeb5719448 chg: [att&ck] update to ATT&CK v10 2021-10-22 14:34:25 +02:00
Alexandre Dulaunoy ab41df7282
chg: [malpedia] remove duplicate 2021-10-20 12:24:12 +02:00
Alexandre Dulaunoy e517787e7c
chg: [malpedia] duplicates removed 2021-10-20 12:21:05 +02:00
Alexandre Dulaunoy 69f878c86f
fix: [malpedia] remove duplicate urls 2021-10-20 12:16:22 +02:00
Alexandre Dulaunoy da91f2abc2
chg: [malpedia] updated 2021-10-20 10:21:03 +02:00
marjatech d74fdb3e43
update malpedia 2021-10-19 16:21:19 +02:00
Bernardo Santos e74fcfe268 Update cmtmf-attack-pattern.json
- update version
2021-10-13 10:06:00 +02:00
Bernardo Santos 5f19983ba3 Update cmtmf-attack-pattern.json
- Changes to cluster type
- Fix typo for privilege escalation tactic
2021-10-13 09:57:03 +02:00
Bernardo Santos 49dfcca563 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:54:06 +02:00
Bernardo Santos d09681b011 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:45:03 +02:00
Jeroen Pinoy 9ec76ae185
Add threat actor common raven 2021-10-03 23:30:20 +02:00
Thomas Patzke 26f0c344a1 Added O365 techniques
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
2021-09-18 23:27:38 +02:00
Thomas Dupuy 1985de4d44 Add BLUELIGHT tool. 2021-08-27 10:28:06 +02:00
Thomas Dupuy 89a3f986ba Add InkySquid synonym. 2021-08-24 16:29:34 +02:00
Daniel Plohmann 3272960a14
fixed typo in actor name (CLOCKWORD -> CLOCKWORK SPIDER) 2021-08-19 06:02:40 +02:00
Rony 5dd0c7d8b3
chg: [threat-actor] add origin country to UNC2452 & HAFNIUM
addressed https://github.com/MISP/misp-galaxy/pull/660#issuecomment-884475015
2021-08-02 22:30:05 +05:30
Rony 636ccdedcd
Update threat-actor.json 2021-07-21 18:47:56 +05:30
Rony 9ecfecc063
another fix 2021-07-21 18:41:18 +05:30
Rony 32ea60d721
fix 2021-07-21 18:31:05 +05:30
Rony 52e7d5a0a9
multiple updates to apt40, apt31 & hafnium 2021-07-21 18:28:40 +05:30
Rony fb9a41f8e9
from Gov Canada & MFA Japan 2021-07-19 20:33:35 +05:30
Rony c90c60cb13
adding references for APT40 & APT31 2021-07-19 20:14:36 +05:30
Alexandre Dulaunoy 6c8949caa9
Merge pull request #658 from jasperla/oilrig
merge APT34 with OilRig
2021-07-03 08:56:39 +02:00
Deborah Servili b6005bd53f
Merge branch 'main' into master 2021-07-02 13:30:51 +02:00
Delta-Sierra 913aff30c3 Add NOBELIUM and related 2021-07-02 13:18:03 +02:00
Jasper Lievisse Adriaanse 792490298e merge APT34 with OilRig
OilRig already has "APT 34" and "APT34" as synonyms. Additionally
MITRE has since combined them due to overlap in activity:
https://attack.mitre.org/groups/G0049/
2021-06-29 20:26:04 +02:00