chg: [changelog] updated

iglocska-patch-2
Alexandre Dulaunoy 2024-08-09 10:11:33 +02:00
parent e0a0dec128
commit 0644448201
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
5 changed files with 513 additions and 0 deletions

View File

@ -1,6 +1,185 @@
# Changelog
## %%version%% (unreleased)
### Changes
* [ransomware] inline with ransomlook.io. [Alexandre Dulaunoy]
## v2.4.195 (2024-07-26)
### Changes
* [doc] README updated. [Alexandre Dulaunoy]
* [doc] updated. [Alexandre Dulaunoy]
* [nace] all NACE uppercase. [Alexandre Dulaunoy]
* [README] updated. [Alexandre Dulaunoy]
* [ransomware] groups updated. [Alexandre Dulaunoy]
* [README] updated. [Alexandre Dulaunoy]
* [producer] ESET added. [Alexandre Dulaunoy]
* [README] updated. [Alexandre Dulaunoy]
* [sigma] updated to the latest version. [Alexandre Dulaunoy]
* [README] updated. [Alexandre Dulaunoy]
* [ransomware] updated. [Alexandre Dulaunoy]
* [ransomware] updated. [Alexandre Dulaunoy]
* [ransomware] updated ransomlook. [Alexandre Dulaunoy]
* [mitre-d3fend] PyMISPGalaxies and sorting. [Christophe Vandeplas]
* [atrm] add external_ref and chg to PyMISPGalaxies. [Christophe Vandeplas]
* [tmss] migration to PyMISPGalaxies. [Christophe Vandeplas]
### Fix
* [tools] black everything. [Alexandre Dulaunoy]
* [tmss] fix sorting. [Christophe Vandeplas]
### Other
* Add: [nist-nice] Initial commit for NIST NICE framework Introduces galaxies for cybersecurity: - Work roles - Skills - Tasks - Knowledges - Competency areas - OPM codes. [Jean-Louis Huynen]
* Merge pull request #1004 from Mathieu4141/threat-actors/2c706bb2-b7e3-4de0-86e5-f94b1c1f1905. [Alexandre Dulaunoy]
[threat actors] Add 2 actors
* [threat actors] Update README. [Mathieu4141]
* [threat-actors] Add UAC-0063. [Mathieu4141]
* [threat-actors] Add Threat Actor 888. [Mathieu4141]
* Merge pull request #1003 from MISP/Delta-Sierra-main. [Alexandre Dulaunoy]
Delta sierra main
* Merge branch 'main' of https://github.com/Delta-Sierra/misp-galaxy into Delta-Sierra-main. [Alexandre Dulaunoy]
* Fix version. [Delta-Sierra]
* Merge https://github.com/MISP/misp-galaxy. [Delta-Sierra]
* Create nace galaxy. [Delta-Sierra]
* Merge pull request #1002 from r0ny123/patch-1. [Alexandre Dulaunoy]
Update threat-actor.json
* Update threat-actor.json. [Rony]
added original blog link, and removed unnecessary ones.
* Merge pull request #1001 from Mathieu4141/threat-actors/a66522b9-9e27-47a5-97cf-c8450acfb06c. [Alexandre Dulaunoy]
[threat actors] Add 2 actors
* [threat actors] Update README. [Mathieu4141]
* [threat-actors] Add Nullbulge. [Mathieu4141]
* [threat-actors] Add Lifting Zmiy. [Mathieu4141]
* Merge pull request #1000 from Mathieu4141/threat-actors/bf0dcfd2-44d9-448c-8efd-5361cba2a56b. [Alexandre Dulaunoy]
[threat actors] Add 2 actors
* [threat actors] Update README. [Mathieu4141]
* [threat-actors] Add CRYSTALRAY. [Mathieu4141]
* [threat-actors] Add Void Banshee. [Mathieu4141]
* Merge pull request #998 from Mathieu4141/threat-actors/0589de95-12f2-4fd8-9064-d0915fcfe900. [Alexandre Dulaunoy]
[threat actors] Add 2 actors and 2 aliases
* [threat actors] Update README. [Mathieu4141]
* [threat-actors] Add Scattered Spider aliases. [Mathieu4141]
* [threat-actors] Add Water Sigbin. [Mathieu4141]
* [threat-actors] Add CloudSorcerer. [Mathieu4141]
* [threat-actors] Add Chamelgang aliases. [Mathieu4141]
* Merge pull request #997 from MISP/dependabot/pip/tools/mkdocs/certifi-2024.7.4. [Alexandre Dulaunoy]
build(deps): bump certifi from 2023.11.17 to 2024.7.4 in /tools/mkdocs
* Build(deps): bump certifi from 2023.11.17 to 2024.7.4 in /tools/mkdocs. [dependabot[bot]]
Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.11.17 to 2024.7.4.
- [Commits](https://github.com/certifi/python-certifi/compare/2023.11.17...2024.07.04)
---
updated-dependencies:
- dependency-name: certifi
dependency-type: direct:production
...
* Merge pull request #996 from Mathieu4141/threat-actors/fc7ade34-5d19-4089-acce-65f8e103952b. [Alexandre Dulaunoy]
[threat actors] Add 2 actors
* [threat actors] Update README. [Mathieu4141]
* [threat-actors] Add Boolka. [Mathieu4141]
* [threat-actors] Add Dragonbridge. [Mathieu4141]
* Merge pull request #994 from cvandeplas/atrm. [Christophe Vandeplas]
chg: [atrm, tmss] migration to PyMISPGalaxies
* Merge pull request #995 from Mathieu4141/threat-actors/4c1ff26b-8695-45ec-8c36-adcbdb2add7c. [Alexandre Dulaunoy]
[threat actors] Add 2 actors
* [threat actors] Update README. [Mathieu4141]
* [threat-actors] Add IntelBroker. [Mathieu4141]
* [threat-actors] Add HellHounds. [Mathieu4141]
* Merge pull request #993 from Mathieu4141/threat-actors/15075ff2-4013-43ac-ac8a-0bf6442d13b1. [Alexandre Dulaunoy]
[threat actors] Adding 8 actors
* [threat actors] update readme. [Mathieu Beligon]
* [threat-actors] Add BlueHornet. [Mathieu4141]
* [threat-actors] Add ALTDOS. [Mathieu4141]
* [threat-actors] Add SneakyChef. [Mathieu4141]
* [threat-actors] Add RedJuliett. [Mathieu4141]
* [threat-actors] Add JuiceLedger. [Mathieu4141]
* [threat-actors] Add Adrastea. [Mathieu4141]
* [threat-actors] Add Markopolo. [Mathieu4141]
* [threat-actors] Add Void Arachne. [Mathieu4141]
## v2.4.194 (2024-06-21)
### New

