chg: [changelog] updated

2024-08-09 10:11:33 +02:00 · 2024-08-09 10:11:33 +02:00 · 0644448201
parent e0a0dec128
commit 0644448201
5 changed files with 513 additions and 0 deletions
--- a/static/Changelog-misp-galaxy.txt
+++ b/static/Changelog-misp-galaxy.txt
@ -1,6 +1,185 @@
 # Changelog


+## %%version%% (unreleased)
+
+### Changes
+
+* [ransomware] inline with ransomlook.io. [Alexandre Dulaunoy]
+
+
+## v2.4.195 (2024-07-26)
+
+### Changes
+
+* [doc] README updated. [Alexandre Dulaunoy]
+
+* [doc] updated. [Alexandre Dulaunoy]
+
+* [nace] all NACE uppercase. [Alexandre Dulaunoy]
+
+* [README] updated. [Alexandre Dulaunoy]
+
+* [ransomware] groups updated. [Alexandre Dulaunoy]
+
+* [README] updated. [Alexandre Dulaunoy]
+
+* [producer] ESET added. [Alexandre Dulaunoy]
+
+* [README] updated. [Alexandre Dulaunoy]
+
+* [sigma] updated to the latest version. [Alexandre Dulaunoy]
+
+* [README] updated. [Alexandre Dulaunoy]
+
+* [ransomware] updated. [Alexandre Dulaunoy]
+
+* [ransomware] updated. [Alexandre Dulaunoy]
+
+* [ransomware] updated ransomlook. [Alexandre Dulaunoy]
+
+* [mitre-d3fend] PyMISPGalaxies and sorting. [Christophe Vandeplas]
+
+* [atrm] add external_ref and chg to PyMISPGalaxies. [Christophe Vandeplas]
+
+* [tmss] migration to PyMISPGalaxies. [Christophe Vandeplas]
+
+### Fix
+
+* [tools] black everything. [Alexandre Dulaunoy]
+
+* [tmss] fix sorting. [Christophe Vandeplas]
+
+### Other
+
+* Add: [nist-nice] Initial commit for NIST NICE framework Introduces galaxies for cybersecurity:  - Work roles  - Skills  - Tasks  - Knowledges  - Competency areas  - OPM codes. [Jean-Louis Huynen]
+
+* Merge pull request #1004 from Mathieu4141/threat-actors/2c706bb2-b7e3-4de0-86e5-f94b1c1f1905. [Alexandre Dulaunoy]
+
+  [threat actors] Add 2 actors
+
+* [threat actors] Update README. [Mathieu4141]
+
+* [threat-actors] Add UAC-0063. [Mathieu4141]
+
+* [threat-actors] Add Threat Actor 888. [Mathieu4141]
+
+* Merge pull request #1003 from MISP/Delta-Sierra-main. [Alexandre Dulaunoy]
+
+  Delta sierra main
+
+* Merge branch 'main' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-main. [Alexandre Dulaunoy]
+
+* Fix version. [Delta-Sierra]
+
+* Merge https://github.com/MISP/misp-galaxy. [Delta-Sierra]
+
+* Create nace galaxy. [Delta-Sierra]
+
+* Merge pull request #1002 from r0ny123/patch-1. [Alexandre Dulaunoy]
+
+  Update threat-actor.json
+
+* Update threat-actor.json. [Rony]
+
+  added original blog link, and removed unnecessary ones.
+
+* Merge pull request #1001 from Mathieu4141/threat-actors/a66522b9-9e27-47a5-97cf-c8450acfb06c. [Alexandre Dulaunoy]
+
+  [threat actors] Add 2 actors
+
+* [threat actors] Update README. [Mathieu4141]
+
+* [threat-actors] Add Nullbulge. [Mathieu4141]
+
