MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity
3,880 Commits
6 Branches
47 Tags
60 MiB
Commit Graph

2657 Commits (ca3cd1d0fb626bcdc9503b748275a8ce2777b307)

Author SHA1 Message Date
Rony ff07821cca
chg: [threat-actors] updated with references 2024-04-16 16:08:39 +00:00
Rony d6c0a2110e
Merge branch 'MISP:main' into cn 2024-04-16 21:22:12 +05:30
Alexandre Dulaunoy 59e9f48e19
chg: [sigma-rules] updated to the latest version 2024-04-14 09:28:32 +02:00
Rony bfceda0029
chg: [threat-actors] add `Storm-0558` references 2024-04-11 04:15:38 +00:00
Rony 3bfe5c09a0
Merge branch 'MISP:main' into cn 2024-04-11 08:58:24 +05:30
gregWDumont f6d11cacab [Sector] Add NACE_CODE to cluster 2024-04-03 16:36:34 +02:00
Christophe Vandeplas 7d5044ccaf
fix: [ukhsa] fix duplicate entry 2024-03-29 19:31:14 +01:00
Rony 605676806b
Merge branch 'MISP:main' into cn 2024-03-29 22:28:22 +05:30
Christophe Vandeplas 1c0beeaecf
new: [UKHSA] Added UK Health Security Agency Culture Collections 2024-03-29 14:45:13 +01:00
Mathieu4141 22bea56895 [threat-actors] Add UNC5174 2024-03-27 05:09:24 -07:00
Mathieu4141 541eb4a4a9 [threat-actors] Add Saad Tycoon 2024-03-27 05:09:24 -07:00
Mathieu4141 769cd4f47b [threat-actors] Add Edalat-e Ali 2024-03-27 05:09:24 -07:00
Mathieu4141 ab52990840 [threat-actors] Add SilitNetwork 2024-03-27 05:09:24 -07:00
Mathieu4141 120f5c9b3f [threat-actors] Add Lazarus Group aliases 2024-03-27 05:09:24 -07:00
Rony bd7a3c90bb
fix: [threat-actor] remove comma 2024-03-25 19:39:46 +00:00
Rony d0a1e04de6
chg: [threat-actors] updated with references 2024-03-26 00:59:48 +05:30
Delta-Sierra f7eaa3d9d7 merge 2024-03-21 16:04:35 +01:00
Delta-Sierra 7e715b63e7 add Germany as target for several Threat actors 2024-03-21 16:00:31 +01:00
Mathieu4141 38d0804f9c [threat-actors] Add Earth Krahang 2024-03-20 10:23:42 -07:00
Mathieu4141 bef50816a4 [threat-actors] Add MuddyWater aliases 2024-03-20 10:23:42 -07:00
Mathieu4141 b2e9f6c152 [threat-actors] Add Earth Kapre 2024-03-20 10:23:42 -07:00
Mathieu4141 6490424201 [threat-actors] Add UNC5325 2024-03-20 10:23:42 -07:00
Christophe Vandeplas 819b177278
fix: [tmss] remove duplicate author entry 2024-03-18 10:44:09 +01:00
Christophe Vandeplas 1114e7a67c
new: [tmss] Add Threat Matrix for Storage Services fixes #947 2024-03-18 10:39:28 +01:00
Christophe Vandeplas 2b12224aa9
chg: [disarm] New Version 1.4 of Red Framework 2024-03-15 16:32:49 +01:00
Alexandre Dulaunoy 5f1b2305cf
Merge pull request #946 from NMD03/intel 
Inteligence Agencies
 2024-03-13 16:31:16 +01:00
niclas 7885a8fd00 chg [intel] mistakes on wikipedia got fixed 2024-03-13 10:10:35 +01:00
niclas 64803fb28c chg: [intel] use UUIDv5 for clusters 2024-03-13 09:35:00 +01:00
niclas 65470855b3 Fix [cluster] duplicates 2024-03-12 14:23:11 +01:00
niclas 04c07e4774 Add [cluster] authors 2024-03-12 14:06:14 +01:00
niclas 3ece11b87f Fix [synonyms] 2024-03-12 13:59:18 +01:00
niclas 5d8dbf0d91 Add [cluster] country code 2024-03-12 13:55:00 +01:00
niclas c88253baea Add [synonyms] and fixed indivdual mistakes 2024-03-12 13:00:57 +01:00
niclas bb28408b14 Add [agencies] refs 2024-03-12 11:22:30 +01:00
Daniel Plohmann 77b7ed2f01
adding aliases from UA's H1'2023 report 2024-03-12 10:15:12 +01:00
Alexandre Dulaunoy 3f039b5932
fix: [threat-actor] fix #942 
`Hyppo Team` was present in two clusters. We just kept the alias
for `Turla`.
