Commit Graph

1559 Commits (aeb57194485cb9fa8483b6bc21308d44e921ff75)

Author SHA1 Message Date
Daniel Plohmann aba625dee5
removed duplicate entry 2020-04-07 08:49:33 +02:00
Daniel Plohmann e15a4a6525
fixing/removing some more dead links 2020-04-06 15:25:22 +02:00
Deborah Servili 7859c8dbd7
Add coronavirus ransomware 2020-04-03 16:19:45 +02:00
Deborah Servili 8a3422acb4
add Pyta ransomnotes 2020-04-03 11:58:02 +02:00
Deborah Servili c566c89f2a
add pyza ransomware 2020-03-27 14:22:34 +01:00
Alexandre Dulaunoy c7104e8819
chg: [country] jq all 2020-03-23 13:09:14 +01:00
iglocska 777c3188db
new: [country] galaxy added 2020-03-23 12:10:16 +01:00
Alexandre Dulaunoy 35a57c36bf
Merge pull request #526 from Delta-Sierra/master
PARINACOTA group
2020-03-12 23:23:05 +01:00
Deborah Servili a706b8ef2e
PARINACOTA group 2020-03-12 13:11:46 +01:00
Alexandre Dulaunoy e37f320df5
Merge pull request #523 from danielplohmann/patch-24
adding aliases MERCURY, HOLMIUM
2020-03-09 21:56:27 +01:00
Daniel Plohmann ab49ef3c1a
Kimsuki -> Black Banshee
PWC refers to Kimsuki as Black Banshee (https://www.pwc.co.uk/issues/cyber-security-data-privacy/research/tracking-kimsuky-north-korea-based-cyber-espionage-group-part-2.html)
2020-03-09 18:20:56 +01:00
Daniel Plohmann 1260ab156a
adding aliases MERCURY, HOLMIUM
Muddywater->MERCURY: https://twitter.com/moranned/status/1234071210822184960
APT33->HOLMIUM: https://www.zdnet.com/article/microsoft-notified-10000-victims-of-nation-state-attacks/
2020-03-09 08:50:08 +01:00
Alexandre Dulaunoy e81c91e3e9
Merge pull request #522 from Delta-Sierra/master
add sdbbot
2020-03-06 15:24:14 +01:00
Deborah Servili b007d5d3ce
add SdBbot 2020-03-06 14:33:19 +01:00
Alexandre Dulaunoy a407ddcc5b
Merge branch 'master' of github.com:MISP/misp-galaxy 2020-03-05 10:49:15 +01:00
Alexandre Dulaunoy 375db26505
chg: [malpedia] fixes 2020-03-05 10:48:28 +01:00
Alexandre Dulaunoy 4a64d0a4ad
Merge pull request #519 from danielplohmann/crowdstrike2020report
adding new/updated threat actor names from CrowdStrike 2020 report
2020-03-05 09:07:16 +01:00
Corsin Camichel 66aa5c3b13
fixing a comma error 2020-03-04 21:13:01 +01:00
Daniel Plohmann (jupiter) 0c2b0b76eb while we are at it, we can also do Longhorn = APT-C-39 2020-03-04 21:09:06 +01:00
Corsin Camichel a5a7c21c79
adding Raccoon (win.raccoon) 2020-03-04 21:02:51 +01:00
Daniel Plohmann (jupiter) 184f193342 IMPERIAL KITTEN as alias for Tortoiseshell 2020-03-04 19:39:14 +01:00
pnx@pyrite 3dc460e795 adding new/updated threat actor names from CrowdStrike 2020 report 2020-03-04 13:36:34 +01:00
Daniel Plohmann dc059d1f4d
Accenture calls APT32 - "POND LOACH" 2020-03-03 19:40:50 +01:00
Deborah Servili d8ea0f865c
add clop ransomware extension 2020-03-02 13:33:38 +01:00
Alexandre Dulaunoy b4b91b1e5d
chg: [threat-actor] JSON fixed 2020-02-28 16:37:24 +01:00
Alexandre Dulaunoy 4c7532984a
Merge branch 'master' of https://github.com/nyx0/misp-galaxy into nyx0-master 2020-02-28 16:36:56 +01:00
Deborah Servili 0d4745d55f Merge branch 'master' of https://github.com/MISP/misp-galaxy 2020-02-28 11:38:20 +01:00
Deborah Servili a61f8d7049
add extension to clop ransomware 2020-02-28 11:37:54 +01:00
Alexandre Dulaunoy ee63756cc5
Merge pull request #516 from rmkml/master
add MedusaLocker ransomware
2020-02-23 16:06:45 +01:00
rmkml 590e292b68 add MedusaLocker ransomware 2020-02-23 16:01:45 +01:00
Deborah Servili 29bf20e89b
add razor ransomware 2020-02-19 15:55:29 +01:00
Thomas Dupuy 0daeb675f5 Add InvisiMole cluster 2020-02-18 13:28:32 -05:00
Alexandre Dulaunoy c98093e6fe
Merge pull request #513 from danielplohmann/patch-20
adding APT-C-12
2020-02-13 21:56:34 +01:00
Daniel Plohmann e481e9bb50
adding APT-C-12 2020-02-13 17:44:45 +01:00
Deborah Servili f196bad4a1
add tools used by TA505 + others 2020-02-12 15:39:16 +01:00
Deborah Servili 66a721fcd3 Merge branch 'master' of https://github.com/MISP/misp-galaxy 2020-02-12 15:00:30 +01:00
Deborah Servili b46f9b68fe
add warzone RAT 2020-02-06 13:39:58 +01:00
Alexandre Dulaunoy 33aa1c8f3f
Merge pull request #510 from Delta-Sierra/master
add ransomwares
2020-02-06 09:53:19 +01:00
Deborah Servili 46fe9cb82b
add ransomwares 2020-02-06 09:29:33 +01:00
Rony 22c9badee0
Update threat-actor.json
those are the name of aliases of the same malware family sykipot. so removing it.