View File

@ -1,6 +1,76 @@
# Changelog
## %%version%% (unreleased)
### Fix
* [doc] url fixed. [Alexandre Dulaunoy]
* [doc] regenerated. [Alexandre Dulaunoy]
related to #673
* [doc] original JSON file type for GTI. [Alexandre Dulaunoy]
related to #673
## v2.4.195 (2024-07-19)
### New
* [vulnerability_lookup] New module to query Vulnerability Lookup. [Christian Studer]
- Reusing the `variotdbs` code to parse the
vulnerability description from VariotDB
* [feature] external tools config and use. [David Cruciani]
### Changes
* [query] query as same. [David Cruciani]
### Fix
* [vulnerability_lookup] Avoiding issues with `Iterator` in python3.8. [Christian Studer]
* [vulnerability_lookup] Avoiding KeyError exceptions on some fields. [Christian Studer]
* [login] flash messages. [David Cruciani]
### Other
* Merge pull request #672 from ostefano/pandas2. [Alexandre Dulaunoy]
Update pandas and pandas_ods_reader and patch ods_enrich
* Update pandas and pandas_ods_reader and patch ods_enrich. [Stefano Ortolani]
* Merge pull request #670 from ostefano/python312. [Alexandre Dulaunoy]
Improve compatibility and upgrade python to 3.12
* Improve compatibility and upgrade python to 3.12. [Stefano Ortolani]
Changes:
* Remove vysion (not compatible with python 3.12 and no public repository)
* Remove stiximport (requires archaic version of pymisp)
* Update Python to 3.12
* Pin Numpy to 1.X
* Add missing dependencies
* Commit lock file
* Update requirements file
* Merge pull request #669 from VirusTotal/update_doc_references. [Alexandre Dulaunoy]
chore: Update virustotal documentation references
* Update doc references. [silviacuenca]
* Merge branch 'main' of github.com:MISP/misp-modules. [Christian Studer]
## v2.4.194 (2024-06-21)
### Changes