+* [threat-actors] Add Lifting Zmiy. [Mathieu4141]
+
+* Merge pull request #1000 from Mathieu4141/threat-actors/bf0dcfd2-44d9-448c-8efd-5361cba2a56b. [Alexandre Dulaunoy]
+
+  [threat actors] Add 2 actors
+
+* [threat actors] Update README. [Mathieu4141]
+
+* [threat-actors] Add CRYSTALRAY. [Mathieu4141]
+
+* [threat-actors] Add Void Banshee. [Mathieu4141]
+
+* Merge pull request #998 from Mathieu4141/threat-actors/0589de95-12f2-4fd8-9064-d0915fcfe900. [Alexandre Dulaunoy]
+
+  [threat actors] Add 2 actors and 2 aliases
+
+* [threat actors] Update README. [Mathieu4141]
+
+* [threat-actors] Add Scattered Spider aliases. [Mathieu4141]
+
+* [threat-actors] Add Water Sigbin. [Mathieu4141]
+
+* [threat-actors] Add CloudSorcerer. [Mathieu4141]
+
+* [threat-actors] Add Chamelgang aliases. [Mathieu4141]
+
+* Merge pull request #997 from MISP/dependabot/pip/tools/mkdocs/certifi-2024.7.4. [Alexandre Dulaunoy]
+
+  build(deps): bump certifi from 2023.11.17 to 2024.7.4 in /tools/mkdocs
+
+* Build(deps): bump certifi from 2023.11.17 to 2024.7.4 in /tools/mkdocs. [dependabot[bot]]
+
+  Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.11.17 to 2024.7.4.
+  - [Commits](https://github.com/certifi/python-certifi/compare/2023.11.17...2024.07.04)
+
+  ---
+  updated-dependencies:
+  - dependency-name: certifi
+    dependency-type: direct:production
+  ...
+
+* Merge pull request #996 from Mathieu4141/threat-actors/fc7ade34-5d19-4089-acce-65f8e103952b. [Alexandre Dulaunoy]
+
+  [threat actors] Add 2 actors
+
+* [threat actors] Update README. [Mathieu4141]
+
+* [threat-actors] Add Boolka. [Mathieu4141]
+
+* [threat-actors] Add Dragonbridge. [Mathieu4141]
+
+* Merge pull request #994 from cvandeplas/atrm. [Christophe Vandeplas]
+
+  chg: [atrm, tmss] migration to PyMISPGalaxies
+
+* Merge pull request #995 from Mathieu4141/threat-actors/4c1ff26b-8695-45ec-8c36-adcbdb2add7c. [Alexandre Dulaunoy]
+
+  [threat actors] Add 2 actors
+
+* [threat actors] Update README. [Mathieu4141]
+
+* [threat-actors] Add IntelBroker. [Mathieu4141]
+
+* [threat-actors] Add HellHounds. [Mathieu4141]
+
+* Merge pull request #993 from Mathieu4141/threat-actors/15075ff2-4013-43ac-ac8a-0bf6442d13b1. [Alexandre Dulaunoy]
+
+  [threat actors] Adding 8 actors
+
+* [threat actors] update readme. [Mathieu Beligon]
+
+* [threat-actors] Add BlueHornet. [Mathieu4141]
+
+* [threat-actors] Add ALTDOS. [Mathieu4141]
+
+* [threat-actors] Add SneakyChef. [Mathieu4141]
+
+* [threat-actors] Add RedJuliett. [Mathieu4141]
+
+* [threat-actors] Add JuiceLedger. [Mathieu4141]
+
+* [threat-actors] Add Adrastea. [Mathieu4141]
+
+* [threat-actors] Add Markopolo. [Mathieu4141]
+
+* [threat-actors] Add Void Arachne. [Mathieu4141]
+
+
 ## v2.4.194 (2024-06-21)

