Daniel Plohmann
833a6e0a8d
updated URLs for Gamaredon with Shuckworm alias reference
2022-02-02 09:40:10 +01:00
Daniel Plohmann
8f928d8eb3
adding Gamaredon alias Shuckworm used by Symantec
2022-02-02 09:35:53 +01:00
Alexandre Dulaunoy
1fda357a03
new: [surveillance] Cytrox added
2022-01-30 11:31:55 +01:00
Jürgen Löhel
22046a1eae
Adds WhisperGate
...
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-18 13:16:06 -06:00
Jürgen Löhel
3059c70ae6
Adds UPAS-Kit
...
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-13 11:53:32 -06:00
Thomas Dupuy
c792bdd1b7
Add AQUATIC PANDA threat actor.
2022-01-12 13:51:11 -05:00
Thomas Dupuy
afaf3a3110
Add Motnug tool.
2022-01-12 13:37:59 -05:00
Jürgen Löhel
5aa8a8a8b1
Adds Ragnatela RAT
...
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2022-01-10 15:57:10 -06:00
Sami Tainio
dcb87b0dc6
chg: [threat-actor] Add SideCopy
2022-01-07 17:45:41 +02:00
Daniel Plohmann
3094283252
adding Mandiant's FIN13.
2022-01-03 09:32:43 +01:00
Alexandre Dulaunoy
eba1b2839f
chg: [concordia] CMTMF killchain typo fixed
2021-12-20 10:41:00 +01:00
Raphaël Vinot
b4d518d4f0
fix: cmtmf-attack-pattern had multiple duplicate UUIDs
2021-12-17 17:58:29 +01:00
Alexandre Dulaunoy
12617ff627
chg: [concordia] fix name inconsistencies
2021-12-17 17:41:00 +01:00
Alexandre Dulaunoy
69b582f9ba
chg: [concordia] duplicate removed
2021-12-17 17:31:38 +01:00
Alexandre Dulaunoy
bc3ab62917
chg: [concordia] duplicate removed
2021-12-17 17:26:04 +01:00
Alexandre Dulaunoy
ee2a3c83f4
chg: [concordia] duplicate techniques removed
2021-12-17 17:21:00 +01:00
Alexandre Dulaunoy
01d23b61b7
chg: [concordia] typo fixed
2021-12-17 17:15:43 +01:00
Alexandre Dulaunoy
01f2ce68d4
chg: [misp-galaxy] duplicate modify trusted environment and also different technique ID?
2021-12-17 17:13:57 +01:00
Alexandre Dulaunoy
5becac98e4
chg: [concordia] duplicates removed
2021-12-17 16:51:11 +01:00
Alexandre Dulaunoy
ae7b7bd47d
chg: [cmtmf-attack-pattern] various fixes to make JSON ok
2021-12-17 16:08:07 +01:00
Alexandre Dulaunoy
7b587710b1
Merge branch 'concordia_mtmf' of https://github.com/BennSaturn/misp-galaxy into BennSaturn-concordia_mtmf
2021-12-17 15:55:03 +01:00
Jürgen Löhel
b81ac7f01d
Adds DarkWatchman RAT
...
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2021-12-17 07:20:58 -06:00
Delta-Sierra
78a8cf4ad2
add ESPecter Bootkit
2021-11-19 16:30:57 +01:00
Delta-Sierra
c89623e945
add ESPecter bootkit
2021-11-16 08:17:37 +01:00
Christophe Vandeplas
aeb5719448
chg: [att&ck] update to ATT&CK v10
2021-10-22 14:34:25 +02:00
Alexandre Dulaunoy
ab41df7282
chg: [malpedia] remove duplicate
2021-10-20 12:24:12 +02:00
Alexandre Dulaunoy
e517787e7c
chg: [malpedia] duplicates removed
2021-10-20 12:21:05 +02:00
Alexandre Dulaunoy
69f878c86f
fix: [malpedia] remove duplicate urls
2021-10-20 12:16:22 +02:00
Alexandre Dulaunoy
da91f2abc2
chg: [malpedia] updated
2021-10-20 10:21:03 +02:00
marjatech
d74fdb3e43
update malpedia
2021-10-19 16:21:19 +02:00
Bernardo Santos
e74fcfe268
Update cmtmf-attack-pattern.json
...
- update version
2021-10-13 10:06:00 +02:00
Bernardo Santos
5f19983ba3
Update cmtmf-attack-pattern.json
...
- Changes to cluster type
- Fix typo for privilege escalation tactic
2021-10-13 09:57:03 +02:00
Bernardo Santos
49dfcca563
CONCORDIA MTMF - Initial version
...
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:54:06 +02:00
Bernardo Santos
d09681b011
CONCORDIA MTMF - Initial version
...
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:45:03 +02:00
Jeroen Pinoy
9ec76ae185
Add threat actor common raven
2021-10-03 23:30:20 +02:00
Thomas Patzke
26f0c344a1
Added O365 techniques
...
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
2021-09-18 23:27:38 +02:00
Thomas Dupuy
1985de4d44
Add BLUELIGHT tool.
2021-08-27 10:28:06 +02:00
Thomas Dupuy
89a3f986ba
Add InkySquid synonym.
2021-08-24 16:29:34 +02:00
Daniel Plohmann
3272960a14
fixed typo in actor name (CLOCKWORD -> CLOCKWORK SPIDER)
2021-08-19 06:02:40 +02:00
Rony
5dd0c7d8b3
chg: [threat-actor] add origin country to UNC2452 & HAFNIUM
...
addressed https://github.com/MISP/misp-galaxy/pull/660#issuecomment-884475015
2021-08-02 22:30:05 +05:30
Rony
636ccdedcd
Update threat-actor.json
2021-07-21 18:47:56 +05:30
Rony
9ecfecc063
another fix
2021-07-21 18:41:18 +05:30
Rony
32ea60d721
fix
2021-07-21 18:31:05 +05:30
Rony
52e7d5a0a9
multiple updates to apt40, apt31 & hafnium
2021-07-21 18:28:40 +05:30
Rony
fb9a41f8e9
from Gov Canada & MFA Japan
2021-07-19 20:33:35 +05:30
Rony
c90c60cb13
adding references for APT40 & APT31
2021-07-19 20:14:36 +05:30
Alexandre Dulaunoy
6c8949caa9
Merge pull request #658 from jasperla/oilrig
...
merge APT34 with OilRig
2021-07-03 08:56:39 +02:00
Deborah Servili
b6005bd53f
Merge branch 'main' into master
2021-07-02 13:30:51 +02:00
Delta-Sierra
913aff30c3
Add NOBELIUM and related
2021-07-02 13:18:03 +02:00
Jasper Lievisse Adriaanse
792490298e
merge APT34 with OilRig
...
OilRig already has "APT 34" and "APT34" as synonyms. Additionally
MITRE has since combined them due to overlap in activity:
https://attack.mitre.org/groups/G0049/
2021-06-29 20:26:04 +02:00