chg: [static] various updates

static/taxonomies.html

@@ -63899,6 +63899,276 @@ Exclusive flag set which means the values or predicate below must be set exclusi
 </div>
 </div>
 </div>
+<div class="sect2">
+<h3 id="_impact_subsectors_important_entities">impact-subsectors-important-entities</h3>
+<div class="paragraph">
+<p>Impact subsectors important entities</p>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_important_entitiesmedical_devices_manufacturing">nis2:impact-subsectors-important-entities="medical-devices-manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture of medical devices and in vitro diagnostic medical devices</p>
+</div>
+<div class="paragraph">
+<p>Entities manufacturing medical devices and entities manufacturing in vitro diagnostic medical devices</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_important_entitiescomputer_manufacturing">nis2:impact-subsectors-important-entities="computer-manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture of computer, electronic and optical products</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out the manufacture of computers, electronical and optical products. This includes the manufacture of computers, computer peripherals, communications equipment, and similar electronic products, as well as the manufacture of components for such products. Also included is the manufacture of consumer electronics, measuring, testing, and navigating equipment, irradiation, electromedical and electrotherapeutic equipment, optical instruments and equipment, and the manufacture of magnetic and optical media</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_important_entitieselectrical_equipment_manufacturing">nis2:impact-subsectors-important-entities="electrical-equipment-manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture of computer, electronic and optical products</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out the manufacture of electrical equipment. This includes the manufacture of products that generate, distribute, and use electrical power. Also included is the manufacture of electrical lighting, signalling equipment and electric household appliances</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_important_entitiesmachinery_equipment_manufacturing">nis2:impact-subsectors-important-entities="machinery-equipment-manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture of machinery and equipment N.E.C</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out the manufacture of machinery and equipment n.e.c. This includes the manufacture of machinery and equipment that act independently on materials either mechanically or thermally or perform operations on materials (such as handling, spraying, weighing, or packing), including their mechanical components that produce and apply force, and any specially manufactured primary parts.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_important_entitiesvehicles_trailers_manufacturing">nis2:impact-subsectors-important-entities="vehicles-trailers-manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture of motor vehicles, trailers and semi-trailers</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out the manufacture of motor vehicles for transporting passengers or freight. The manufacture of various parts and accessories, as well as the manufacture of trailers and semi-trailers, is also included</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_important_entitiesother_transport_manufacturing">nis2:impact-subsectors-important-entities="other-transport-manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture of other transport equipment</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out the manufacture of motor vehicles for transporting passengers or freight. The manufacture of various parts and accessories, as well as the manufacture of trailers and semi-trailers, is also included</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_important_entities">important-entities</h3>
+<div class="paragraph">
+<p>Important entities</p>
+</div>
+<div class="sect3">
+<h4 id="_nis2important_entitiespostal">nis2:important-entities="postal"</h4>
+<div class="paragraph">
+<p>Postal service providers</p>
+</div>
+<div class="paragraph">
+<p>i.e. services involving the clearance, sorting, transport, and delivery of postal items</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2important_entitieswaste">nis2:important-entities="waste"</h4>
+<div class="paragraph">
+<p>Waste management</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out waste management excluding undertakings for whom waste management is not their principal economic activity. ‘Waste management’ means the collection, transport, recovery, and disposal of waste, including the supervision of such operations and the aftercare of disposal sites, and including actions taken as a dealer or broker</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2important_entitieschemicals">nis2:important-entities="chemicals"</h4>
+<div class="paragraph">
+<p>Manufacture, production and distribution of chemicals</p>
+</div>
+<div class="paragraph">
+<p>Undertakings carrying out the manufacture, production and distribution of chemicals. ‘Producer’ means any natural or legal person who makes or assembles an article. ‘Manufacturer’ means any natural or legal person who manufactures a substance. ‘Distributor’ means any natural or legal person, including a retailer, who only stores and places on the market a substance, on its own or in a mixture, for third parties</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2important_entitiesmanufacturing">nis2:important-entities="manufacturing"</h4>
