Merge pull request #182 from cvandeplas/master

Covid-19 tracking

README.md

@@ -26,6 +26,7 @@ The following taxonomies are described:
 - [Cryptocurrency Threat](./cryptocurrency-threat) - Threats targetting cryptocurrency, based on CipherTrace report.
 - [Cyber Kill Chain](./kill-chain) from Lockheed Martin
 - [The Cyber Threat Framework](./cyber-threat-framework) was developed by the US Government to enable consistent characterization and categorization of cyber threat events, and to identify trends or changes in the activities of cyber adversaries.
+- [Current Events](./current-events) - List of current events ranging from political to medical matters.
 - DE German (DE) [Government classification markings (VS)](./de-vs)
 - [DCSO Sharing Taxonomy](./dcso-sharing) - DCSO Sharing Taxonomy  to classify certain types of MISP events using the DCSO Event Guide
 - [DHS CIIP Sectors](./dhs-ciip-sectors)
@@ -48,6 +49,7 @@ The following taxonomies are described:
 - [NATO Classification Marking](./nato)
 - [Open Threat Taxonomy v1.1 (SANS)](./open_threat)
 - [OSINT Open Source Intelligence - Classification](./osint)
+- [Pandemic](./pandemic) - Pandemic events
 - [Ransomware](./ransomware)
 - [runtime-packer](./runtime-packer) - Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other o
 bfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.

current-event/machinetag.json

@@ -0,0 +1,43 @@
+{
+  "namespace": "current-event",
+  "description": "Current events - Schemes of Classification in Incident Response and Detection",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "pandemic",
+      "expanded": "Pandemic"
+    },
+    {
+      "value": "election",
+      "expanded": "Election"
+    }
+  ],
+  "values": [
+    {
+      "predicate": "pandemic",
+      "entry": [
+        {
+          "value": "sars-cov",
+          "expanded": "SARS-CoV 2003"
+        },
+        {
+          "value": "covid-19",
+          "expanded": "COVID-19"
+        }
+      ]
+    },
+    {
+      "predicate": "election",
+      "entry": [
+        {
+          "value": "eu-par-2019",
+          "expanded": "European Parliament election, 2019"
+        },
+        {
+          "value": "us-pres-2020",
+          "expanded": "United States Presidential election, 2020"
+        }
+      ]
+    }
+  ]
+}

pandemic/machinetag.json

@@ -0,0 +1,26 @@
+{
+  "namespace": "pandemic",
+  "description": "Pandemic",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "covid-19",
+      "expanded": "COVID-19"
+    }
+  ],
+  "values": [
+    {
+      "predicate": "covid-19",
+      "entry": [
+        {
+          "value": "health",
+          "expanded": "Health"
+        },
+        {
+          "value": "cyber",
+          "expanded": "Cyber"
+        }
+      ]
+    }
+  ]
+}