View File

@ -1,6 +1,93 @@
# Changelog
## %%version%% (unreleased)
### Changes
* [doc] list of object templates updated. [Alexandre Dulaunoy]
* [google-threat-intelligene-report] JSON clean-up. [Alexandre Dulaunoy]
* [network-profile] new-line. [Alexandre Dulaunoy]
* [pe-optional-header] jq all the things. [Alexandre Dulaunoy]
### Other
* Merge pull request #437 from MISP/VirusTotal-feat/new-gti-report. [Alexandre Dulaunoy]
Virus total feat/new gti report
* Add Google Threat Intelligence report. [Daniel Pascual]
* Merge pull request #435 from MISP/nyx0-main. [Alexandre Dulaunoy]
Nyx0 main
* Upd: [network-profile] add Yandex in `service-abuse` list. [Thomas Dupuy]
## v2.4.195 (2024-07-26)
### New
* [ddos-config] generic ddos configuration from ddos related binaries. [Alexandre Dulaunoy]
* [ja4-plus] new MISP object template to describe JA4+ fingerprints. [Alexandre Dulaunoy]
fix: https://github.com/MISP/MISP/issues/9759
### Changes
* [pe] Updated `pe` object template. [Christian Studer]
- Added object relation for machine type hex value
- Harmonised object relations
* [ddos-config] as the config is mainly describing targets. [Alexandre Dulaunoy]
to_ids and correlation don't make a lot of sense
* [README] list updated. [Alexandre Dulaunoy]
* [ja4-plus] jq all the things. [Alexandre Dulaunoy]
* [ja4-plus] version fixed. [Alexandre Dulaunoy]
* [ja4-plus] template name fixed. [Alexandre Dulaunoy]
* [phishing] add an IP field for phishing website hosted on IP address or where the IP is important for the analytics. [Alexandre Dulaunoy]
### Fix
* Address_of_entrypoint -> address-of-entrypoint. [Raphaël Vinot]
* [pe-optional-header] Added missing `disable_correlation` flag. [Christian Studer]
* [pe-optional-header] Added a few missing `disable_correlation` flags. [Christian Studer]
* [pe-optional-header] Bumped version. [Christian Studer]
* [pe-optional-header] Updated object template. [Christian Studer]
- Harmonised object relations to match with the
`pe` template object relations, especially the
ones for hex values
- Added object relations for `magic` value and
`subsystem` hex value
* [ddos-config] `ui-priority` added. [Alexandre Dulaunoy]
### Other
* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer]
* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer]
* Merge branch 'main' of github.com:MISP/misp-objects. [Christian Studer]
## v2.4.194 (2024-06-21)
### New

View File

@ -1,6 +1,47 @@
# Changelog
## v2.4.195 (2024-07-26)
### Changes
* [warning-lists] updated. [Alexandre Dulaunoy]
* [lists] updated. [Alexandre Dulaunoy]
### Fix
* [bank] duplicates removed. [Alexandre Dulaunoy]
### Other
* Merge pull request #280 from DionAkkerman/main. [Alexandre Dulaunoy]
Fix typo in digitalside description
* Fix typo in digitalside description. [Dion Akkerman]
* Merge pull request #279 from karenyousefi/main. [Alexandre Dulaunoy]
update
* Update bank website. [Karen Yousefi]
Remove duplicate domains
* Update bank website. [Karen Yousefi]
the domains of banks in Qatar, UAE, Iran, Bahrain, Oman, Kuwait, and Saudi Arabia added
* Update link in bio. [Karen Yousefi]
Update to V5
* Update url shorteners. [Karen Yousefi]
Update url shorteners to V16
## v2.4.194 (2024-06-21)
### Changes