2020-02-05 18:00:31 +05:30
Deborah Servili 5da17d51aa
Merge branch 'master' into master 2020-01-24 09:33:33 +01:00
Deborah Servili 606e3ec90f
jq 2020-01-24 09:32:09 +01:00
Alexandre Dulaunoy 6d078a88dd
chg: [ransomware] Nodera ransomware added 2020-01-24 09:04:38 +01:00
Deborah Servili 58415324c5
add Operation Wocao 2020-01-24 08:27:20 +01:00
Thomas Dupuy edc5196373 Add Attor and DePriMon 2020-01-23 11:27:00 -05:00
Daniel Plohmann ccfe5ee130
removing and fixing deadlinks in the best possible way
Hi! While migrating Malpedia to our new reference data format, we noticed a few potentially dead/moved references in your cluster. This pull request should fix most of them, for some I was not able to find an appropriate replacement.
2020-01-23 11:14:20 +01:00
Daniel Plohmann 29a128da6f
adding references and TEMP.MixMaster as alias for WIZARD SPIDER
with kudos to @tbarabosch
2020-01-22 15:42:01 +01:00
Alexandre Dulaunoy 911c2bf0bf
Merge pull request #504 from Delta-Sierra/master
update target location galaxy
2020-01-21 11:06:56 +01:00
Deborah Servili 8421bde291
complete Zimbabwe cluster 2020-01-21 10:51:07 +01:00
Deborah Servili f364e51d24
update target location galaxy 2020-01-20 14:46:03 +01:00
Alexandre Dulaunoy dbaab413b6
chg: [threat-actor] typo fixed 2020-01-18 17:30:27 +01:00
Alexandre Dulaunoy 564f27c5ca
chg: [threat-actor] format fixed 2020-01-18 17:26:45 +01:00
Alexandre Dulaunoy 34c5c66279
chg: [threat-actor] fix order 2020-01-18 17:08:32 +01:00
Alexandre Dulaunoy 8eeceafc51
chg: [threat-actor] Budminer APT added based on document from "Soesanto, Stefan"
Ref: https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/389371/1/Cyber-Reports-2020-01-A-one-sided-Affair.pdf
Ref: https://www.symantec.com/connect/blogs/taiwan-targeted-new-cyberespionage-back-door-trojan
2020-01-18 17:02:44 +01:00
StefanKelm 027d94e68a
Update ransomware.json 2020-01-16 16:59:22 +01:00
StefanKelm f53a92065c
Update ransomware.json
5ss5c
2020-01-16 16:46:38 +01:00
Deborah Servili 5ec817b499
Merge branch 'master' into master 2020-01-15 14:36:01 +01:00
Deborah Servili 32961527aa
add Autochk Rootkit as tool 2020-01-15 13:41:53 +01:00
Deborah Servili bfcc867ee6
add two wipers to tools 2020-01-14 15:54:06 +01:00
Alexandre Dulaunoy 3c90322fd8
Merge pull request #500 from Delta-Sierra/master
update target information
2020-01-08 16:22:24 +01:00
StefanKelm 5832893d4f
Update tool.json
LiquorBot
2020-01-08 16:04:22 +01:00
Deborah Servili 53df69a1eb
update target information 2020-01-08 15:50:47 +01:00
StefanKelm bf4fc92066
Update tool.json
Lampion
2020-01-07 13:14:08 +01:00
Alexandre Dulaunoy 5da0c7bd54
chg: [threat-actor] SideWinder APT group added 2020-01-07 10:42:07 +01:00
StefanKelm 9b6f9136f9
Update threat-actor.json 2020-01-03 12:50:49 +01:00
StefanKelm 9373cfcb53
Update threat-actor.json
BRONZE PRESIDENT
2020-01-03 12:42:57 +01:00
Rony 6b1142abac
Update threat-actor.json 2019-12-23 22:05:28 +05:30
Alexandre Dulaunoy be4f9e01a0
Merge pull request #496 from bartblaze/patch-1
Update threat-actor.json
2019-12-20 08:23:30 +01:00
Bart 8ebb2e2d16
Update threat-actor.json
Adds Operation Wocao..
