From 0644448201585159d61df862e9e920d403a7723f Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 9 Aug 2024 10:11:33 +0200 Subject: [PATCH] chg: [changelog] updated --- static/Changelog-misp-galaxy.txt | 179 +++++++++++++++++++++++++ static/Changelog-misp-modules.txt | 70 ++++++++++ static/Changelog-misp-objects.txt | 87 ++++++++++++ static/Changelog-misp-warninglists.txt | 41 ++++++ static/Changelog.txt | 136 +++++++++++++++++++ 5 files changed, 513 insertions(+) diff --git a/static/Changelog-misp-galaxy.txt b/static/Changelog-misp-galaxy.txt index 7a63fad..c587b0a 100644 --- a/static/Changelog-misp-galaxy.txt +++ b/static/Changelog-misp-galaxy.txt @@ -1,6 +1,185 @@ # Changelog +## %%version%% (unreleased) + +### Changes + +* [ransomware] inline with ransomlook.io. [Alexandre Dulaunoy] + + +## v2.4.195 (2024-07-26) + +### Changes + +* [doc] README updated. [Alexandre Dulaunoy] + +* [doc] updated. [Alexandre Dulaunoy] + +* [nace] all NACE uppercase. [Alexandre Dulaunoy] + +* [README] updated. [Alexandre Dulaunoy] + +* [ransomware] groups updated. [Alexandre Dulaunoy] + +* [README] updated. [Alexandre Dulaunoy] + +* [producer] ESET added. [Alexandre Dulaunoy] + +* [README] updated. [Alexandre Dulaunoy] + +* [sigma] updated to the latest version. [Alexandre Dulaunoy] + +* [README] updated. [Alexandre Dulaunoy] + +* [ransomware] updated. [Alexandre Dulaunoy] + +* [ransomware] updated. [Alexandre Dulaunoy] + +* [ransomware] updated ransomlook. [Alexandre Dulaunoy] + +* [mitre-d3fend] PyMISPGalaxies and sorting. [Christophe Vandeplas] + +* [atrm] add external_ref and chg to PyMISPGalaxies. [Christophe Vandeplas] + +* [tmss] migration to PyMISPGalaxies. [Christophe Vandeplas] + +### Fix + +* [tools] black everything. [Alexandre Dulaunoy] + +* [tmss] fix sorting. [Christophe Vandeplas] + +### Other + +* Add: [nist-nice] Initial commit for NIST NICE framework Introduces galaxies for cybersecurity: - Work roles - Skills - Tasks - Knowledges - Competency areas - OPM codes. [Jean-Louis Huynen] + +* Merge pull request #1004 from Mathieu4141/threat-actors/2c706bb2-b7e3-4de0-86e5-f94b1c1f1905. [Alexandre Dulaunoy] + + [threat actors] Add 2 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add UAC-0063. [Mathieu4141] + +* [threat-actors] Add Threat Actor 888. [Mathieu4141] + +* Merge pull request #1003 from MISP/Delta-Sierra-main. [Alexandre Dulaunoy] + + Delta sierra main + +* Merge branch 'main' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-main. [Alexandre Dulaunoy] + +* Fix version. [Delta-Sierra] + +* Merge https://github.com/MISP/misp-galaxy. [Delta-Sierra] + +* Create nace galaxy. [Delta-Sierra] + +* Merge pull request #1002 from r0ny123/patch-1. [Alexandre Dulaunoy] + + Update threat-actor.json + +* Update threat-actor.json. [Rony] + + added original blog link, and removed unnecessary ones. + +* Merge pull request #1001 from Mathieu4141/threat-actors/a66522b9-9e27-47a5-97cf-c8450acfb06c. [Alexandre Dulaunoy] + + [threat actors] Add 2 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add Nullbulge. [Mathieu4141] + +* [threat-actors] Add Lifting Zmiy. [Mathieu4141] + +* Merge pull request #1000 from Mathieu4141/threat-actors/bf0dcfd2-44d9-448c-8efd-5361cba2a56b. [Alexandre Dulaunoy] + + [threat actors] Add 2 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add CRYSTALRAY. [Mathieu4141] + +* [threat-actors] Add Void Banshee. [Mathieu4141] + +* Merge pull request #998 from Mathieu4141/threat-actors/0589de95-12f2-4fd8-9064-d0915fcfe900. [Alexandre Dulaunoy] + + [threat actors] Add 2 actors and 2 aliases + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add Scattered Spider aliases. [Mathieu4141] + +* [threat-actors] Add Water Sigbin. [Mathieu4141] + +* [threat-actors] Add CloudSorcerer. [Mathieu4141] + +* [threat-actors] Add Chamelgang aliases. [Mathieu4141] + +* Merge pull request #997 from MISP/dependabot/pip/tools/mkdocs/certifi-2024.7.4. [Alexandre Dulaunoy] + + build(deps): bump certifi from 2023.11.17 to 2024.7.4 in /tools/mkdocs + +* Build(deps): bump certifi from 2023.11.17 to 2024.7.4 in /tools/mkdocs. [dependabot[bot]] + + Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.11.17 to 2024.7.4. + - [Commits](https://github.com/certifi/python-certifi/compare/2023.11.17...2024.07.04) + + --- + updated-dependencies: + - dependency-name: certifi + dependency-type: direct:production + ... + +* Merge pull request #996 from Mathieu4141/threat-actors/fc7ade34-5d19-4089-acce-65f8e103952b. [Alexandre Dulaunoy] + + [threat actors] Add 2 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add Boolka. [Mathieu4141] + +* [threat-actors] Add Dragonbridge. [Mathieu4141] + +* Merge pull request #994 from cvandeplas/atrm. [Christophe Vandeplas] + + chg: [atrm, tmss] migration to PyMISPGalaxies + +* Merge pull request #995 from Mathieu4141/threat-actors/4c1ff26b-8695-45ec-8c36-adcbdb2add7c. [Alexandre Dulaunoy] + + [threat actors] Add 2 actors + +* [threat actors] Update README. [Mathieu4141] + +* [threat-actors] Add IntelBroker. [Mathieu4141] + +* [threat-actors] Add HellHounds. [Mathieu4141] + +* Merge pull request #993 from Mathieu4141/threat-actors/15075ff2-4013-43ac-ac8a-0bf6442d13b1. [Alexandre Dulaunoy] + + [threat actors] Adding 8 actors + +* [threat actors] update readme. [Mathieu Beligon] + +* [threat-actors] Add BlueHornet. [Mathieu4141] + +* [threat-actors] Add ALTDOS. [Mathieu4141] + +* [threat-actors] Add SneakyChef. [Mathieu4141] + +* [threat-actors] Add RedJuliett. [Mathieu4141] + +* [threat-actors] Add JuiceLedger. [Mathieu4141] + +* [threat-actors] Add Adrastea. [Mathieu4141] + +* [threat-actors] Add Markopolo. [Mathieu4141] + +* [threat-actors] Add Void Arachne. [Mathieu4141] + + ## v2.4.194 (2024-06-21) ### New diff --git a/static/Changelog-misp-modules.txt b/static/Changelog-misp-modules.txt index b123686..5151d9a 100644 --- a/static/Changelog-misp-modules.txt +++ b/static/Changelog-misp-modules.txt @@ -1,6 +1,76 @@ # Changelog +## %%version%% (unreleased) + +### Fix + +* [doc] url fixed. [Alexandre Dulaunoy] + +* [doc] regenerated. [Alexandre Dulaunoy] + + related to #673 + +* [doc] original JSON file type for GTI. [Alexandre Dulaunoy] + + related to #673 + + +## v2.4.195 (2024-07-19) + +### New + +* [vulnerability_lookup] New module to query Vulnerability Lookup. [Christian Studer] + + - Reusing the `variotdbs` code to parse the + vulnerability description from VariotDB + +* [feature] external tools config and use. [David Cruciani] + +### Changes + +* [query] query as same. [David Cruciani] + +### Fix + +* [vulnerability_lookup] Avoiding issues with `Iterator` in python3.8. [Christian Studer] + +* [vulnerability_lookup] Avoiding KeyError exceptions on some fields. [Christian Studer] + +* [login] flash messages. [David Cruciani] + +### Other + +* Merge pull request #672 from ostefano/pandas2. [Alexandre Dulaunoy] + + Update pandas and pandas_ods_reader and patch ods_enrich + +* Update pandas and pandas_ods_reader and patch ods_enrich. [Stefano Ortolani] + +* Merge pull request #670 from ostefano/python312. [Alexandre Dulaunoy] + + Improve compatibility and upgrade python to 3.12 + +* Improve compatibility and upgrade python to 3.12. [Stefano Ortolani] + + Changes: + * Remove vysion (not compatible with python 3.12 and no public repository) + * Remove stiximport (requires archaic version of pymisp) + * Update Python to 3.12 + * Pin Numpy to 1.X + * Add missing dependencies + * Commit lock file + * Update requirements file + +* Merge pull request #669 from VirusTotal/update_doc_references. [Alexandre Dulaunoy] + + chore: Update virustotal documentation references + +* Update doc references. [silviacuenca] + +* Merge branch 'main' of github.com:MISP/misp-modules. [Christian Studer] + + ## v2.4.194 (2024-06-21) ### Changes diff --git a/static/Changelog-misp-objects.txt b/static/Changelog-misp-objects.txt index c7ce331..ecd9735 100644 --- a/static/Changelog-misp-objects.txt +++ b/static/Changelog-misp-objects.txt @@ -1,6 +1,93 @@ # Changelog +## %%version%% (unreleased) + +### Changes + +* [doc] list of object templates updated. [Alexandre Dulaunoy] + +* [google-threat-intelligene-report] JSON clean-up. [Alexandre Dulaunoy] + +* [network-profile] new-line. [Alexandre Dulaunoy] + +* [pe-optional-header] jq all the things. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #437 from MISP/VirusTotal-feat/new-gti-report. [Alexandre Dulaunoy] + + Virus total feat/new gti report + +* Add Google Threat Intelligence report. [Daniel Pascual] + +* Merge pull request #435 from MISP/nyx0-main. [Alexandre Dulaunoy] + + Nyx0 main + +* Upd: [network-profile] add Yandex in `service-abuse` list. [Thomas Dupuy] + + +## v2.4.195 (2024-07-26) + +### New + +* [ddos-config] generic ddos configuration from ddos related binaries. [Alexandre Dulaunoy] + +* [ja4-plus] new MISP object template to describe JA4+ fingerprints. [Alexandre Dulaunoy] + + fix: https://github.com/MISP/MISP/issues/9759 + +### Changes + +* [pe] Updated `pe` object template. [Christian Studer] + + - Added object relation for machine type hex value + - Harmonised object relations + +* [ddos-config] as the config is mainly describing targets. [Alexandre Dulaunoy] + + to_ids and correlation don't make a lot of sense + +* [README] list updated. [Alexandre Dulaunoy] + +* [ja4-plus] jq all the things. [Alexandre Dulaunoy] + +* [ja4-plus] version fixed. [Alexandre Dulaunoy] + +* [ja4-plus] template name fixed. [Alexandre Dulaunoy] + +* [phishing] add an IP field for phishing website hosted on IP address or where the IP is important for the analytics. [Alexandre Dulaunoy] + +### Fix + +* Address_of_entrypoint -> address-of-entrypoint. [Raphaël Vinot] + +* [pe-optional-header] Added missing `disable_correlation` flag. [Christian Studer] + +* [pe-optional-header] Added a few missing `disable_correlation` flags. [Christian Studer] + +* [pe-optional-header] Bumped version. [Christian Studer] + +* [pe-optional-header] Updated object template. [Christian Studer] + + - Harmonised object relations to match with the + `pe` template object relations, especially the + ones for hex values + - Added object relations for `magic` value and + `subsystem` hex value + +* [ddos-config] `ui-priority` added. [Alexandre Dulaunoy] + +### Other + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + +* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer] + + ## v2.4.194 (2024-06-21) ### New diff --git a/static/Changelog-misp-warninglists.txt b/static/Changelog-misp-warninglists.txt index 9c8bf18..436096a 100644 --- a/static/Changelog-misp-warninglists.txt +++ b/static/Changelog-misp-warninglists.txt @@ -1,6 +1,47 @@ # Changelog +## v2.4.195 (2024-07-26) + +### Changes + +* [warning-lists] updated. [Alexandre Dulaunoy] + +* [lists] updated. [Alexandre Dulaunoy] + +### Fix + +* [bank] duplicates removed. [Alexandre Dulaunoy] + +### Other + +* Merge pull request #280 from DionAkkerman/main. [Alexandre Dulaunoy] + + Fix typo in digitalside description + +* Fix typo in digitalside description. [Dion Akkerman] + +* Merge pull request #279 from karenyousefi/main. [Alexandre Dulaunoy] + + update + +* Update bank website. [Karen Yousefi] + + Remove duplicate domains + +* Update bank website. [Karen Yousefi] + + the domains of banks in Qatar, UAE, Iran, Bahrain, Oman, Kuwait, and Saudi Arabia added + +* Update link in bio. [Karen Yousefi] + + Update to V5 + +* Update url shorteners. [Karen Yousefi] + + Update url shorteners to V16 + + ## v2.4.194 (2024-06-21) ### Changes diff --git a/static/Changelog.txt b/static/Changelog.txt index c19a629..5961ef6 100755 --- a/static/Changelog.txt +++ b/static/Changelog.txt @@ -7,7 +7,143 @@ Changelog Changes ~~~~~~~ +- [misp-stix] Bumped latest submodule version including some fixes. + [Christian Studer] + +Other +~~~~~ +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch '2.4' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] + + +v2.4.195 (2024-07-26) +--------------------- + +New +~~~ +- [legacy attribute search] internals added for some edge cases. + [iglocska] + + - new setting allows an admin to flip the search strategy to one that mimics the old behaviour + - refrains from using subqueries +- [attribute search and correlation] improvements. [iglocska] + + - added correlationRules system + - create rules for non correlating events (such as events from the same org, events with a certain string in the event info field, or just manually chosen event IDs) + - should help combat recurring data in certain feeds / providers causing slowdowns + - rework of the attribute pagination + - use the memory limit based bucketing also when limits are set + - better handling of offsets (ordering + using lowest IDs for the next batch instead of mysql offsets) +- [logging] Added more data to logging entry and new option to log used + authkeys in clear-text. [Sami Mokaddem] + +Changes +~~~~~~~ +- [version] bump. [iglocska] +- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy] +- [warning-list] updated to the latest version. [Alexandre Dulaunoy] +- [PyMISP] fix issue with buggy template. [Raphaël Vinot] +- [PyMISP] Bump. [Raphaël Vinot] +- [db schema] bumped. [iglocska] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] +- [workflow:webhook] Correctly send JSON data if content_type is set to + application/json. [Sami Mokaddem] +- [docs] add an example of S/MIME self-signed key for your MISP. + [Alexandre Dulaunoy] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] +- [pymisp] bump. [iglocska] + + - let's see if this fixes the tests +- [PyMISP] Test search & publish. [Raphaël Vinot] +- [logos] added CCB's logo as per request to the defaults. [iglocska] + + - also fixed a gitignore snafu - [PyMISP] Bump changelog. [Raphaël Vinot] +- [misp-objects] updated to the latest version. [Alexandre Dulaunoy] + +Fix +~~~ +- Unify event create/update response. [Luciano Righetti] +- Openapi path parameters are required. [Luciano Righetti] +- Wrong parameter id in taxonomy endpoints. [Luciano Righetti] +- Analyst data openapi spec. [Luciano Righetti] +- [restClient:queryBuilder] Stop prefixing the scope for the fields in + restSearch context. [Sami Mokaddem] +- [index hint] using mysql extended may be wrong. [iglocska] + + - if attributes.deleted isn't indexed it would barf before + - added a check for the existence of the index +- [publishing] if the publish timestamp can't be updated, throw an error + during the in-line publishing. [iglocska] +- [fetchEvent] defaulting out conditions to null rather than false. + [iglocska] + + - enabled the false behaviour that false would simply be ignored + - this caused published = false via the API to default to the published flag not being set at all + - new behaviour works same as 0/1 values for booleans +- [Bookmark view] typo fixed. [Alexandre Dulaunoy] +- [internal] more fixes to the deleted flag. [iglocska] + + - this sure wouldn't be such a clusterfuck if the office had an AC and we weren't sitting in 28.3C +- [deleted filter] fix for the previous commit. [iglocska] + + - modify a local variable rather than the passed-by-reference params array +- [event] Making sure we attach Analyst Data to Event Reports when + fetching Events. [Christian Studer] +- [internal filtering] handle deleted cases better across the various + search endpoints. [iglocska] + + - object restSearch() was not correcty adhering to the deleted:1 parameter among others +- Unify event create/update response. [Luciano Righetti] +- Openapi path parameters are required. [Luciano Righetti] +- Wrong parameter id in taxonomy endpoints. [Luciano Righetti] +- Analyst data openapi spec. [Luciano Righetti] +- [ACL] user add always accessible to site admins. [Andras Iklody] +- [issue] Update config.yml. [Alexandre Dulaunoy] + + Removal of the discussion which is a source of issues. + +Other +~~~~~ +- Merge branch 'develop' into 2.4. [iglocska] +- Merge branch 'correlation_rules' into develop. [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'pr-9744' into develop. [Sami Mokaddem] +- Merge branch 'develop' into pr-9744. [Sami Mokaddem] +- Merge branch 'feature/cleartext-logging' into develop. [Sami Mokaddem] +- Merge branch 'develop' into feature/cleartext-logging. [Sami Mokaddem] +- Merge remote-tracking branch 'refs/remotes/origin/develop' into + develop. [Sami Mokaddem] +- Merge pull request #9826 from righel/fix-openapi-spec-params. [Luciano + Righetti] + + Fix openapi spec params +- Fix OpenAPI spec. [Stefano Ortolani] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Update class properties. [Vincenzo Caputo] +- Update module description. [Vincenzo Caputo] +- Add attach decay score module. [Vincenzo Caputo] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [iglocska] +- Merge branch 'develop' of github.com:MISP/MISP into develop. + [Christian Studer] +- Merge branch '2.4' into develop. [Alexandre Dulaunoy] +- Merge pull request #9805 from ostefano/openapi. [Luciano Righetti] + + Fix OpenAPI spec +- Fix OpenAPI spec. [Stefano Ortolani] +- Merge pull request #9792 from cudeso/2.4. [Alexandre Dulaunoy] + + Adding Threatview.io MISP feeds +- Adding Threatview.io MISP feeds. [Koen Van Impe] v2.4.194 (2024-06-21)