 2024-03-11 10:00:15 +01:00
Delta-Sierra 5d8d0d294e Merge https://github.com/MISP/misp-galaxy 2024-03-07 14:10:29 +01:00
Delta-Sierra d9214cff89 update producers 2024-03-07 13:48:22 +01:00
Alexandre Dulaunoy b43f9d7b3d
Merge pull request #941 from NMD03/main 
Add [galaxies] Tidal Cyber
 2024-03-06 11:07:29 +01:00
niclas 098f0e6ecd Fix [config] uuids 2024-03-06 09:54:06 +01:00
niclas 4f07fbdcdd Fix [config] typo 2024-03-06 09:35:35 +01:00
niclas c28a001b4f Fix [tidal] check for existing sub clusters 2024-03-06 09:19:11 +01:00
niclas 03c6e3cb00 Fix [duplicates] list 2024-03-05 17:22:03 +01:00
niclas a3071cf270 Add [techniques] codeblock for duplicates 2024-03-05 17:15:21 +01:00
niclas 16366f6893 Chg [tidal] add associated to name 2024-03-05 16:24:29 +01:00
niclas a88b3ced33 Chg [groups] change name for Volt Typhoon duplicate 2024-03-05 16:15:58 +01:00
niclas 9e78c85124 Fix [references] no empty refs 2024-03-05 15:55:07 +01:00
niclas 2b383338f0 Fix [software] type as array 2024-03-05 15:46:35 +01:00
niclas b2cc4ccd08 Fix [galaxies] add version 2024-03-05 15:33:10 +01:00
niclas f756c18d1d Fix [clusters] authors 2024-03-05 15:11:57 +01:00
niclas 5be77f6c2d Fix [tidal] exclude empty meta fields 2024-03-05 14:41:53 +01:00
niclas 8e345c3684 Add [galaxies] Cyber Tidal 2024-03-05 14:27:25 +01:00
Mathieu4141 c11834aec4 [threat-actors] Add R00tK1T 2024-02-29 10:38:27 -08:00
Mathieu4141 39f89c900c [threat-actors] Add Mogilevich 2024-02-29 10:38:27 -08:00
Mathieu4141 cc68b22fe2 [threat-actors] Add UNC1549 2024-02-29 10:38:27 -08:00
Mathieu4141 7b3c8a87c3 [threat-actors] Add UAC-0184 2024-02-29 10:38:27 -08:00
Mathieu4141 b010a75426 [threat-actors] Add SPIKEDWINE 2024-02-29 10:38:27 -08:00
Alexandre Dulaunoy 838f649766
chg: [sigma] updated to the latest version 2024-02-27 14:10:36 +01:00
Delta-Sierra 7481cce57d fix double 2024-02-23 16:14:42 +01:00
Delta-Sierra 42b3319e69 typo~ 2024-02-23 16:13:14 +01:00
Delta-Sierra 8e07569da2 Fix ENORMOUS TYPO and add a few description (wip) 2024-02-23 16:11:23 +01:00
Delta-Sierra 667263a512 add producer names 2024-02-23 16:02:22 +01:00
Alexandre Dulaunoy 39d40a991f
chg: [producer] Sophos added 2024-02-23 15:51:56 +01:00
Alexandre Dulaunoy 364b835d8e
chg: [threat-actor] version updated 2024-02-23 15:46:11 +01:00
Alexandre Dulaunoy efb3c3995a
new: [producer] Skeleton for threat intelligence producer to be attached 
as producer of Intelligence in MISP feed.