+<div class="paragraph">
+<p>Manufacture</p>
+</div>
+<div class="paragraph">
+<p>Entities manufacturing medical devices, computers, electrical equipment, machinery, motor vehicles, transport equipment</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2important_entitiesdigital">nis2:important-entities="digital"</h4>
+<div class="paragraph">
+<p>Digital providers</p>
+</div>
+<div class="paragraph">
+<p>Providers of online marketplaces, providers of online search engines, providers of social networks</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_impact_subsectors_impacted">impact-subsectors-impacted</h3>
+<div class="paragraph">
+<p>Impact subsectors impacted</p>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedelectricity">nis2:impact-subsectors-impacted="electricity"</h4>
+<div class="paragraph">
+<p>Electricity undertaking</p>
+</div>
+<div class="paragraph">
+<p>Electricity undertaking means a natural or legal person who carries out at least one of the following functions: generation, transmission, distribution, aggregation, demand response, energy storage, supply or purchase of electricity</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impacteddistrict_heating_and_cooling">nis2:impact-subsectors-impacted="district-heating-and-cooling"</h4>
+<div class="paragraph">
+<p>The use of energy from renewable sources</p>
+</div>
+<div class="paragraph">
+<p>District heating’ or ‘district cooling’ means the distribution of thermal energy in the form of steam, hot water or chilled liquids, from central or decentralised sources</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedoil">nis2:impact-subsectors-impacted="oil"</h4>
+<div class="paragraph">
+<p>Operators of oil energy</p>
+</div>
+<div class="paragraph">
+<p>Operators transmission pipelines oil production, refining and treatment facilities, storage and transmission, central oil stockholding entities</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedgas">nis2:impact-subsectors-impacted="gas"</h4>
+<div class="paragraph">
+<p>Operators of gas energy</p>
+</div>
+<div class="paragraph">
+<p>operators of distribution, transmission, storage of gas and LNG system operators</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedhydrogen">nis2:impact-subsectors-impacted="hydrogen"</h4>
+<div class="paragraph">
+<p>Operators of hydrogen energy</p>
+</div>
+<div class="paragraph">
+<p>Operators of hydrogen production, storage and transmission</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedair">nis2:impact-subsectors-impacted="air"</h4>
+<div class="paragraph">
+<p>Air trasportation</p>
+</div>
+<div class="paragraph">
+<p>Air carriers, airport managing bodies, airports,  core airports and entities operating ancillary installations contained within airports, traffic management control operators providing air traffic control (ATC) services</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedrail">nis2:impact-subsectors-impacted="rail"</h4>
+<div class="paragraph">
+<p>Rail transportation</p>
+</div>
+<div class="paragraph">
+<p>Infrastructure managers, railway undertakings including operators of service facilities</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedwater">nis2:impact-subsectors-impacted="water"</h4>
+<div class="paragraph">
+<p>Water transportation</p>
+</div>
+<div class="paragraph">
+<p>Inland, sea and coastal passenger and freight water transport companies, managing bodies of ports including their port facilities, and entities operating works and equipment contained within ports, operators of vessel traffic services (VTS)</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedroad">nis2:impact-subsectors-impacted="road"</h4>
+<div class="paragraph">
+<p>Road transportation</p>
+</div>
+<div class="paragraph">
+<p>Road authorities responsible for traffic management control, operators of Intelligent Transport Systems (ITS)</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedbanking_subsector">nis2:impact-subsectors-impacted="banking-subsector"</h4>
+<div class="paragraph">
+<p>Credits</p>
+</div>
+<div class="paragraph">
+<p>Credit institutions, i.e. an undertaking the business of which is to take deposits or other repayable funds from the public and to grant credits for its own account</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedfinancial_subsector">nis2:impact-subsectors-impacted="financial-subsector"</h4>
+<div class="paragraph">
+<p>Finanacial market infrastructures</p>
+</div>
+<div class="paragraph">
+<p>Operators of trading venues, central counterparties (CCPs), i.e. a legal person that interposes itself between the counterparties to the contracts traded on one or more financial markets, becoming the buyer to every seller and the seller to every buyer</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedhealth_subsector">nis2:impact-subsectors-impacted="health-subsector"</h4>
+<div class="paragraph">
+<p>Health entities</p>
+</div>
+<div class="paragraph">
+<p>Healthcare providers, EU reference laboratories, entities carrying out research and development activities of medicinal products, entities manufacturing  basic pharmaceutical products and pharmaceutical preparations, entities manufacturing medical devices considered as critical during a public health emergency</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impacteddrinking_water_subsector">nis2:impact-subsectors-impacted="drinking-water-subsector"</h4>