2019-12-19 21:42:02 +01:00
Deborah Servili 34340372b3
add clop ransomware 2019-12-19 17:19:18 +01:00
Deborah Servili b8c332a055
jq 2019-12-16 14:08:34 +01:00
Deborah Servili c876928abd Merge branch 'master' of https://github.com/MISP/misp-galaxy 2019-12-16 13:36:56 +01:00
Deborah Servili ee38ec7220
add BitPaymer Synonsyms 2019-12-16 13:36:00 +01:00
Deborah Servili 47e0d00555
Merge pull request #493 from Delta-Sierra/master
add tools used by GALLIUM
2019-12-13 15:35:29 +01:00
Deborah Servili 0fc9045ef2
add tools used by GALLIUM 2019-12-13 15:06:00 +01:00
Alexandre Dulaunoy 9f56a91013
Merge pull request #492 from Delta-Sierra/master
Operation Soft Cell ralated Updates
2019-12-13 13:35:52 +01:00
Deborah Servili 03c54a3e05
add GALLIUM as microsoft activities group and similar to Operation Soft Cell 2019-12-13 11:47:31 +01:00
Deborah Servili 3be47af325
update threat actor version 2019-12-13 11:04:51 +01:00
Deborah Servili 9b153913be
add relation suspected link between operation soft cell and apt10 2019-12-13 10:59:06 +01:00
Sebastian Wagner c3b5b39dd3
sofacy: add apt_sofacy as synonym 2019-12-12 15:57:13 +01:00
Deborah Servili 170f964e8c
##COMMA## 2019-12-11 14:22:09 +01:00
Deborah Servili 7e18f2e509
Merge branch 'master' into master 2019-12-11 13:51:52 +01:00
Deborah Servili 391b5a674d
add Axiom synonym 2019-12-11 13:50:35 +01:00
Alexandre Dulaunoy 8da36c09e1
chg: [threat-actor] jq 2019-12-08 09:03:14 +01:00
Daniel Plohmann 94b3c1ec07
added APT-C-34 / Golden Falcon 2019-12-07 12:44:30 +01:00
Deborah Servili 31f3a61d5f
add Sofacy ref 2019-12-05 15:42:42 +01:00
Alexandre Dulaunoy 8e73612b09
Merge pull request #488 from Delta-Sierra/master
create new galaxy - surveillance-vendor
2019-12-05 14:48:44 +01:00
Deborah Servili df1cbf8dce
add clusters to surveillance-vendor galaxy 2019-12-05 12:06:10 +01:00
Deborah Servili ad5b915175
Fix surveillance-vendor galaxy 2019-12-05 11:09:38 +01:00
Deborah Servili 12530db5a8
Add FlexiSPY + jq 2019-12-05 10:05:21 +01:00
Deborah Servili a049009453
add new galaxy - surveillance-vendor 2019-12-04 16:22:58 +01:00
Deborah Servili 2e82cd4fd7
add Private Internet Access as Tool 2019-12-04 16:22:22 +01:00
Alexandre Dulaunoy 5f020307f3
Merge pull request #485 from danielplohmann/patch-15
added TA2101
2019-12-03 22:36:49 +01:00
Daniel Plohmann bd3cc6d8ee
added TA2101 2019-12-03 18:13:44 +01:00
Jean-Louis Huynen 100299f3fd
add: [dark-pattern] add a source 2019-12-03 17:09:57 +01:00
Jean-Louis Huynen 44a9897f2a
add: [dark-pattern] galaxy to tag dark patterns 2019-12-03 16:26:29 +01:00
Alexandre Dulaunoy 2659d864d6
chg: [ransomware] jq ;-) 2019-11-22 22:41:01 +01:00
rmkml 64f100e578
Merge branch 'master' into master 2019-11-22 22:32:24 +01:00
rmkml 81cef767aa Fix Add FTCode Ransomware 2019-11-22 22:27:20 +01:00
rmkml eee9beca0f Add FTCode Ransomware 2019-11-22 21:16:40 +01:00
Deborah Servili 34faa63070
jq 2019-11-22 15:41:51 +01:00
Deborah Servili ba830c905d
add cyborg ransomnote refs 2019-11-22 15:36:49 +01:00
Deborah Servili 757c3d6480
add cyborg ransomnote filename 2019-11-22 15:35:58 +01:00
Deborah Servili 2009a9c45c
add cyborg ranspmware extension 2019-11-22 15:30:17 +01:00
Deborah Servili cab60a02e2
jq 2019-11-22 14:15:29 +01:00
Deborah Servili 08a4897cbe
add DePriMon malicious downloader & Cyborg ransomware 2019-11-22 14:05:36 +01:00
Alexandre Dulaunoy 8cc5e02f22
chg: [clean-up] jq all the things 2019-11-21 17:19:39 +01:00
Deborah Servili 38641aae36
merge 2019-11-21 16:24:11 +01:00
Deborah Servili f21dd95b28
merge 2019-11-21 16:23:29 +01:00
Alexandre Dulaunoy 8240fe1722
Merge pull request #480 from rmkml/master
Add Maze Ransomware
2019-11-21 14:13:17 +01:00
Deborah Servili 1a0dd2292b
add silence synonym & new meta field spoken-language 2019-11-21 11:50:02 +01:00
rmkml 90bc667988 Add Maze Ransomware 2019-11-21 00:57:50 +01:00
rmkml 9410326ea2 Revert "Add Maze Ransomware"
This reverts commit cfc6e2802c.