In the realm of cybersecurity, numerous security firms produce feeds and threat intelligence conforming to the MISP standards. However, a significant challenge arises due to the often insufficient or vague descriptions of the origins of this intelligence within these standards. This lack of clarity hinders the effectiveness and credibility of the threat intelligence shared across platforms and organizations.
 2024-02-23 15:30:53 +01:00
Mathieu4141 9c85cbc223 [threat-actors] Add GoldFactory 2024-02-20 05:22:26 -08:00
Mathieu4141 82b347682c [threat-actors] Add Winter Vivern aliases 2024-02-20 05:22:26 -08:00
Mathieu4141 4e61e7275a [threat-actors] Add Cyber.Anarchy.Squad 2024-02-20 05:22:26 -08:00
Mathieu4141 ccfd207e59 [threat-actors] Add LabHost 2024-02-20 05:22:26 -08:00
Mathieu4141 83198aa663 [threat-actors] Add ShadowSyndicate 2024-02-20 05:22:25 -08:00
Mathieu4141 d3f5a26ec0 [threat-actors] Add ResumeLooters 2024-02-20 05:22:25 -08:00
Mathieu4141 6ddf39e1ae [threat-actors] Add Charming Kitten aliases 2024-02-20 05:22:25 -08:00
Mathieu4141 96adf0ba8f [threat-actors] Add ProCC 2024-02-20 05:22:25 -08:00
niclas e90ae3e5d9 Fix [mitre] new galaxy enrichments 2024-02-19 13:44:32 +01:00
niclas bdd2329163 reset enrichment 2024-02-19 13:42:27 +01:00
Alexandre Dulaunoy 7ed94eb865
chg: [threat-actor] fixed 2024-02-16 18:41:46 +01:00
jstnk9 b3a25c57b3 added new information in relation to the Mandiant-Google TAG Report 
New information added via https://services.google.com/fh/files/misc/tool-of-first-resort-israel-hamas-war-cyber.pdf
 2024-02-16 17:36:09 +01:00
Delta-Sierra ef8c6c95eb add relationships between surveillance vendors 2024-02-16 15:37:14 +01:00
Alexandre Dulaunoy 9cf86925f1
Merge pull request #931 from NMD03/enrich_new_mitre 
Add [mitre] relations from deprecated galaxies
 2024-02-15 16:31:08 +01:00
niclas 777ead0170 Fix [mitre] running jq_all_the_things.sh 2024-02-15 14:26:04 +01:00
Mathieu4141 f4d69382cf [threat-actors] Add Blackatom 2024-02-15 03:42:29 -08:00
Mathieu4141 ed26f4d246 [threat-actors] Add TA2725 2024-02-15 03:42:28 -08:00
niclas 1e60ee58a7 Add [mitre] relations from deprecated galaxies 2024-02-15 11:59:17 +01:00
Alexandre Dulaunoy 8f3c662961
chg: [sigma] updated to the latest version 2024-02-12 21:24:11 +01:00
Daniel Plohmann 8a359dbd43
merge KNOCKOUT SPIDER -> Evilnum 
Based on newer public reporting grouping these.