+<div class="paragraph">
+<p>Drinking water entities</p>
+</div>
+<div class="paragraph">
+<p>Suppliers and distributors of water intended for human consumption</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedwaste_water_subsector">nis2:impact-subsectors-impacted="waste-water-subsector"</h4>
+<div class="paragraph">
+<p>Waste water entities</p>
+</div>
+<div class="paragraph">
+<p>Undertakings collecting, disposing or treating urban, domestic and industrial waste water</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impacteddigital_ifrastructure_subsector">nis2:impact-subsectors-impacted="digital-ifrastructure-subsector"</h4>
+<div class="paragraph">
+<p>Digital infrastructure entities</p>
+</div>
+<div class="paragraph">
+<p>Internet Exchange Point providers (IXP), DNS service providers, Top-Level Domain (TLD) name registries, cloud computing service providers, Data centre service providers, content delivery network providers, providers of public electronic communications networks or providers of electronic communications services where their services are publicly available</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedpublic_administration_subsector">nis2:impact-subsectors-impacted="public-administration-subsector"</h4>
+<div class="paragraph">
+<p>Public administration entities</p>
+</div>
+<div class="paragraph">
+<p>Public administration entities of central governments, Public administration entities of NUTS level 1 regions (population min. 3 million – max. 7 million) and NUTS level 2  regions (population min. 800.000 – max 3 million)</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_nis2impact_subsectors_impactedspace_subsector">nis2:impact-subsectors-impacted="space-subsector"</h4>
+<div class="paragraph">
+<p>Space entities</p>
+</div>
+<div class="paragraph">
+<p>Operators of ground-based infrastructure, owned, managed and operated by Member States or by private parties, that support the provision of space-based services, excluding providers of public electronic communications networks. ‘Public electronic communications network’ means an electronic communications network used wholly or mainly for the provision of publicly available electronic communications services which support the transfer of information between network termination points</p>
+</div>
+</div>
+</div>
 </div>
 </div>
 <div class="sect1">
@@ -65857,9 +66127,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_checkdmarc">checkdmarc</h3>
-<div class="paragraph">
-<p>CheckDMARC validates SPF and DMARC DNS records.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyoticheckdmarcspoofable">pyoti:checkdmarc="spoofable"</h4>
 <div class="paragraph">
@@ -65878,9 +66145,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_emailrepio">emailrepio</h3>
-<div class="paragraph">
-<p>EmailRep.io is a system of crawlers, scanners and enrichment services that collects data on email addresses, domains, and internet personas.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotiemailrepiospoofable">pyoti:emailrepio="spoofable"</h4>
 <div class="paragraph">
@@ -65992,9 +66256,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_iris_investigate">iris-investigate</h3>
-<div class="paragraph">
-<p>Iris Investigate gives visibility into what type of risk the domain represents.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotiiris_investigatehigh">pyoti:iris-investigate="high"</h4>
 <div class="paragraph">
@@ -66034,9 +66295,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_virustotal">virustotal</h3>
-<div class="paragraph">
-<p>Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotivirustotalknown_distributor">pyoti:virustotal="known-distributor"</h4>
 <div class="paragraph">
@@ -66055,12 +66313,18 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 <p>The valid-signature entry indicates a file is signed with a valid signature.</p>
 </div>
 </div>
+<div class="sect3">
+<h4 id="_pyotivirustotalinvalid_signature">pyoti:virustotal="invalid-signature"</h4>
+<div class="paragraph">
+<p>Invalid Signature</p>
+</div>
+<div class="paragraph">
+<p>The invalid-signature entry indicates a file is signed with an invalid signature.</p>
+</div>
+</div>
 </div>
 <div class="sect2">
 <h3 id="_circl_hashlookup">circl-hashlookup</h3>
-<div class="paragraph">
-<p>Lookup hash values against database of known files. NSRL RDS database is included, as well as many others.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyoticircl_hashlookuphigh_trust">pyoti:circl-hashlookup="high-trust"</h4>
 <div class="paragraph">
@@ -66100,9 +66364,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_reputation_block_list">reputation-block-list</h3>
-<div class="paragraph">
-<p>Reputation Block Lists are lists of domains, URLs, and IP addresses that have been investigated and subsequently identified as posing security threats.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotireputation_block_listbarracudacentral_brbl">pyoti:reputation-block-list="barracudacentral-brbl"</h4>
 <div class="paragraph">
@@ -66166,12 +66427,162 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 <p>Spamhaus Don&#8217;t Route Or Peer (DROP) is an advisory 'drop all traffic' list. DROP is a tiny subset of the SBL which is designed for use by firewalls or routing equipment.</p>
 </div>
