MISP
/
misp-training
mirror of https://github.com/MISP/misp-training
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-training/training-support/sample-events/atm-vulnerabilities-allow-d...

2 lines
65 KiB
JSON
Raw Normal View History

new: [sample-events] A series of MISP events for training, workshop and exercise.
2022-04-25 08:40:41 +02:00
{"response": [{"Event":{"id":"2368","orgc_id":"2","org_id":"1","date":"2021-02-16","threat_level_id":"2","info":"ATM Vulnerabilities Allow Deposit Forgery Attacks","published":true,"uuid":"848a3172-1301-4cbd-8398-435b00904c20","attribute_count":"64","analysis":"1","timestamp":"1645618764","distribution":"1","proposal_email_lock":false,"locked":true,"publish_timestamp":"1645619938","sharing_group_id":"0","disable_correlation":false,"extends_uuid":"","protected":null,"Org":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14","local":true},"Orgc":{"id":"2","name":"CIRCL","uuid":"55f6ea5e-2c60-40e5-964f-47a8950d210f","local":true},"Attribute":[{"id":"426202","type":"vulnerability","category":"Payload delivery","to_ids":false,"uuid":"5cfca8e3-183e-4e79-b4a2-3202075867be","event_id":"2368","distribution":"5","timestamp":"1614252023","comment":"","sharing_group_id":"0","deleted":false,"disable_correlation":false,"object_id":"0","object_relation":null,"first_seen":"2020-08-28T00:00:00.000000+00:00","last_seen":null,"value":"CVE-2020-9062","Galaxy":[],"ShadowAttribute":[]},{"id":"426203","type":"vulnerability","category":"Payload delivery","to_ids":false,"uuid":"8bed0620-5cd8-4269-a1b8-b2abce9e40c4","event_id":"2368","distribution":"5","timestamp":"1613486380","comment":"","sharing_group_id":"0","deleted":false,"disable_correlation":false,"object_id":"0","object_relation":null,"first_seen":null,"last_seen":null,"value":"CVE-2020-10124","Galaxy":[],"ShadowAttribute":[]}],"ShadowAttribute":[],"RelatedEvent":[{"Event":{"id":"1753","date":"2020-02-19","threat_level_id":"4","info":"OSINT - SonicWall SRA and SMA vulnerabilties","published":true,"uuid":"5e4d19a6-7b24-45dd-bb63-6fdba5e38e14","analysis":"0","timestamp":"1582117512","distribution":"1","org_id":"1","orgc_id":"1","Org":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14"},"Orgc":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14"}}}],"Galaxy":[{"id":"10","uuid":"cc0c8ae9-aec2-42c6-9939-f4f82b051836","name":"attck4fraud","type":"financial-fraud","description":"attck4fraud - Principles of MITRE ATT&CK in the fraud domain","version":"1","icon":"map","namespace":"misp","enabled":true,"local_only":false,"kill_chain_order":{"fraud-tactics":["Initiation","Target Compromise","Perform Fraud","Obtain Fraudulent Assets","Assets Transfer","Monetisation"]},"GalaxyCluster":[{"id":"1627","collection_uuid":"cc0c8ae9-aec2-42c6-9939-f4f82b051836","type":"financial-fraud","value":"ATM Black Box Attack","tag_name":"misp-galaxy:financial-fraud=\"ATM Black Box Attack\"","description":"ATM Black Box Attack","galaxy_id":"10","source":"Open Sources","authors":["Francesco Bigarella"],"version":"3","uuid":"6bec22cb-9aed-426a-bffc-b0a78db6527a","distribution":"3","sharing_group_id":null,"org_id":"0","orgc_id":"0","default":true,"locked":false,"extends_uuid":"","extends_version":"0","published":false,"deleted":false,"GalaxyClusterRelation":[],"Org":{"id":"0","name":"MISP","date_created":"","date_modified":"","description":"Automatically generated MISP organisation","type":"","nationality":"Not specified","sector":"","created_by":"0","uuid":"0","contacts":"","local":true,"restricted_to_domain":[],"landingpage":null},"Orgc":{"id":"0","name":"MISP","date_created":"","date_modified":"","description":"Automatically generated MISP organisation","type":"","nationality":"Not specified","sector":"","created_by":"0","uuid":"0","contacts":"","local":true,"restricted_to_domain":[],"landingpage":null},"meta":{"kill_chain":["fraud-tactics:Target Compromise"]},"tag_id":"1074","local":false}]},{"id":"1","uuid":"3f44af2e-1480-4b6b-9aa8-f9bb21341078","name":"Ransomware","type":"ransomware","description":"Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml","version":"4","icon":"btc","namespace":"misp","enabled":true,"local_only":false,"GalaxyCluster":[{"id":"19924","collection_uuid":"10cf658b-5d32-4c4b-bb32-61760a640372","type":"ransomware","value":"Korean","tag_name":"misp-galaxy:ransomware