{ "DDoS": { "values": [ "ecsirt:availability=\"ddos\"", "europol-incident:availability=\"dos-ddos\"", "ms-caro-malware:malware-type=\"DDoS\"", "circl:incident-classification=\"denial-of-service\"", "enisa:nefarious-activity-abuse=\"denial-of-service\"" ] }, "SQLi": { "values": [ "circl:incident-classification=\"sql-injection\"", "veris:action:malware:variety=\"SQL injection\"", "veris:action:hacking:variety=\"SQLi\"", "enisa:nefarious-activity-abuse=\"web-application-attacks-injection-attacks-code-injection-SQL-XSS\"", "europol-event:sql-injection" ] }, "rootkit": { "values": [ "veris:action:malware:variety=\"Rootkit\"", "enisa:nefarious-activity-abuse=\"rootkits\"", "malware_classification:malware-category=\"Rootkit\"" ] }, "exploit": { "values": [ "veris:action:malware:variety=\"Exploit vuln\"", "ecsirt:intrusion-attempts=\"exploit\"", "europol-event:exploit", "europol-incident:intrusion=\"exploitation-vulnerability\"", "ms-caro-malware:malware-type=\"Exploit\"" ] }, "malware": { "values": [ "ecsirt:malicious-code=\"malware\"", "circl:incident-classification=\"malware\"" ] }, "Remote Access Tool": { "values": [ "enisa:nefarious-activity-abuse=\"remote-access-tool\"", "ms-caro-malware:malware-type=\"RemoteAccess\"" ] }, "ransomware": { "values": [ "veris:action:malware:variety=\"Ransomware\"", "ecsirt:malicious-code=\"ransomware\"", "enisa:nefarious-activity-abuse=\"ransomware\"", "malware_classification:malware-category=\"Ransomware\"", "ms-caro-malware:malware-type=\"Ransom\"", "veris:action:malware:variety=\"Ransomware\"" ], "description": "Ransomware is computer malware that installs covertly on a victim's computer, executes a cryptovirology attack that adversely affects it, and demands a ransom payment to decrypt it or not publish it. (as defined by Wikipedia)" } }