MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity
2,415 Commits
6 Branches
47 Tags
57 MiB
Commit Graph

2415 Commits (833a6e0a8d72b3b6bf5a6b921c38fabefc0c0348)

Author SHA1 Message Date
Delta-Sierra c37befc8a9 merge 2021-03-11 10:35:05 +01:00
Alexandre Dulaunoy 855a12a408
chg: [clusters] fixing broken UUID fix #628 2021-03-11 09:54:50 +01:00
Alexandre Dulaunoy f6ed00233e
chg: [ransomware] fix the broken UUID fix #628 2021-03-11 09:52:25 +01:00
Alexandre Dulaunoy 2e9f0fcf53
Merge pull request #633 from r0ny123/patch-1 
add more HAFNIUM references
 2021-03-06 23:16:51 +01:00
Rony 57c7d0b9a0
From Nextron 2021-03-06 19:44:32 +05:30
Rony 6cabbfb091
more! 2021-03-06 14:22:29 +05:30
Rony 7b242555df
More references 
From 
Crowdstrike
MSRC
and kql hunting query from James Quinn
 2021-03-06 13:28:14 +05:30
Rony eaab88ef28
add HAFNIUM detection refs 2021-03-05 16:51:28 +05:30
Rony 4bc438a325
fix 2021-03-05 11:48:43 +05:30
Rony d9b299aafc
add more HAFNIUM references 2021-03-05 11:42:04 +05:30
Alexandre Dulaunoy aee6eac078
Merge pull request #632 from r0ny123/patch-1 
Adding alias NOBELIUM
 2021-03-04 18:16:17 +01:00
Rony c9f7afef1c
Adding alias NOBELIUM 2021-03-04 22:39:33 +05:30
Alexandre Dulaunoy 47dade9d0e
Merge pull request #631 from r0ny123/Enhancement 
Add HAFNIUM
 2021-03-04 14:48:01 +01:00
sebdraven c2a4bb1f8a
Merge pull request #1 from MISP/main 
merge
 2021-03-04 13:56:09 +01:00
Alexandre Dulaunoy a9a6b0253f
chg: [microsoft activity group] HAFNIUM added 2021-03-04 10:49:58 +01:00
Rony ad795606cf
added HAFNIUM 
Updates:
Tonto Team
UNC2452
 2021-03-04 00:10:33 +05:30
Alexandre Dulaunoy bdad7762db
Merge pull request #630 from sebdraven/main 
Update threat-actor.json
 2021-03-03 18:39:23 +01:00
Sebdraven 2666341afc Update threat-actor.json 
update Sidewinder card
 2021-03-03 17:59:25 +01:00
Alexandre Dulaunoy fee4cbc123
Merge pull request #629 from nyx0/main 
Update Infy TA.
 2021-03-02 22:14:02 +01:00
Thomas Dupuy f842694fda Update Infy TA. 2021-03-02 14:37:01 -05:00
Alexandre Dulaunoy 524676282e
Merge branch 'main' of github.com:MISP/misp-galaxy into main 2021-02-26 08:30:58 +01:00
Alexandre Dulaunoy 4692ced8fa
chg: [tool] SUNSPOT added 2021-02-26 08:28:01 +01:00
Delta-Sierra 0e23d8b95f add relationships between Maze, Rgnar, Egregor and Sekhmet 2021-02-25 10:21:28 +01:00
Delta-Sierra 406dfdb45b add Sekhmet ransomware 2021-02-25 09:52:52 +01:00
Delta-Sierra d273a5da7d add TeamTNT ref 2021-02-25 09:52:24 +01:00
Alexandre Dulaunoy fc0dc0050c
Merge pull request #627 from r0ny123/patch-2 
removing DePrimon
 2021-02-24 23:06:57 +01:00
Rony 5c6f3a036b
removing DePrimon 
DePrimon is not a TA, added malfamily (waiting for approval) to Malpedia to better reflect that.
