Commit Graph

1936 Commits (8bf3ddef9e6af51b223bfd45438411054ef0d3d6)

Author SHA1 Message Date
Alexandre Dulaunoy db9d79b093
Merge pull request #360 from goodlandsecurity/spearphishing-objects
Spearphishing objects
2022-05-21 08:00:02 +02:00
Good Land Security df5f9921df
Merge branch 'MISP:main' into spearphishing-objects 2022-05-20 20:20:10 -05:00
Alexandre Dulaunoy 52918bb373
Merge pull request #359 from matthijsvp/main
Processed feedback for ransom-negotiation object.
2022-05-20 21:50:52 +02:00
goodlandsecurity 2b19a8099e formatting after jq_all_the_things 2022-05-20 14:24:40 -05:00
goodlandsecurity 1c3aff42c5 added date for tracking when e-mail was sent 2022-05-20 14:20:37 -05:00
goodlandsecurity c62a113fec add new objects for spearphishing-link and spearphishing-attachment intel 2022-05-20 11:49:15 -05:00
matthijsvp f04caaa2c1 Added fields 2022-05-20 15:53:29 +02:00
matthijsvp bffed035df Merge branch 'main' of github.com:matthijsvp/misp-objects 2022-05-20 15:50:37 +02:00
matthijsvp dac6d57e79 Added some field from feedback 2022-05-20 15:50:31 +02:00
Alexandre Dulaunoy a922f29b46
Merge branch 'Vasileios-Mavroeidis-patch-1' into main 2022-05-18 22:01:41 +02:00
Alexandre Dulaunoy ccd239bf64
chg: [security-playbook] jq all the things 2022-05-18 22:00:41 +02:00
Vasileios Mavroeidis 0c54a39d37
Update definition.json
The PR updates the security playbook object with improved semantics based on feedback we have received. 

The updated template has "one-to-one" mapping with the available STIX 2.1 ad-hoc extension for the COA SDO available here: https://github.com/fovea-research/stix2.1-coa-playbook-extension

This research (updated version 3) was partially supported by the research projects CyberHunt (Grant No. 303585 - funded by the Research Council of Norway) and JCOP (Grant No. INEA/CEF/ICT/A2020/2373266 - funded by the European Health and Digital Executive Agency through the Connected Europe Facility program).
2022-05-18 13:56:59 +02:00
Alexandre Dulaunoy 7c7d1fbe98
chg: [paloalto-threat-event] Hungary access to the git repository has been sanctioned 2022-05-11 15:38:24 +02:00
Andras Iklody a5184c6746
chg: [paloalto-threat-event] version bump
For instances that ingested it before the disable_correlation changes, they didn't take and ended up pushing a lot of correlating noise. This should resolve it for the future.
2022-05-11 13:16:36 +02:00
Alexandre Dulaunoy 4125494c84
Merge pull request #355 from matthijsvp/main
New object template: Ransom negotations
2022-05-07 09:15:41 +02:00
matthijsvp b8456cf80b Ran validation 2022-05-07 08:00:38 +02:00
Matthijs van P 9e378c705f
Merge branch 'MISP:main' into main 2022-05-07 07:56:36 +02:00
Matthijs van P 109f78336b
Changed version to int. 2022-05-07 06:47:40 +02:00
Christian Studer f762d5b2a4
add: [passive-ssh] Added `port` attribute 2022-05-06 17:01:13 +02:00
matthijsvp 3f90f65508 Fixed spelling mistakes 2022-05-06 14:09:50 +02:00
matthijsvp bb686f24d4 Removed required field 2022-05-06 13:50:34 +02:00
matthijsvp d04d453f47 Added sane defaults to all booleans 2022-05-06 13:48:12 +02:00
matthijsvp dcf34a680f bumped version number, fixed stray typo 2022-05-06 13:38:11 +02:00
matthijsvp 7480c51533 Added need/want for decryptor and data deletion 2022-05-06 13:25:31 +02:00
Christian Studer de7792373c
add: [passive-ssh] Added `banner` & `hassh` attributes 2022-05-05 20:38:53 +02:00
matthijsvp 33458100e4 Fixed ui order, fixed screenshot type 2022-05-05 15:54:37 +02:00
matthijsvp 6ec02ff6d8 Added transcript and screenshot fields 2022-05-05 15:48:31 +02:00
matthijsvp 1c2513caf2 Fixed email attribute type, fixed typo 2022-05-05 15:38:19 +02:00
matthijsvp 38d22a425f v1 of ransom-negotiation object 2022-05-05 15:18:22 +02:00
matthijsvp 25c318c3b3 Initial commit 2022-05-04 16:49:17 +02:00
Alexandre Dulaunoy cd3f54747a
Merge pull request #354 from 3c7/object/vt_submitter
Added Object virustotal-submission
2022-04-26 23:22:46 +02:00
3c7 3843974232
Added new object to README 2022-04-26 15:08:14 +02:00
3c7 314d72f948
Fixes wrong category and typo in value list 2022-04-26 15:05:05 +02:00
3c7 e57ab0f522
uploaded -> submitted; otherwise possible semantic collision with "uploads" relationship 2022-04-26 14:07:20 +02:00
3c7 dcb44bcc5a
Added VirusTotal Submission object and uploaded/uploaded-by relation 2022-04-26 14:02:43 +02:00
Alexandre Dulaunoy ea23d59185
chg: [organization] NL fixed 2022-04-04 14:49:44 +02:00
Alexandre Dulaunoy 783ae64fa0
chg: [organization] typo fixed 2022-04-04 14:46:22 +02:00
Alexandre Dulaunoy 4f0e518368
chg: [relationships] NL fix 2022-04-04 14:32:44 +02:00
Alexandre Dulaunoy a3c3484c92
chg: [relationship] "has-met" added 2022-04-04 14:27:58 +02:00
Alexandre Dulaunoy 6e98779d1a
Merge branch 'main' of github.com:MISP/misp-objects into main 2022-04-04 14:08:34 +02:00
Alexandre Dulaunoy 46a4b67c35
chg: [organization] add registry number and format for date of registration 2022-04-04 14:07:55 +02:00
Alexandre Dulaunoy 3f4e4745a8
Merge pull request #353 from chrisr3d/main
Added a `full-name` object_relation for cases when we are not sure which name is the first and the last
2022-03-31 22:13:43 +02:00
chrisr3d 60d2fc447f add: [employee] Added a `full-name` object_relation for cases when we are not sure which name is the first and the last 2022-03-31 20:21:12 +02:00
Alexandre Dulaunoy f1086328a1
chg: [personification] fixed 2022-03-24 15:42:35 +01:00
Alexandre Dulaunoy 05195859b1
Merge pull request #351 from 0wlyW00d/main
Add new objects to better describe a natural person
2022-03-22 21:58:37 +01:00
Alexandre Dulaunoy 18a683ac98
Merge pull request #352 from yodresh/master
Update version SS7 object
2022-03-21 15:09:50 +01:00
Alexandre De Oliveira 2a7d2de508 modified by ./jq_all_the_things.sh 2022-03-21 15:04:26 +01:00
Alexandre De Oliveira a98ac163fb
Update object version to v5 2022-03-21 15:02:48 +01:00
0wlyW00d c44272a069 test 2022-03-21 10:08:36 +00:00
0wlyW00d 3dd5c938fe Objects add 2022-03-21 10:01:37 +00:00