MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity
2,966 Commits
6 Branches
47 Tags
57 MiB
Commit Graph

2003 Commits (dd9e033ce50628ba0515fa5e08846490780e3f1c)

Author SHA1 Message Date
Daniel Plohmann 02e23a9a47
adding Google alias HOODOO for APT41 2023-04-17 22:32:50 +02:00
Alexandre Dulaunoy 91af071bae
new: [online-service] online service added 2023-04-17 10:59:18 +02:00
Alexandre Dulaunoy 5f9760923f
Merge pull request #838 from Delta-Sierra/main 
Adding SNOWYAMBER, HALFRIG, QUARTERRIG tools & PowerMagic backdoor
 2023-04-14 16:03:57 +02:00
Delta-Sierra 8e9880d932 Add SNOWYAMBER, HALFRIG, QUARTERRIG tools 2023-04-14 15:59:42 +02:00
Delta-Sierra c5590ff79a add PowerMagic backdoor 2023-04-13 14:11:36 +02:00
Daniel Plohmann a966b3ff88
adding Trend Micro alias Earth Preta for Mustang Panda 2023-04-12 16:59:36 +02:00
Alexandre Dulaunoy 2763cdd72b
chg:[sigma] Sigma rules updated 2023-04-12 11:44:43 +02:00
Delta-Sierra 8c831d70c8 jq 2023-04-11 15:06:59 +02:00
Delta-Sierra d30e7357fe merge 2023-04-11 13:57:30 +02:00
Delta-Sierra eb9254713a Add more ransomwares from ransomlook 2023-04-11 13:56:29 +02:00
Alexandre Dulaunoy 3cc7e03af6
new: [stealer] add Sordeal Stealer 2023-04-11 09:54:02 +02:00
Alexandre Dulaunoy cbf12d9289
Merge pull request #833 from jloehel/HinataBot 
chg[botnet]: Add HinataBot
 2023-04-04 10:17:07 +02:00
Jürgen Löhel 647fc025d7
chg[botnet]: Add HinataBot 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-04-03 11:19:08 -06:00
Alexandre Dulaunoy 15a03e877e
chg: [sigma] updated 2023-03-29 10:33:57 +02:00
Sebdraven d5843d46e2 Update threat-actor.json 
add ref to Aoqin Dragon
 2023-03-21 18:40:10 +01:00
Alexandre Dulaunoy 122a0bd39b
fix: [ransomware] fix duplicate Value "Cuba" 2023-03-19 11:03:12 +01:00
Alexandre Dulaunoy f2305dc165
Merge pull request #829 from Delta-Sierra/main 
update based on ransomlook+1
 2023-03-16 19:18:54 +01:00
Delta-Sierra 12f69a6082 update based on ransomlook 2023-03-16 15:24:44 +01:00
Mathieu Beligon d82ff1ecfb [threat-actors] Add Anonymous Sudan 2023-03-15 17:38:03 -05:00
Daniel Plohmann c39b46e9d5
Update threat-actor.json 
when value "Sofacy" was changed to "APT28", it seems Sofacy was not added to aliases, so it's missing right now.
 2023-03-15 14:55:25 +01:00
Delta-Sierra 74390b27c5 Merge https://github.com/MISP/misp-galaxy 2023-03-13 09:59:04 +01:00
Delta-Sierra c4eca7dfe1 more from ransomlook 2023-03-13 09:59:00 +01:00
Jürgen Löhel 9f9a263394
chg [tool]: Add tools used by TA866 during the Screentime campaign 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-03-08 21:46:11 -06:00
Jürgen Löhel 031a4c8030
chg [stealer]: Add Rhadamanthys 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-03-08 21:45:39 -06:00
Jürgen Löhel 437d4a30e5
chg [tds]: Add 404 TDS 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-03-08 21:45:13 -06:00
Jürgen Löhel 2d30785af5
chg [threat-actors] Add TA866 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
 2023-03-08 21:44:16 -06:00
Alexandre Dulaunoy 57f3e46273
chg: [sigma] updated 2023-03-07 12:14:48 +01:00
Alexandre Dulaunoy e7b97edaa4
chg: [ransomware] fixing duplicate cluster element Avaddon 2023-03-07 12:06:56 +01:00
Alexandre Dulaunoy 6db5b0b0cb
Merge pull request #824 from Delta-Sierra/main 
update based on ransomlook
 2023-03-06 16:23:48 +01:00
Delta-Sierra bed6bf8dd6 fix stupid duplicate-bis 2023-03-06 16:10:23 +01:00
Delta-Sierra d561350f7b fix stupid duplicate 2023-03-06 16:04:28 +01:00
Delta-Sierra 96cb1e22ba update based on ransomlook 2023-03-06 15:55:46 +01:00
Mathieu Beligon 395ffda94f [threat-actors] bump version 2023-03-02 10:29:52 -08:00
Mathieu Beligon e1407c3c3f [threat-actors] Add SLIPPY SPIDER alias to LAPSUS 2023-03-02 10:29:29 -08:00
Mathieu Beligon 4bbee8c1e7 [threat-actors] Add PROPHET SPIDER 2023-03-02 10:19:24 -08:00
Mathieu Beligon 61cb24a3fc [threat-actors] Add Nemesis Kitten 2023-03-01 16:37:42 -08:00
Mathieu Beligon 84faa3c92b [threat-actors] Add Karakurt 2023-03-01 16:34:03 -08:00
Mathieu Beligon 7d371b4c80 [threat-actors] Add CYBORG SPIDER alias to GOCLD BURLAP 2023-03-01 15:45:41 -08:00
Mathieu Beligon fa57354471 [threat-actors] Add Chamelgang 2023-03-01 15:40:23 -08:00
Mathieu Beligon bff978e4d1 [threat-actors] Add TA453 2023-03-01 15:24:55 -08:00
Mathieu Beligon 3406ad3aa9 [threat-actors] Add APT42 2023-03-01 15:18:53 -08:00
Mathieu Beligon 2567d6f1f8 [threat-actors] Add TA406 2023-03-01 15:01:22 -08:00
Rony 50624af741 add DEV-0147 https://twitter.com/MsftSecIntel/status/1625181255754039318 2023-02-25 20:18:09 +00:00
Rony cf727f034c
add other actor synonyms from Google's report https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf 2023-02-26 01:05:50 +05:30
Delta-Sierra 27f4c9fcdc synonyms must be an array 2023-02-23 14:26:20 +01:00
Delta-Sierra 0ca7675a5f Merge https://github.com/MISP/misp-galaxy 2023-02-23 14:16:00 +01:00
Delta-Sierra 55725c771e add/update ransomware based on ransomlook 2023-02-23 14:15:09 +01:00
Tom King e52eefa0e7 chg: [mitre] updated with correct ID parsing 2023-02-21 10:36:37 +00:00
Christophe Vandeplas 9f73ff73ac fix: [first-dns] corrected typo 2023-02-21 10:54:30 +08:00
Christophe Vandeplas e2f2026fea chg: [first-dns] Adds FIRST DNS Abuse Techniques Matrix 2023-02-21 10:26:46 +08:00