View File

@ -7,7 +7,143 @@ Changelog
Changes
~~~~~~~
- [misp-stix] Bumped latest submodule version including some fixes.
[Christian Studer]
Other
~~~~~
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[Christian Studer]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[Christian Studer]
v2.4.195 (2024-07-26)
---------------------
New
~~~
- [legacy attribute search] internals added for some edge cases.
[iglocska]
- new setting allows an admin to flip the search strategy to one that mimics the old behaviour
- refrains from using subqueries
- [attribute search and correlation] improvements. [iglocska]
- added correlationRules system
- create rules for non correlating events (such as events from the same org, events with a certain string in the event info field, or just manually chosen event IDs)
- should help combat recurring data in certain feeds / providers causing slowdowns
- rework of the attribute pagination
- use the memory limit based bucketing also when limits are set
- better handling of offsets (ordering + using lowest IDs for the next batch instead of mysql offsets)
- [logging] Added more data to logging entry and new option to log used
authkeys in clear-text. [Sami Mokaddem]
Changes
~~~~~~~
- [version] bump. [iglocska]
- [misp-galaxy] updated to the latest version. [Alexandre Dulaunoy]
- [warning-list] updated to the latest version. [Alexandre Dulaunoy]
- [PyMISP] fix issue with buggy template. [Raphaël Vinot]
- [PyMISP] Bump. [Raphaël Vinot]
- [db schema] bumped. [iglocska]
- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
- [workflow:webhook] Correctly send JSON data if content_type is set to
application/json. [Sami Mokaddem]
- [docs] add an example of S/MIME self-signed key for your MISP.
[Alexandre Dulaunoy]
- [pymisp] bump. [iglocska]
- [pymisp] bump. [iglocska]
- [pymisp] bump. [iglocska]
- [pymisp] bump. [iglocska]
- [pymisp] bump. [iglocska]
- [pymisp] bump. [iglocska]
- let's see if this fixes the tests
- [PyMISP] Test search & publish. [Raphaël Vinot]
- [logos] added CCB's logo as per request to the defaults. [iglocska]
- also fixed a gitignore snafu
- [PyMISP] Bump changelog. [Raphaël Vinot]
- [misp-objects] updated to the latest version. [Alexandre Dulaunoy]
Fix
~~~
- Unify event create/update response. [Luciano Righetti]
- Openapi path parameters are required. [Luciano Righetti]
- Wrong parameter id in taxonomy endpoints. [Luciano Righetti]
- Analyst data openapi spec. [Luciano Righetti]
- [restClient:queryBuilder] Stop prefixing the scope for the fields in
restSearch context. [Sami Mokaddem]
- [index hint] using mysql extended may be wrong. [iglocska]
- if attributes.deleted isn't indexed it would barf before
- added a check for the existence of the index
- [publishing] if the publish timestamp can't be updated, throw an error
during the in-line publishing. [iglocska]
- [fetchEvent] defaulting out conditions to null rather than false.
[iglocska]
- enabled the false behaviour that false would simply be ignored
- this caused published = false via the API to default to the published flag not being set at all
- new behaviour works same as 0/1 values for booleans
- [Bookmark view] typo fixed. [Alexandre Dulaunoy]
- [internal] more fixes to the deleted flag. [iglocska]
- this sure wouldn't be such a clusterfuck if the office had an AC and we weren't sitting in 28.3C
- [deleted filter] fix for the previous commit. [iglocska]
- modify a local variable rather than the passed-by-reference params array
- [event] Making sure we attach Analyst Data to Event Reports when
fetching Events. [Christian Studer]
- [internal filtering] handle deleted cases better across the various
search endpoints. [iglocska]
- object restSearch() was not correcty adhering to the deleted:1 parameter among others
- Unify event create/update response. [Luciano Righetti]
- Openapi path parameters are required. [Luciano Righetti]
- Wrong parameter id in taxonomy endpoints. [Luciano Righetti]
- Analyst data openapi spec. [Luciano Righetti]
- [ACL] user add always accessible to site admins. [Andras Iklody]
- [issue] Update config.yml. [Alexandre Dulaunoy]
Removal of the discussion which is a source of issues.
Other
~~~~~
- Merge branch 'develop' into 2.4. [iglocska]
- Merge branch 'correlation_rules' into develop. [iglocska]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[iglocska]
- Merge branch 'pr-9744' into develop. [Sami Mokaddem]
- Merge branch 'develop' into pr-9744. [Sami Mokaddem]
- Merge branch 'feature/cleartext-logging' into develop. [Sami Mokaddem]
- Merge branch 'develop' into feature/cleartext-logging. [Sami Mokaddem]
- Merge remote-tracking branch 'refs/remotes/origin/develop' into
develop. [Sami Mokaddem]
- Merge pull request #9826 from righel/fix-openapi-spec-params. [Luciano
Righetti]
Fix openapi spec params
- Fix OpenAPI spec. [Stefano Ortolani]
- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
- Update class properties. [Vincenzo Caputo]
- Update module description. [Vincenzo Caputo]
- Add attach decay score module. [Vincenzo Caputo]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[iglocska]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[Christian Studer]
- Merge branch '2.4' into develop. [Alexandre Dulaunoy]
- Merge pull request #9805 from ostefano/openapi. [Luciano Righetti]
Fix OpenAPI spec
- Fix OpenAPI spec. [Stefano Ortolani]
- Merge pull request #9792 from cudeso/2.4. [Alexandre Dulaunoy]
Adding Threatview.io MISP feeds
- Adding Threatview.io MISP feeds. [Koen Van Impe]
v2.4.194 (2024-06-21)