2019-11-21 00:55:55 +01:00
rmkml cfc6e2802c Add Maze Ransomware 2019-11-19 23:15:02 +01:00
Alexandre Dulaunoy 5dc55fbbfb
Merge pull request #477 from rmkml/master
Add Desync Ransomware
2019-11-19 06:40:31 +01:00
rmkml ac4099ed0e Add Desync Ransomware 2019-11-18 23:37:21 +01:00
Deborah Servili 5f65e8d208
traget information update [WIP] 2019-11-14 15:07:08 +01:00
StefanKelm aa132ca58f
new refs for APT33 2019-11-14 14:57:05 +01:00
Alexandre Dulaunoy ea18f6e920
Merge pull request #475 from Delta-Sierra/master
target information update [WIP]
2019-11-13 20:43:03 +01:00
Deborah Servili 08cdc4cac3
jq 2019-11-13 15:56:23 +01:00
Deborah Servili 985c4b2459
traget information update [WIP] 2019-11-13 15:55:32 +01:00
Alexandre Dulaunoy eea0f528fa
chg: [threat-actor] Lucky Mouse synonym added
Ref: https://www.bleepingcomputer.com/news/security/cyber-espionage-group-customizes-old-public-tools/
Ref: https://www.cybersecurity-insiders.com/apt-lucky-mouse-group-targets-canada-icao-via-cyber-attack/
2019-11-12 12:51:44 +01:00
Raphaël Vinot 1486890f86 fix: JQ all the things. 2019-11-12 10:25:00 +01:00
Alexandre Dulaunoy 871d90cfc2
chg: [threat-actor] Calypso group added
Ref: https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf
MISP UUID: 5ca4718b-7f38-4822-83b7-0a1a0a00b412
2019-11-11 13:34:54 +01:00
Deborah Servili e310b98bc0
add Palestine PPound 2019-11-07 08:44:49 +01:00
Deborah Servili 50022d3905 Merge branch 'master' of https://github.com/MISP/misp-galaxy 2019-11-07 08:34:05 +01:00
Alexandre Dulaunoy ea8c1dd764
Merge pull request #472 from rmkml/master
Add DoppelPaymer Ransomware
2019-11-06 20:48:33 +01:00
rmkml 9707a5eb0e Add DoppelPaymer Ransomware 2019-11-06 20:41:43 +01:00
Deborah Servili 1a62f7c2cd
jq 2019-11-06 16:23:34 +01:00
Deborah Servili 5b6aae5d1c
update target location WIP 2019-11-06 16:21:10 +01:00
Alexandre Dulaunoy 2d1406b4d6
Merge pull request #471 from rmkml/master
Add FreeMe Ransomware
2019-11-06 06:36:53 +01:00
rmkml 656d90fd7c Add FreeMe Ransomware 2019-11-05 23:09:48 +01:00
Alexandre Dulaunoy d9a64c18ff
chg: [threat-actor] threat-actor-classification updated 2019-11-04 09:37:52 +01:00
Alexandre Dulaunoy 6f463325b9
chg: [threat-actor] jq is jq 2019-11-03 16:01:09 +01:00
Alexandre Dulaunoy 64a3569803
Merge branch 'master' of github.com:MISP/misp-galaxy 2019-11-03 08:52:37 +01:00
Alexandre Dulaunoy 8d01e77574
chg: [threat-actor] Operation WizardOpium added
ref: https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/
2019-11-03 08:51:37 +01:00
Alexandre Dulaunoy 346e54a321
Merge pull request #468 from Delta-Sierra/master
add Turla Group Symonym variant
2019-11-02 13:40:21 +01:00
Deborah Servili 1da2dc8af1
add Turla Group Symonym variant 2019-10-31 16:33:32 +01:00
Deborah Servili efa2f43c0f
Merge pull request #467 from Delta-Sierra/master
Few updates
2019-10-31 14:31:16 +01:00