 </div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_spam">pyoti:reputation-block-list="spamhaus-spam"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Spam Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of domain names with poor reputations used for spam.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_phish">pyoti:reputation-block-list="spamhaus-phish"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Phish Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of domain names with poor reputations used for phishing.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_malware">pyoti:reputation-block-list="spamhaus-malware"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Malware Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of domain names with poor reputations used to serve malware.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_botnet_c2">pyoti:reputation-block-list="spamhaus-botnet-c2"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Botnet C2 Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of domain names with poor reputations used for botnet command and control.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_abused_legit_spam">pyoti:reputation-block-list="spamhaus-abused-legit-spam"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Abused Legit Spam Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of abused legitimate domain names with poor reputations used for spam.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_abused_spammed_redirector">pyoti:reputation-block-list="spamhaus-abused-spammed-redirector"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Abused Spammed Redirector Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of abused legitimate spammed domain names with poor reputations used as redirector domains.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_abused_legit_phish">pyoti:reputation-block-list="spamhaus-abused-legit-phish"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Abused Legit Phish Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of abused legitimate domain names with poor reputations used for phishing.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_abused_legit_malware">pyoti:reputation-block-list="spamhaus-abused-legit-malware"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Abused Legit Malware Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of abused legitimate domain names with poor reputations used to serve malware.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listspamhaus_abused_legit_botnet_c2">pyoti:reputation-block-list="spamhaus-abused-legit-botnet-c2"</h4>
+<div class="paragraph">
+<p>Spamhaus Domain Block List Abused Legit Botnet C2 Domain</p>
+</div>
+<div class="paragraph">
+<p>Spamhaus Domain Block List (DBL) is a list of abused legitimate domain names with poor reputations used for botnet command and control.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listsurbl_phish">pyoti:reputation-block-list="surbl-phish"</h4>
+<div class="paragraph">
+<p>SURBL Phishing Sites</p>
+</div>
+<div class="paragraph">
+<p>Phishing data from multiple sources is included in this list. Data includes PhishTank, OITC, PhishLabs, Malware Domains and several other sources, including proprietary research by SURBL.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listsurbl_malware">pyoti:reputation-block-list="surbl-malware"</h4>
+<div class="paragraph">
+<p>SURBL Malware Sites</p>
+</div>
+<div class="paragraph">
+<p>This list contains data from multiple sources that cover sites hosting malware. This includes OITC, abuse.ch, The DNS blackhole malicious site data from malwaredomains.com and others. Malware data also includes significant proprietary research by SURBL.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listsurbl_spam">pyoti:reputation-block-list="surbl-spam"</h4>
+<div class="paragraph">
+<p>SURBL Spam Sites</p>
+</div>
+<div class="paragraph">
+<p>This list contains mainly general spam sites. It combines data from the formerly separate JP, WS, SC and AB lists. It also includes data from Internet security, anti-abuse, ISP, ESP and other communities, such as Telenor. Most of the data in this list comes from internal, proprietary research by SURBL.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listsurbl_abused_legit">pyoti:reputation-block-list="surbl-abused-legit"</h4>
+<div class="paragraph">
+<p>SURBL Abused Legit Sites</p>
+</div>
+<div class="paragraph">
+<p>This list contains data from multiple sources that cover cracked sites, including SURBL internal ones. Criminals steal credentials or abuse vulnerabilities to break into websites and add malicious content. Often cracked pages will redirect to spam sites or to other cracked sites. Cracked sites usually still contain the original legitimate content and may still be mentioned in legitimate emails, besides the malicious pages referenced in spam.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listuribl_black">pyoti:reputation-block-list="uribl-black"</h4>
+<div class="paragraph">
+<p>URIBL Black</p>
+</div>
+<div class="paragraph">
+<p>URIBL Black list contains domain names belonging to and used by spammers, including but not restricted to those that appear in URIs found in Unsolicited Bulk and/or Commercial Email (UBE/UCE). This list has a goal of zero False Positives.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listuribl_grey">pyoti:reputation-block-list="uribl-grey"</h4>
+<div class="paragraph">
+<p>URIBL Grey</p>
+</div>
+<div class="paragraph">
+<p>URIBL Grey list contains domains found in UBE/UCE, and possibly honour opt-out requests. It may include ESPs which allow customers to import their recipient lists and may have no control over the subscription methods. This list can and probably will cause False Positives depending on your definition of UBE/UCE.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listuribl_red">pyoti:reputation-block-list="uribl-red"</h4>