 ### New
--- a/static/Changelog-misp-modules.txt
+++ b/static/Changelog-misp-modules.txt
@ -1,6 +1,76 @@
 # Changelog


+## %%version%% (unreleased)
+
+### Fix
+
+* [doc] url fixed. [Alexandre Dulaunoy]
+
+* [doc] regenerated. [Alexandre Dulaunoy]
+
+  related to #673
+
+* [doc] original JSON file type for GTI. [Alexandre Dulaunoy]
+
+  related to #673
+
+
+## v2.4.195 (2024-07-19)
+
+### New
+
+* [vulnerability_lookup] New module to query Vulnerability Lookup. [Christian Studer]
+
+  - Reusing the `variotdbs` code to parse the
+    vulnerability description from VariotDB
+
+* [feature] external tools config and use. [David Cruciani]
+
+### Changes
+
+* [query] query as same. [David Cruciani]
+
+### Fix
+
+* [vulnerability_lookup] Avoiding issues with `Iterator` in python3.8. [Christian Studer]
+
+* [vulnerability_lookup] Avoiding KeyError exceptions on some fields. [Christian Studer]
+
+* [login] flash messages. [David Cruciani]
+
+### Other
+
+* Merge pull request #672 from ostefano/pandas2. [Alexandre Dulaunoy]
+
+  Update pandas and pandas_ods_reader and patch ods_enrich
+
+* Update pandas and pandas_ods_reader and patch ods_enrich. [Stefano Ortolani]
+
+* Merge pull request #670 from ostefano/python312. [Alexandre Dulaunoy]
+
+  Improve compatibility and upgrade python to 3.12
+
+* Improve compatibility and upgrade python to 3.12. [Stefano Ortolani]
+
+  Changes:
+  * Remove vysion (not compatible with python 3.12 and no public repository)
+  * Remove stiximport (requires archaic version of pymisp)
+  * Update Python to 3.12
+  * Pin Numpy to 1.X
+  * Add missing dependencies
+  * Commit lock file
+  * Update requirements file
+
+* Merge pull request #669 from VirusTotal/update_doc_references. [Alexandre Dulaunoy]
+
+  chore: Update virustotal documentation references
+
+* Update doc references. [silviacuenca]
+
+* Merge branch 'main' of github.com:MISP/misp-modules. [Christian Studer]
+
+
 ## v2.4.194 (2024-06-21)

 ### Changes
--- a/static/Changelog-misp-objects.txt
+++ b/static/Changelog-misp-objects.txt
@ -1,6 +1,93 @@
 # Changelog


+## %%version%% (unreleased)
+
+### Changes
+
+* [doc] list of object templates updated. [Alexandre Dulaunoy]
+
+* [google-threat-intelligene-report] JSON clean-up. [Alexandre Dulaunoy]
+
+* [network-profile] new-line. [Alexandre Dulaunoy]
+
+* [pe-optional-header] jq all the things. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge pull request #437 from MISP/VirusTotal-feat/new-gti-report. [Alexandre Dulaunoy]
+
+  Virus total feat/new gti report
+
+* Add Google Threat Intelligence report. [Daniel Pascual]
+
+* Merge pull request #435 from MISP/nyx0-main. [Alexandre Dulaunoy]
+
+  Nyx0 main
+
+* Upd: [network-profile] add Yandex in `service-abuse` list. [Thomas Dupuy]
+
+
+## v2.4.195 (2024-07-26)
+
+### New
+
+* [ddos-config] generic ddos configuration from ddos related binaries. [Alexandre Dulaunoy]
+
+* [ja4-plus] new MISP object template to describe JA4+ fingerprints. [Alexandre Dulaunoy]
+
+  fix: https://github.com/MISP/MISP/issues/9759
+
+### Changes
+
+* [pe] Updated `pe` object template. [Christian Studer]
+
+  - Added object relation for machine type hex value
+  - Harmonised object relations
+
+* [ddos-config] as the config is mainly describing targets. [Alexandre Dulaunoy]
+
+  to_ids and correlation don't make a lot of sense
+
+* [README] list updated. [Alexandre Dulaunoy]
+
+* [ja4-plus] jq all the things. [Alexandre Dulaunoy]
+
+* [ja4-plus] version fixed. [Alexandre Dulaunoy]
+
+* [ja4-plus] template name fixed. [Alexandre Dulaunoy]
+
+* [phishing] add an IP field for phishing website hosted on IP address or where the IP is important for the analytics. [Alexandre Dulaunoy]
+
+### Fix
+
+* Address_of_entrypoint -> address-of-entrypoint. [Raphaël Vinot]
+
+* [pe-optional-header] Added missing `disable_correlation` flag. [Christian Studer]
+
+* [pe-optional-header] Added a few missing `disable_correlation` flags. [Christian Studer]
+
+* [pe-optional-header] Bumped version. [Christian Studer]
+
+* [pe-optional-header] Updated object template. [Christian Studer]
+
+  - Harmonised object relations to match with the
+    `pe` template object relations, especially the
+    ones for hex values
+  - Added object relations for `magic` value and
+    `subsystem` hex value
+
+* [ddos-config] `ui-priority` added. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer]
+
+* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer]
+
+
 ## v2.4.194 (2024-06-21)