Deborah Servili bee9b80898
jq 2019-10-31 10:37:36 +01:00
Deborah Servili 0a8f989e1c
add Winnti related tools etc. 2019-10-31 10:36:15 +01:00
Christophe Vandeplas d32022b241 fix: [attack] fixes old MITRE relationships not being removed 2019-10-27 21:06:26 +01:00
Christophe Vandeplas 4ab9bbbfa3 chg: [attack] update to latest ATT&CK data 2019-10-25 10:12:41 +02:00
Alexandre Dulaunoy 1581827875
chg: [attck4fraud] jq all the things 2019-10-20 20:07:29 +02:00
Christophe Vandeplas eb594cba0f fix: [misinfosec] fixes inconsistent filename 2019-10-20 18:53:02 +02:00
Alexandre Dulaunoy 2b84592ff5
Merge branch 'master' of github.com:MISP/misp-galaxy 2019-10-18 14:28:41 +02:00
Alexandre Dulaunoy 77605f8d43
chg: [attck4fraud] updates based on issue #466 2019-10-18 14:27:36 +02:00
Rony 1fc0f5e2e7
Update threat-actor.json 2019-10-17 09:46:56 +05:30
Deborah Servili 88025a541f
add operation soft cell 2019-10-14 16:07:35 +02:00
mokaddem 4d4bd3a70c fix: [misinfosec] fixed kill_chain fields 2019-10-09 09:45:52 +02:00
VVX7 e4998efec9 chg: [galaxy] added AMITT galaxy/cluster generator script 2019-10-08 13:52:08 -04:00
VVX7 a0357c735e chg: [galaxy] version number to int 2019-10-07 19:19:45 -04:00
VVX7 0a29445b44 new: [galaxy] AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools. 2019-10-07 19:07:25 -04:00
Deborah Servili c27385cfa4
jq 2019-10-07 14:38:16 +02:00
Deborah Servili 5355910a8f
add legitimate tools 2019-10-07 13:38:40 +02:00
Deborah Servili 19452d8c1f Merge branch 'master' of https://github.com/MISP/misp-galaxy 2019-10-07 11:07:00 +02:00
Deborah Servili 569d453ff2
update version 2019-10-07 11:06:27 +02:00
Deborah Servili 0795eecd01
add PlugX rat sysnonyms 2019-10-07 11:04:33 +02:00
Alexandre Dulaunoy ac8236d16d
chg: [misp-galaxy] jq all the things 2019-10-03 14:46:07 +02:00
Alexandre Dulaunoy 9e82b025b5
chg: [tool] COMPfun - Reductor added
Ref: https://securelist.com/compfun-successor-reductor/93633/
2019-10-03 14:25:44 +02:00
Deborah Servili cb774002c9
add Sodinokibi synonym 2019-10-02 11:44:54 +02:00
Deborah Servili 82824be700
fix empty string 2019-09-30 12:55:31 +02:00
Deborah Servili b7c9d3e034
jq 2019-09-30 11:56:28 +02:00
Deborah Servili fca032ea73
add TVSPY tool 2019-09-30 10:45:53 +02:00
Deborah Servili f6c075c3df
WIP update target info 2019-09-27 16:22:01 +02:00
Deborah Servili c305640290
new galaxy - Region based on UN M49 2019-09-26 13:01:41 +02:00
Deborah Servili d0068b0ce0
WIP update target info 2019-09-25 15:39:02 +02:00
Deborah Servili a4b59f647c
jq 2019-09-25 13:41:55 +02:00
Deborah Servili 335402c886 Merge branch 'master' of https://github.com/MISP/misp-galaxy into target-location-galaxy 2019-09-25 13:39:33 +02:00
Deborah Servili bb3f9dc183
WIP update target info - fix empty string 2019-09-25 13:31:46 +02:00
Alexandre Dulaunoy 309109eb27
chg: [threat-actor] new LookBack (Malware?Campaign?TA?)