 2024-02-08 10:38:04 +01:00
Delta-Sierra a8496a939e Merge https://github.com/MISP/misp-galaxy 2024-02-07 10:53:31 +01:00
Delta-Sierra 4686aae3d5 add COATHANGER ref 2024-02-07 10:52:40 +01:00
Delta-Sierra 6222443b24 add COATHANGER RAT 2024-02-07 10:51:47 +01:00
Alexandre Dulaunoy 94051bb5ef
chg: [surveillance-vendor] updated 2024-02-07 10:39:03 +01:00
Alexandre Dulaunoy c867adcbf3
Merge branch 'main' of github.com:MISP/misp-galaxy into main 2024-02-07 10:22:24 +01:00
Alexandre Dulaunoy d07c584525
chg: [surveillance-vendor] updated following https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf 2024-02-07 10:21:40 +01:00
Mathieu4141 02bec6da4f [threat-actors] Add TwoSail Junk aliases 2024-02-06 07:30:07 -08:00
Mathieu4141 6235ee49f7 [threat-actors] Add Operation Emmental 2024-02-06 07:30:07 -08:00
Mathieu4141 c740c6f1e1 [threat-actors] Add Urpage 2024-02-06 07:30:06 -08:00
Mathieu4141 f58c20fc20 [threat-actors] Add APT23 aliases 2024-02-06 07:30:06 -08:00
Mathieu4141 9a2e09d86c [threat-actors] Add Operation C-Major aliases 2024-02-06 07:30:06 -08:00
Mathieu4141 5194939603 [threat-actors] Add Tonto Team aliases 2024-02-06 07:30:06 -08:00
Mathieu4141 cc4dca679b [threat-actors] Add Earth Yako 2024-02-06 07:30:06 -08:00
Mathieu4141 baaf153229 [threat-actors] Add Operation Red Signature 2024-02-06 07:30:06 -08:00
Mathieu4141 859d3f7ac0 [threat-actors] Add Earth Berberoka aliases 2024-02-06 07:30:06 -08:00
Mathieu4141 55083776a0 [threat-actors] Add Domestic Kitten aliases 2024-02-06 07:30:05 -08:00
Delta-Sierra 8643f5f555 Merge https://github.com/MISP/misp-galaxy 2024-02-06 15:11:53 +01:00
Delta-Sierra ea16f1811a adding several webshells and open source tools 2024-02-06 15:09:41 +01:00
Mathieu4141 957e848a6f [threat-actors] Add Ferocious Kitten 2024-02-05 09:20:11 -08:00
Mathieu4141 3a44200a0c [threat-actors] Add APT5 aliases 2024-02-05 09:20:11 -08:00
Mathieu4141 d2586524e3 [threat-actors] Add CardinalLizard 2024-02-05 09:20:11 -08:00
Mathieu4141 045ec7071f [threat-actors] Add Operation Ghoul 2024-02-05 09:20:11 -08:00
Mathieu4141 3a15a27584 [threat-actors] Add Operation Triangulation 2024-02-05 09:20:11 -08:00
Mathieu4141 c97fc15d59 [threat-actors] Add GhostEmperor 2024-02-05 09:20:11 -08:00
Mathieu4141 cff0da0b3a [threat-actors] Add RevengeHotels 2024-02-05 09:20:10 -08:00
Mathieu4141 40becc0ee9 [threat-actors] Add Fishing Elephant 2024-02-05 09:20:10 -08:00
Mathieu4141 dd01813e51 [threat-actors] Add ShaggyPanther 2024-02-05 09:20:10 -08:00
Mathieu4141 bffb0ef644 [threat-actors] Add Tomiris 2024-02-05 09:20:10 -08:00
Mathieu4141 3379a0777b [threat-actors] Add Karkadann 2024-02-05 09:20:10 -08:00
Alexandre Dulaunoy b35d4bd07a
chg: [threat-actor] version updated 2024-02-05 15:21:25 +01:00
Mathieu4141 ffeed3447f [threat-actors] Add Silent Librarian aliases 2024-02-05 03:39:17 -08:00