 ### New
--- a/static/Changelog-misp-warninglists.txt
+++ b/static/Changelog-misp-warninglists.txt
@ -1,6 +1,47 @@
 # Changelog


+## v2.4.195 (2024-07-26)
+
+### Changes
+
+* [warning-lists] updated. [Alexandre Dulaunoy]
+
+* [lists] updated. [Alexandre Dulaunoy]
+
+### Fix
+
+* [bank] duplicates removed. [Alexandre Dulaunoy]
+
+### Other
+
+* Merge pull request #280 from DionAkkerman/main. [Alexandre Dulaunoy]
+
+  Fix typo in digitalside description
+
+* Fix typo in digitalside description. [Dion Akkerman]
+
+* Merge pull request #279 from karenyousefi/main. [Alexandre Dulaunoy]
+
+  update
+
+* Update bank website. [Karen Yousefi]
+
+  Remove duplicate domains
+
+* Update bank website. [Karen Yousefi]
+
+  the domains of banks in Qatar, UAE, Iran, Bahrain, Oman, Kuwait, and Saudi Arabia added
+
+* Update link in bio. [Karen Yousefi]
+
+  Update to V5
+
+* Update url shorteners. [Karen Yousefi]
+
+  Update url shorteners to V16
+
+
 ## v2.4.194 (2024-06-21)