Signed-off: During MISP training
2019-09-25 12:12:34 +02:00
Deborah Servili 9068e3c742
WIP update target info 2019-09-25 11:46:10 +02:00
Alexandre Dulaunoy a5ae130916
chg: [threat-actor] Evil Eye and POISON CARP
Ref: https://citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/
Signed-off: Jean-Louis during training session
2019-09-25 11:27:03 +02:00
Deborah Servili 83ee520dd5
WIP update target info 2019-09-25 09:44:34 +02:00
Deborah Servili 638cdd4198
version update 2019-09-20 14:54:56 +02:00
Deborah Servili b9b4b9c651
Add Tortoiseshell thrat actor 2019-09-20 14:53:25 +02:00
Deborah Servili 6d88367497
moar clusters 2019-09-20 09:50:37 +02:00
Alexandre Dulaunoy 42f457fc22
Merge pull request #457 from rmkml/master
Add Mr.Dec Ransomware
2019-09-17 10:17:11 +02:00
rmkml 5631d210a0 Add Mr.Dec Ransomware 2019-09-17 00:44:56 +02:00
Alexandre Dulaunoy cc134d7dff
Merge pull request #456 from rmkml/master
Add Hildacrypt Ransomware
2019-09-15 18:24:03 +02:00
rmkml dff982be20 Add Hildacrypt Ransomware 2019-09-14 21:49:16 +02:00
Alexandre Dulaunoy 55da11f8ba
Merge pull request #455 from rmkml/master
Add InnfiRAT
2019-09-14 08:16:35 +02:00
rmkml f907797d41 Add InnfiRAT 2019-09-14 00:08:54 +02:00
Deborah Servili 7e892eaa7d
update target information [draft] 2019-09-13 16:35:20 +02:00
Deborah Servili 2588df01cc
update target information 2019-09-12 16:22:11 +02:00
StefanKelm db2b5a13ef
Update threat-actor.json
Silent Librarian
2019-09-12 11:57:03 +02:00
Deborah Servili 1eb23bc55b
update target information 2019-09-12 11:10:41 +02:00
Deborah Servili 6c430ad21e
improve target-information 2019-09-11 16:32:29 +02:00
rmkml 7c89cb308c
Merge branch 'master' into master 2019-09-07 19:52:05 +02:00
rmkml dfc6321e0c Add AsyncRAT 2019-09-07 19:43:08 +02:00
Deborah Servili 718ea55dd7
Merge branch 'master' into master 2019-09-04 14:42:47 +02:00
Deborah Servili 9e3a998dfc
aff SectorJ04 group 2019-09-03 15:51:21 +02:00
Alexandre Dulaunoy 9690d070ab
Merge pull request #450 from rmkml/master
Add Buran Ransomware
2019-09-02 07:39:19 +02:00
rmkml 28ec696272 Add Buran Ransomware 2019-09-01 21:20:28 +02:00
Daniel Plohmann f40b7dd132
'SectorJ04 Group' as alias introduced by NSHC for TA505
Not explicitly mentioned in the blog post but it looks like we just got an alias for TA505... https://threatrecon.nshc.net/2019/08/29/sectorj04-groups-increased-activity-in-2019/
2019-09-01 15:46:36 +02:00
Alexandre Dulaunoy 9920461294
Merge pull request #448 from rmkml/master
Add Nemty Ransomware
2019-08-31 21:27:50 +02:00
rmkml e79310c861 Add Nemty Ransomware 2019-08-31 21:08:50 +02:00
Alexandre Dulaunoy c7e6a17a31
Merge pull request #447 from Delta-Sierra/target-location-galaxy
improve more clusters
2019-08-30 16:37:39 +02:00
Deborah Servili 5504c10e3d
improve more clusters 2019-08-30 16:32:02 +02:00
Alexandre Dulaunoy b986f06cb4
Merge pull request #446 from wagner-certat/tool-empty-strings
Add test for empty strings
2019-08-30 11:10:16 +02:00
Alexandre Dulaunoy 0966e58da6
Merge branch 'master' of github.com:MISP/misp-galaxy 2019-08-30 11:06:29 +02:00
Alexandre Dulaunoy f5056ff02e
chg: [threat-actor] add machete-apt synonyms as reported in #445 2019-08-30 11:03:30 +02:00
Deborah Servili 2c248db419
Merge pull request #441 from Delta-Sierra/target-location-galaxy
More clusters improved
2019-08-30 10:15:56 +02:00
Sebastian Wagner e13087a9c4
target-information: fix territory-type for China 2019-08-30 10:08:19 +02:00
StefanKelm 49f8f60a85
Update threat-actor.json
Add ITG08 as synonym for FIN6
2019-08-29 13:13:00 +02:00
Alexandre Dulaunoy 8d78a2a108
chg: [threat-actor] jq all 2019-08-29 08:31:10 +02:00
Alexandre Dulaunoy 791c88f2eb
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-master 2019-08-29 08:30:41 +02:00
Deborah Servili 395dd93e0f
add Asruex Backdoor 2019-08-28 15:40:03 +02:00
Alexandre Dulaunoy 9926ea8826
chg: [threat-actor] LYCEUM added - 443 #fixed 2019-08-28 14:35:12 +02:00
Deborah Servili ea68336b96
add ref for Gamaredon 2019-08-27 08:28:58 +02:00