+<div class="paragraph">
+<p>URIBL Red</p>
+</div>
+<div class="paragraph">
+<p>URIBL Red list contains domains that actively show up in mail flow, are not listed on URIBL black, and are either: being monitored, very young (domain age via whois), or use whois privacy features to protect their identity. This list is automated in nature, so please use at your own risk.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="_pyotireputation_block_listuribl_multi">pyoti:reputation-block-list="uribl-multi"</h4>
+<div class="paragraph">
+<p>URIBL Multi</p>
+</div>
+<div class="paragraph">
+<p>URIBL Multi list contains all of the public URIBL lists.</p>
+</div>
+</div>
 </div>
 <div class="sect2">
 <h3 id="_abuseipdb">abuseipdb</h3>
-<div class="paragraph">
-<p>AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotiabuseipdbhigh">pyoti:abuseipdb="high"</h4>
 <div class="paragraph">
@@ -66211,9 +66622,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_greynoise_riot">greynoise-riot</h3>
-<div class="paragraph">
-<p>GreyNoise RIOT identifies IPs from known benign services and organizations that commonly cause false positives in network security and threat intelligence products.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotigreynoise_riottrust_level_1">pyoti:greynoise-riot="trust-level-1"</h4>
 <div class="paragraph">
@@ -66235,9 +66643,6 @@ pyoti namespace available in JSON format at <a href="https://github.com/MISP/mis
 </div>
 <div class="sect2">
 <h3 id="_googlesafebrowsing">googlesafebrowsing</h3>
-<div class="paragraph">
-<p>Google Safe Browsing is a blacklist service provided by Google that provides lists of URLs for web resources that contain malware or phishing content.</p>
-</div>
 <div class="sect3">
 <h4 id="_pyotigooglesafebrowsingmalware">pyoti:googlesafebrowsing="malware"</h4>
 <div class="paragraph">
@@ -70414,7 +70819,7 @@ tlp namespace available in JSON format at <a href="https://github.com/MISP/misp-
 </table>
 </div>
 <div class="paragraph">
-<p>The Traffic Light Protocol - or short: TLP - was designed with the objective to create a favorable classification scheme for sharing sensitive information while keeping the control over its distribution at the same time.</p>
+<p>The Traffic Light Protocol (TLP) (v2.0) was created to facilitate greater sharing of potentially sensitive information and more effective collaboration. Information sharing happens from an information source, towards one or more recipients. TLP is a set of four labels used to indicate the sharing boundaries to be applied by the recipients. Only labels listed in this standard are considered valid by FIRST. This taxonomy includes additional labels for backward compatibility which are no more validated by FIRST.</p>
 </div>
 <div class="admonitionblock important">
 <table>
@@ -70431,52 +70836,67 @@ Exclusive flag set which means the values or predicate below must be set exclusi
 <div class="sect2">
 <h3 id="_red_2">red</h3>
 <div class="paragraph">
-<p>Not for disclosure, restricted to participants only. Sources may use TLP:RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party&#8217;s privacy, reputation, or operations if misused. Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person.</p>
+<p>For the eyes and ears of individual recipients only, no further disclosure. Sources may use TLP:RED when information cannot be effectively acted upon without significant risk for the privacy, reputation, or operations of the organizations involved. Recipients may therefore not share TLP:RED information with anyone else. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting.</p>
 </div>
 <div class="sect3">
 <h4 id="_tlpred">tlp:red</h4>
 <div class="paragraph">
-<p>(TLP:RED) Information exclusively and directly given to (a group of) individual recipients. Sharing outside is not legitimate.</p>
+<p>(TLP:RED) For the eyes and ears of individual recipients only, no further disclosure.</p>
 </div>
 <div class="paragraph">
-<p>Not for disclosure, restricted to participants only. Sources may use TLP:RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party&#8217;s privacy, reputation, or operations if misused. Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person.</p>
+<p>For the eyes and ears of individual recipients only, no further disclosure. Sources may use TLP:RED when information cannot be effectively acted upon without significant risk for the privacy, reputation, or operations of the organizations involved. Recipients may therefore not share TLP:RED information with anyone else. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting.</p>
 </div>
 </div>
 </div>
 <div class="sect2">
 <h3 id="_amber_2">amber</h3>
 <div class="paragraph">
-<p>Limited disclosure, restricted to participants’ organizations. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may only share TLP:AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm. Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.</p>
+<p>Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER information with members of their own organization and its clients, but only on a need-to-know basis to protect their organization and its clients and prevent further harm. Note that TLP:AMBER+STRICT restricts sharing to the organization only.</p>
 </div>
 <div class="sect3">
 <h4 id="_tlpamber">tlp:amber</h4>
 <div class="paragraph">