Mathieu4141 9c5bc36ab4 [threat-actors] Add MuddyWater aliases 2024-02-05 03:39:17 -08:00
Mathieu4141 4699f65425 [threat-actors] Add TA2719 2024-02-05 03:39:17 -08:00
Mathieu4141 fc173c1a78 [threat-actors] Add APT10 aliases 2024-02-05 03:39:17 -08:00
Mathieu4141 bd0d541a7a [threat-actors] Add OilRig aliases 2024-02-05 03:39:16 -08:00
Mathieu4141 9cb1fd6aa8 [threat-actors] Add Lazarus Group aliases 2024-02-05 03:39:16 -08:00
Mathieu4141 57016ac3ae [threat-actors] Add TA2722 2024-02-05 03:39:16 -08:00
Mathieu4141 be8e127590 [threat-actors] Add APT39 aliases 2024-02-05 03:39:16 -08:00
Mathieu4141 40f65a9d91 [threat-actors] Add Evilnum aliases 2024-02-05 03:39:16 -08:00
Mathieu4141 3f6ff94c89 [threat-actors] Add APT33 aliases 2024-02-05 03:39:16 -08:00
Mathieu4141 72504d286a [threat-actors] Add MUSTANG PANDA aliases 2024-02-05 03:39:16 -08:00
Mathieu4141 3690ab0e24 [threat-actors] Add TA2552 2024-02-05 03:39:16 -08:00
Mathieu4141 a456e419d8 [threat-actors] Add APT31 aliases 2024-02-05 03:39:16 -08:00
Christophe Vandeplas ca366fc16a
chg: [ATRM] bump to latest ATRM version 2024-02-05 07:34:58 +01:00
Alexandre Dulaunoy effee963cc
chg: [microsoft] updated version 2024-02-02 15:32:02 +01:00
Mathieu4141 e497ec2b38 [threat-actors] Add Storm-1575 2024-02-01 11:02:05 -08:00
Mathieu4141 a42dc67fb6 [threat-actors] Add Storm-0835 2024-02-01 11:02:05 -08:00
Mathieu4141 1589a943a9 [threat-actors] Add Storm-1674 2024-02-01 11:02:05 -08:00
Mathieu4141 0b571d7e76 [threat-actors] Add Storm-0829 2024-02-01 11:02:05 -08:00
Mathieu4141 7607dc70cf [threat-actors] Add Storm-1567 2024-02-01 11:02:05 -08:00
Mathieu4141 eb8db810c0 [threat-actors] Add Storm-1152 2024-02-01 11:02:05 -08:00
Mathieu4141 991765a1c7 [threat-actors] Add SaintBear aliases 2024-02-01 11:02:05 -08:00
Mathieu4141 b3f440203a [threat-actors] Add Storm-0539 2024-02-01 11:02:05 -08:00
Mathieu4141 b645975616 [threat-actors] Add DarkHotel aliases 2024-02-01 11:02:04 -08:00
Mathieu4141 fa7709e63c [threat-actors] Add Storm-0530 2024-02-01 11:02:04 -08:00
Mathieu4141 a6c451be2d [threat-actors] Add Storm-0381 2024-02-01 11:02:04 -08:00
Mathieu4141 3a193291b9 [threat-actors] Add Storm-1101 2024-02-01 11:02:04 -08:00
Mathieu4141 3fda32a0d6 [threat-actors] Add Ghostwriter aliases 2024-02-01 11:02:04 -08:00
Mathieu4141 de04fe33e1 [threat-actors] Add Storm-1286 2024-02-01 11:02:04 -08:00
Mathieu4141 68e0ffb006 [threat-actors] Add Storm-1099 2024-02-01 11:02:04 -08:00
Mathieu4141 972ed33536 [threat-actors] Add TA2101 aliases 2024-02-01 11:02:03 -08:00
Mathieu4141 83f874da2c [threat-actors] Add LYCEUM aliases 2024-02-01 11:02:03 -08:00
Mathieu4141 6f61a3fc3e [threat-actors] Add Storm-1084 2024-02-01 11:02:03 -08:00
Mathieu4141 73d23f6211 [threat-actors] Add Sandworm aliases 2024-02-01 11:02:03 -08:00
Mathieu4141 ba7137c5a3 [threat-actors] Add Lazarus Group aliases 2024-02-01 11:02:03 -08:00