Deborah Servili 300e3c2bfb
More clusters improved 2019-08-26 17:50:20 +02:00
Alexandre Dulaunoy 775b6d1a09
Merge pull request #440 from Delta-Sierra/target-location-galaxy
Target location galaxy
2019-08-23 16:29:23 +02:00
Deborah Servili fcded146c2
More clusters improved 2019-08-23 16:01:12 +02:00
Deborah Servili bae47241f0
More clusters improved 2019-08-23 11:14:14 +02:00
Alexandre Dulaunoy a68577a967
Merge pull request #439 from Delta-Sierra/target-location-galaxy
Target location galaxy
2019-08-22 16:24:57 +02:00
Deborah Servili a579c041d2
More clusters improved 2019-08-22 15:59:11 +02:00
Deborah Servili b7a97d1baf
More clusters improved 2019-08-22 11:49:09 +02:00
Deborah Servili 6944236943
more countries 2019-08-20 15:24:16 +02:00
Sebastian Wagner 38aebbf42a
remove empty strings 2019-08-19 17:04:07 +02:00
Deborah Servili 93ca9a3123
Merge pull request #437 from Delta-Sierra/target-location-galaxy
Target location galaxy
2019-08-19 08:57:48 +02:00
Deborah Servili 754f8f2a48
complete more cluster + country is now an array 2019-08-14 16:30:28 +02:00
Deborah Servili 3e651e2d74
target-informatione - add membership member-of attribute - Example:member-of NATO 2019-08-13 15:36:10 +02:00
Alexandre Dulaunoy 6ca4e4cb17
Merge pull request #436 from Delta-Sierra/target-location-galaxy
Target location galaxy
2019-08-13 15:17:41 +02:00
Deborah Servili e00f139fa2
jq 2019-08-13 13:01:36 +02:00
Deborah Servili 9accc832e3
change attribute name 2019-08-13 12:08:03 +02:00
Deborah Servili 389a82701a
jq 2019-08-13 11:57:28 +02:00
Deborah Servili e946ce66db
complete some clusters 2019-08-13 11:55:18 +02:00
Alexandre Dulaunoy d48d2ccd3e
Merge pull request #435 from hackunagi/master
Adding Amavaldo Banking Trojan
2019-08-10 18:53:05 +02:00
Alexandre Dulaunoy 3841447e16
Merge pull request #434 from r0ny123/patch-1
added microsoft naming for the groups
2019-08-10 18:52:26 +02:00
Thomas Dupuy df5c9057a1 add synonyme for Turla 2019-08-09 17:34:22 -04:00
Carlos Borges d96dc39c5a
Adding Amavaldo Banking Trojan 2019-08-09 18:00:37 -03:00
Rony feac39db6b
added microsoft naming for the groups 2019-08-09 22:19:09 +05:30
Thomas Dupuy 320e298549 update victims 2019-08-09 10:45:10 -04:00
Thomas Dupuy 1988662ee5 add APT41 2019-08-09 10:24:06 -04:00
Deborah Servili e239619d15
jq 2019-08-06 15:42:20 +02:00
Deborah Servili 53df0908c7
update version 2019-08-06 15:34:23 +02:00
Deborah Servili 4bef48b33e
add Amavaldo 2019-08-06 13:28:32 +02:00
Nils Kuhnert 17925f3e10
Remove local file link :) 2019-08-03 18:55:00 +02:00
Deborah Servili 21318cdf3d
fix building mistakes 2019-08-02 16:28:32 +02:00
Alexandre Dulaunoy 7913adad61
chg: [threat-actor] rollback as discussed by chat with Andras until version 2.0 2019-08-02 16:08:40 +02:00
Andras Iklody 984be50396
lowercased value field for DarkHotel 2019-08-02 15:40:31 +02:00
Alexandre Dulaunoy 17452d31a7
chg: [att&ck] July ATT&CK release included in MISP galaxy 2019-08-01 15:51:03 +02:00
Alexandre Dulaunoy a401ff7405
Merge branch 'master' into patch-13 2019-08-01 08:52:27 +02:00
Daniel Plohmann 0367e16ce0
adding secureworks actor names for energetic bear and teamspy 2019-07-31 14:35:09 +02:00
Daniel Plohmann a4a72d0698
adding Proofpoint's TA428 2019-07-31 14:08:50 +02:00
Deborah Servili 08f713cb7d add tld
Signed-off-by: Deborah Servili <deborah.servili@gmail.com>
2019-07-26 16:22:45 +02:00
Deborah Servili 427b424cf7
rename galaxy target-location -> target-information 2019-07-19 13:49:43 +02:00
Deborah Servili 294a8bf6a2
new galaxy target-location [DRAFT] 2019-07-19 10:30:47 +02:00
Deborah Servili 2861d2d78c
jq 2019-07-16 10:13:10 +02:00
Deborah Servili ea4d8a2d42
add SWEED threat actor 2019-07-16 10:03:07 +02:00
Deborah Servili ca45f0deec
jq 2019-06-24 10:22:38 +02:00
Deborah Servili 32ffc98e5d
add Felipe Trojan 2019-06-24 10:20:29 +02:00
Alexandre Dulaunoy 9517c8b878
chg: [threat-actor] version updated 2019-06-20 17:58:35 +02:00
Alexandre Dulaunoy 8c90f7231c