 ### Changes
--- a/static/Changelog.txt
+++ b/static/Changelog.txt
@ -7,7 +7,143 @@ Changelog

 Changes
 ~~~~~~~
+- [misp-stix] Bumped latest submodule version including some fixes.
+  [Christian Studer]
+
+Other
+~~~~~
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch '2.4' into develop. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+
+
+v2.4.195 (2024-07-26)
+---------------------
+
+New
+~~~
+- [legacy attribute search] internals added for some edge cases.
+  [iglocska]
+
+  - new setting allows an admin to flip the search strategy to one that mimics the old behaviour
+  - refrains from using subqueries
+- [attribute search and correlation] improvements. [iglocska]
+
+  - added correlationRules system
+    - create rules for non correlating events (such as events from the same org, events with a certain string in the event info field, or just manually chosen event IDs)
+    - should help combat recurring data in certain feeds / providers causing slowdowns
+  - rework of the attribute pagination
+    - use the memory limit based bucketing also when limits are set
+    - better handling of offsets (ordering + using lowest IDs for the next batch instead of mysql offsets)
+- [logging] Added more data to logging entry and new option to log used
+  authkeys in clear-text. [Sami Mokaddem]
+
+Changes
+~~~~~~~
+- [version] bump. [iglocska]
+- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
+- [warning-list] updated to the latest version. [Alexandre Dulaunoy]
+- [PyMISP] fix issue with buggy template. [Raphaël Vinot]
+- [PyMISP] Bump. [Raphaël Vinot]
+- [db schema] bumped. [iglocska]
+- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
+- [workflow:webhook] Correctly send JSON data if content_type is set to
+  application/json. [Sami Mokaddem]
+- [docs] add an example of S/MIME self-signed key for your MISP.
+  [Alexandre Dulaunoy]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+- [pymisp] bump. [iglocska]
+
+  - let's see if this fixes the tests
+- [PyMISP] Test search & publish. [Raphaël Vinot]
+- [logos] added CCB's logo as per request to the defaults. [iglocska]
+
+  - also fixed a gitignore snafu
 - [PyMISP] Bump changelog. [Raphaël Vinot]
+- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
+
+Fix
+~~~
+- Unify event create/update response. [Luciano Righetti]
+- Openapi path parameters are required. [Luciano Righetti]
+- Wrong parameter id in taxonomy endpoints. [Luciano Righetti]
+- Analyst data openapi spec. [Luciano Righetti]
+- [restClient:queryBuilder] Stop prefixing the scope for the fields in
+  restSearch context. [Sami Mokaddem]
+- [index hint] using mysql extended may be wrong. [iglocska]
+
+  - if attributes.deleted isn't indexed it would barf before
+  - added a check for the existence of the index
+- [publishing] if the publish timestamp can't be updated, throw an error
+  during the in-line publishing. [iglocska]
+- [fetchEvent] defaulting out conditions to null rather than false.
+  [iglocska]
+
+  - enabled the false behaviour that false would simply be ignored
+  - this caused published = false via the API to default to the published flag not being set at all
+  - new behaviour works same as 0/1 values for booleans
+- [Bookmark view] typo fixed. [Alexandre Dulaunoy]
+- [internal] more fixes to the deleted flag. [iglocska]
+
+  - this sure wouldn't be such a clusterfuck if the office had an AC and we weren't sitting in 28.3C
+- [deleted filter] fix for the previous commit. [iglocska]
+
+  - modify a local variable rather than the passed-by-reference params array
+- [event] Making sure we attach Analyst Data to Event Reports when
+  fetching Events. [Christian Studer]
+- [internal filtering] handle deleted cases better across the various
+  search endpoints. [iglocska]
+
+  - object restSearch() was not correcty adhering to the deleted:1 parameter among others
+- Unify event create/update response. [Luciano Righetti]
+- Openapi path parameters are required. [Luciano Righetti]
+- Wrong parameter id in taxonomy endpoints. [Luciano Righetti]
+- Analyst data openapi spec. [Luciano Righetti]
+- [ACL] user add always accessible to site admins. [Andras Iklody]
+- [issue] Update config.yml. [Alexandre Dulaunoy]
+
+  Removal of the discussion which is a source of issues.
+
+Other
+~~~~~
+- Merge branch 'develop' into 2.4. [iglocska]
+- Merge branch 'correlation_rules' into develop. [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'pr-9744' into develop. [Sami Mokaddem]
+- Merge branch 'develop' into pr-9744. [Sami Mokaddem]
+- Merge branch 'feature/cleartext-logging' into develop. [Sami Mokaddem]
+- Merge branch 'develop' into feature/cleartext-logging. [Sami Mokaddem]
+- Merge remote-tracking branch 'refs/remotes/origin/develop' into
+  develop. [Sami Mokaddem]
+- Merge pull request #9826 from righel/fix-openapi-spec-params. [Luciano
+  Righetti]
+
+  Fix openapi spec params
+- Fix OpenAPI spec. [Stefano Ortolani]
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Update class properties. [Vincenzo Caputo]
+- Update module description. [Vincenzo Caputo]
+- Add attach decay score module. [Vincenzo Caputo]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [iglocska]
+- Merge branch 'develop' of github.com:MISP/MISP into develop.
+  [Christian Studer]
+- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
+- Merge pull request #9805 from ostefano/openapi. [Luciano Righetti]
+
+  Fix OpenAPI spec
+- Fix OpenAPI spec. [Stefano Ortolani]
+- Merge pull request #9792 from cudeso/2.4. [Alexandre Dulaunoy]
+
+  Adding Threatview.io MISP feeds
+- Adding Threatview.io MISP feeds. [Koen Van Impe]


 v2.4.194 (2024-06-21)