 2021-02-24 21:55:04 +05:30
Alexandre Dulaunoy cf5c95b762
Merge pull request #626 from nyx0/main 
Add RDAT backdoor
 2021-02-23 21:40:23 +01:00
Thomas Dupuy eeafff9768 Add RDAT backdoor 2021-02-23 11:15:31 -05:00
Delta-Sierra eb07fab69f add Ragnar Locker and update accordingly 2021-02-23 16:21:07 +01:00
Delta-Sierra 06ae10965b add Covidloc and tycoon ransomware + small updates on some ransomwares 2021-02-22 16:39:47 +01:00
Delta-Sierra 7c1ac58141 add TeamTNT 2021-02-22 16:38:18 +01:00
Alexandre Dulaunoy d0ae9c20f9
Merge pull request #625 from Thijsvanede/patch-1 
Fix: rename "Innitial Access" to "Initial Access"
 2021-02-21 16:51:17 +01:00
Thijsvanede e9eb0c7a6c
Fix: rename "Innitial Access" to "Initial Access" 
Renamed mitre-ics-tactics "Innitial Access" to "Initial Access".
Original was a minor spelling mistake.
The fixed naming corresponds to the original ATT&CK framework description https://collaborate.mitre.org/attackics/index.php/Initial_Access
 2021-02-19 12:01:47 +01:00
Alexandre Dulaunoy 5d83ed1a70
Merge pull request #624 from nyx0/main 
Add Exaramel and P.A.S. webshell tool.
 2021-02-16 16:54:32 +01:00
Thomas Dupuy 178e16dc13 Remove empty values. 2021-02-16 10:32:37 -05:00
Thomas Dupuy 4a7560d191 Add Exaramel and P.A.S. webshell tool. 2021-02-15 12:52:53 -05:00
Alexandre Dulaunoy 9f1fcbd1c5
Merge pull request #623 from nyx0/main 
Add Caterpillar WebShell.
 2021-02-12 23:13:59 +01:00
Thomas Dupuy 93396c524d Add Caterpillar WebShell. 2021-02-12 12:00:17 -05:00
Delta-Sierra 96bf0d44ea Merge https://github.com/MISP/misp-galaxy 2021-02-09 14:52:58 +01:00
Alexandre Dulaunoy fa05eb04e3
Merge branch 'main' of github.com:MISP/misp-galaxy into main 2021-01-29 16:43:52 +01:00
Alexandre Dulaunoy 38a0d2d32d
chg: [rsit] rsit as galaxy name 2021-01-29 16:43:26 +01:00
Alexandre Dulaunoy 48fddce7d1
Merge pull request #622 from danielplohmann/patch-5 
adding ClearSky alias for Volatile Cedar
 2021-01-29 16:39:03 +01:00
Daniel Plohmann d61e7d2fac
adding ClearSky alias for Volatile Cedar 
adding ClearSky report as source and alias to the VolatileCedar entry. As proof from the report: "We attributed the operation to Lebanese Cedar (also known as Volatile Cedar), mainly based on the code overlaps between the 2015 variants of Explosive RAT and Caterpillar WebShell, to the 2020 variants of these malicious  files."
 2021-01-29 10:39:18 +01:00
Alexandre Dulaunoy 815e5c4fe4
Merge pull request #621 from cudeso/main 
RSIT Galaxy/Cluster
 2021-01-28 12:55:46 +01:00
Koen Van Impe 87b22f363c Move cfr-type-of-incident to meta 2021-01-28 12:25:39 +01:00
Koen Van Impe 23778666ba RSIT Galaxy/Cluster 2021-01-28 10:03:12 +01:00
Alexandre Dulaunoy 06c038e884
Merge pull request #620 from StefanKelm/main 
Update threat-actor.json
 2021-01-26 15:00:34 +01:00
StefanKelm fb35646406
Update threat-actor.json 
Lazarus
 2021-01-26 14:38:37 +01:00
Alexandre Dulaunoy 763d67d2a4
Merge pull request #619 from nyx0/main 
Update tool cluster
 2021-01-20 19:57:43 +01:00