-<p>(TLP:AMBER) Information exclusively given to an organization; sharing limited within the organization to be effectively acted upon.</p>
+<p>(TLP:AMBER) Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients.</p>
 </div>
 <div class="paragraph">
-<p>Limited disclosure, restricted to participants’ organizations. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may only share TLP:AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm. Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.</p>
+<p>Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER information with members of their own organization and its clients, but only on a need-to-know basis to protect their organization and its clients and prevent further harm. Note that TLP:AMBER+STRICT restricts sharing to the organization only.</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_amberstrict">amber+strict</h3>
+<div class="paragraph">
+<p>Limited disclosure, recipients can only spread this on a need-to-know basis within their organization. Sources may use TLP:AMBER+STRICT when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER+STRICT information with members of their own organization.</p>
+</div>
+<div class="sect3">
+<h4 id="_tlpamberstrict">tlp:amber+strict</h4>
+<div class="paragraph">
+<p>Limited disclosure, recipients can only spread this on a need-to-know basis within their organization.</p>
+</div>
+<div class="paragraph">
+<p>Limited disclosure, recipients can only spread this on a need-to-know basis within their organization. Sources may use TLP:AMBER+STRICT when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER+STRICT information with members of their own organization.</p>
 </div>
 </div>
 </div>
 <div class="sect2">
 <h3 id="_green_2">green</h3>
 <div class="paragraph">
-<p>Limited disclosure, restricted to the community. Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Recipients may share TLP:GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Information in this category can be circulated widely within a particular community. TLP:GREEN information may not be released outside of the community.</p>
+<p>Limited disclosure, recipients can spread this within their community. Sources may use TLP:GREEN when information is useful to increase awareness within their wider community. Recipients may share TLP:GREEN information with peers and partner organizations within their community, but not via publicly accessible channels. TLP:GREEN information may not be shared outside of the community. Note: when “community” is not defined, assume the cybersecurity/defense community.</p>
 </div>
 <div class="sect3">
 <h4 id="_tlpgreen">tlp:green</h4>
 <div class="paragraph">
-<p>(TLP:GREEN) Information given to a community or a group of organizations at large. The information cannot be publicly released.</p>
+<p>(TLP:GREEN) Limited disclosure, recipients can spread this within their community.</p>
 </div>
 <div class="paragraph">
-<p>Limited disclosure, restricted to the community. Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Recipients may share TLP:GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Information in this category can be circulated widely within a particular community. TLP:GREEN information may not be released outside of the community.</p>
+<p>Limited disclosure, recipients can spread this within their community. Sources may use TLP:GREEN when information is useful to increase awareness within their wider community. Recipients may share TLP:GREEN information with peers and partner organizations within their community, but not via publicly accessible channels. TLP:GREEN information may not be shared outside of the community. Note: when “community” is not defined, assume the cybersecurity/defense community.</p>
 </div>
 </div>
 </div>
 <div class="sect2">
 <h3 id="_white_2">white</h3>
 <div class="paragraph">
-<p>Disclosure is not limited.  Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.</p>
+<p>Disclosure is not limited.  Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. The version 2.0 of TLP doesn&#8217;t mention anymore this tag which is most probably compatible with new TLP:CLEAR tag.</p>
 </div>
 <div class="sect3">
 <h4 id="_tlpwhite">tlp:white</h4>
@@ -70484,7 +70904,22 @@ Exclusive flag set which means the values or predicate below must be set exclusi
 <p>(TLP:WHITE) Information can be shared publicly in accordance with the law.</p>
 </div>
 <div class="paragraph">
-<p>Disclosure is not limited.  Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.</p>
+<p>Disclosure is not limited.  Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. The version 2.0 of TLP doesn&#8217;t mention anymore this tag which is most probably compatible with new TLP:CLEAR tag.</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_clear">clear</h3>
+<div class="paragraph">
+<p>Recipients can spread this to the world, there is no limit on disclosure. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction.</p>
+</div>
+<div class="sect3">
+<h4 id="_tlpclear">tlp:clear</h4>
+<div class="paragraph">
+<p>(TLP:CLEAR) Recipients can spread this to the world, there is no limit on disclosure.</p>
+</div>
+<div class="paragraph">
+<p>Recipients can spread this to the world, there is no limit on disclosure. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction.</p>
 </div>
 </div>
 </div>
@@ -84303,7 +84738,7 @@ Exclusive flag set which means the values or predicate below must be set exclusi
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2022-07-08 07:29:39 +0200
+Last updated 2022-08-03 15:57:33 +0200
 </div>
 </div>
 </body>