chg: [circl] updated the original proposal + ransomware added +

classification proposal removed (should be in a different taxonomy)
2021-03-25 12:10:09 +01:00 · 2021-03-25 12:10:09 +01:00 · 55f0747fa3
parent 284270b10e
commit 55f0747fa3
2 changed files with 29 additions and 46 deletions
--- a/MANIFEST.json
+++ b/MANIFEST.json
@ -76,7 +76,7 @@
    {
      "description": "CIRCL Taxonomy - Schemes of Classification in Incident Response and Detection",
      "name": "circl",
-      "version": 4
+      "version": 5
    },
    {
      "description": "Course of action taken within organization to discover, detect, deny, disrupt, degrade, deceive and/or destroy an attack.",
@ -409,9 +409,9 @@
      "version": 2
    },
    {
-      "description": "classification for the identification of type of misinformation among websites. Source:False, Misleading, Clickbait-y, and/or Satirical 'News' Sources by Melissa Zimdars 2019",
+      "description": "classification for the identification of type of misinformation among websites. Source:False, Misleading, Clickbait-y, and/or Satirical News Sources by Melissa Zimdars 2019",
      "name": "misinformation-website-label",
-      "version": "1"
+      "version": 1
    },
    {
      "description": "MISP taxonomy to infer with MISP behavior or operation.",
@ -590,5 +590,5 @@
    }
  ],
  "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/",
-  "version": "20200612"
+  "version": "20210325"
 }
--- a/circl/machinetag.json
+++ b/circl/machinetag.json
@ -1,7 +1,7 @@
 {
  "namespace": "circl",
  "description": "CIRCL Taxonomy - Schemes of Classification in Incident Response and Detection",
-  "version": 4,
+  "version": 5,
  "predicates": [
    {
      "value": "incident-classification",
@ -25,13 +25,13 @@
          "expanded": "System compromise"
        },
        {
-	  "value": "sabotage",
-	  "expanded": "Sabotage"
-	},
-	{
-	  "value": "gdpr-violation",
-	  "expanded": "GDPR Violation"
-	},
+          "value": "sabotage",
+          "expanded": "Sabotage"
+        },
+        {
+          "value": "privacy-violation",
+          "expanded": "Privacy violation"
+        },
        {
          "value": "scan",
          "expanded": "Scan"
@ -49,13 +49,13 @@
          "expanded": "Phishing"
        },
        {
-	  "value": "whaling",
-	  "expanded": "Whaling"
-	},
+          "value": "whaling",
+          "expanded": "Whaling"
+        },
        {
-	  "value": "smishing",
-	  "expanded": "Sms Phishing"
-	},
+          "value": "smishing",
+          "expanded": "SMS Phishing"
+        },
        {
          "value": "malware",
          "expanded": "Malware"
@ -104,45 +104,28 @@
          "value": "wiper",
          "expanded": "Wiper"
        },
+        {
+          "value": "ransomware",
+          "expanded": "ransomware"
+        },
        {
          "value": "sextortion",
          "expanded": "sextortion"
        },
        {
-	  "value": "social-engineering",
-	  "expanded": "Social Engineering"
-	},
-	{
-	  "value": "gdpr-violation",
-	  "expanded": "GDPR Violation"
-	},
+          "value": "social-engineering",
+          "expanded": "Social Engineering"
+        },
+        {
+          "value": "gdpr-violation",
+          "expanded": "GDPR Violation"
+        },
        {
          "value": "covid-19",
          "expanded": "covid-19"
        }
      ]
    },
-    {
-      "predicate": "information-classfication",
-      "entry": [
-	{
-          "value": "confidential",
-          "expanded": "Confidential Information (top confidentiality level)"
-	},
-	{
-	  "value": "restricted",
-	  "expanded": "Restricted Information (medium confidentiality level)"
-	},
-	{
-	"value": "internal-use",
-	"expanded": "Internal Use Information (lowest level of confidentiality)"
-	},
-	{
-	"value": "public",
-	"expanded": "Public Information (everyone can see the information)"
-	}
-      ]
-    },
    {
      "predicate": "topic",
      "entry": [