chg: [threat-actor] duplicated refs removed 2019-06-20 17:35:35 +02:00
Alexandre Dulaunoy 5e9d075ae5
chg: [threat-actor] synonyms fixed 2019-06-20 17:30:01 +02:00
Alexandre Dulaunoy 195406cc6b
chg: [threat-actor] jq everything 2019-06-20 17:27:55 +02:00
Alexandre Dulaunoy d018519700
Merge branch 'master' of https://github.com/Delta-Sierra/misp-galaxy 2019-06-20 17:23:04 +02:00
Deborah Servili 30f042211b
fix duplicate 2019-06-20 16:35:49 +02:00
Deborah Servili a984786c8b
update threat actor galaxy 2019-06-20 16:25:23 +02:00
Rony 7afb9083b2
Update threat-actor.json 2019-06-19 23:29:35 +05:30
Deborah Servili 4bd37e2b2d
update threat actor galaxy 2019-06-19 16:38:04 +02:00
Deborah Servili 52e51833de
update threat actor galaxy 2019-06-18 16:05:49 +02:00
Deborah Servili 431e7a36c1
update threat actor galaxy 2019-06-17 16:36:42 +02:00
Deborah Servili b966369933
##COMMA## 2019-06-14 16:35:55 +02:00
Deborah Servili 1e5292d999
fix duplicate 2019-06-14 16:21:33 +02:00
Deborah Servili ead217eb28
Update version 2019-06-14 16:11:02 +02:00
Deborah Servili 98f0572d51
update threat actor galaxy 2019-06-14 16:06:09 +02:00
Deborah Servili b040f9f57b
fix duplicate and links update (APT34) 2019-06-14 08:41:38 +02:00
Deborah Servili 2001652dae
fix duplicate 2019-06-14 08:28:44 +02:00
Deborah Servili 20e77afcc3
update threat actor galaxy 2019-06-13 16:19:21 +02:00
Deborah Servili 11c2f43c9f
tryto fix duplicate 2019-06-13 11:26:42 +02:00
Deborah Servili e4245ee991
update threat actor galaxy 2019-06-12 16:25:24 +02:00
Deborah Servili 5a3d7e816f
fix duplicate 2019-06-12 09:24:05 +02:00
Deborah Servili 01fade422f Merge branch 'master' of https://github.com/MISP/misp-galaxy 2019-06-12 09:20:38 +02:00
Deborah Servili 1ba7f19ca2
update threat actor galaxy 2019-06-11 16:14:58 +02:00
Deborah Servili 347ed5d529
jq 2019-06-11 15:57:21 +02:00
Deborah Servili 79f11de6db
update threat actor galaxy 2019-06-11 15:54:39 +02:00
Deborah Servili d6b458520b
update threat actor galaxy 2019-06-11 11:57:04 +02:00
Alexandre Dulaunoy 8c69da1fd9
Merge pull request #413 from Delta-Sierra/master
update threat actor galaxy
2019-06-07 20:14:49 +02:00
Deborah Servili 1f2e59addb
update Threat actor galaxy 2019-06-07 16:34:43 +02:00
Deborah Servili 185763a63a
update threat actor 2019-06-06 16:34:09 +02:00
Deborah Servili b809b9cfbb
update threat actor darkhotel (nemim might be a typo) 2019-06-06 11:58:19 +02:00
Deborah Servili 189c3066a5
update threat actor 2019-06-04 16:32:39 +02:00
Alexandre Dulaunoy 3948cc24c1
Merge pull request #412 from Delta-Sierra/master
update threat actors and tools
2019-06-04 09:56:47 +02:00
Deborah Servili 468800ed59
FlawedAmmy RAT 2019-06-04 09:10:44 +02:00
Deborah Servili a6c9d335ee
fix multiple refs 2019-06-04 08:52:34 +02:00
Deborah Servili b47863f1c1
update threat actors 2019-05-29 16:18:50 +02:00
Deborah Servili f48167ce77
update threat actors 2019-05-29 15:34:20 +02:00
Deborah Servili f4cf3464ce
update threat actors and tools 2019-05-28 16:05:54 +02:00
Alexandre Dulaunoy 9eac2a3923
Merge pull request #411 from Delta-Sierra/master
update threat-actor galaxy
2019-05-28 09:37:14 +02:00
Deborah Servili bf19ed9d8d
fix merge mistakes 2019-05-28 09:26:24 +02:00
Deborah Servili 77d20739db
update threat actor 2019-05-28 09:24:29 +02:00
Deborah Servili 940762e0c5
update threat actor 2019-05-28 09:22:26 +02:00
Deborah Servili 0bb1420ab7
update threat-actor galaxy 2019-05-27 16:38:01 +02:00
Deborah Servili af6241fd20
update Anchor Panda Threat Actor 2019-05-27 11:47:05 +02:00
Alexandre Dulaunoy 555a87275f
Merge pull request #409 from rmkml/master
Add GetCrypt Ransomware
2019-05-25 13:56:30 +02:00
rmkml de9cc6898a Add GetCrypt Ransomware 2019-05-25 13:30:15 +02:00
Alexandre Dulaunoy 3420e50bfd
Merge pull request #408 from rmkml/master
Add Phobos Ransomware
2019-05-25 08:42:26 +02:00
Alexandre Dulaunoy 1ece51ed48
chg: [branded_vulnerability] version updated 2019-05-25 08:41:33 +02:00
rmkml 6f140ce358
Merge branch 'master' into master 2019-05-25 00:03:34 +02:00