MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [blog] MISP release 2.4.152

pull/54/head
Alexandre Dulaunoy 2021-12-22 16:52:47 +01:00
parent 63d09bbf5b
commit ca2f942592
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 62 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
_posts/2021-12-22-MISP.2.4.152.released.md Normal file
View File

@ -0,0 +1,62 @@
---
title: MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more.
layout: post
featured: /assets/images/misp/blog/timeline-improvement.png
---
# MISP 2.4.152 released
MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more.
LinOTP authentication module has been improved to include a mixed mode where OTP and MISP password can be used together.
Timeline now includes images from objects. Improvement in the sighting view in the timeline and various bugs were fixed.
New optional synchronisation filtering has been added to remove specific attribute type or object type when syncing. The functionality can be used
for final recipient organisation to filter out specific type of information due to legal or specific internal police. The filtering feature is disabled
by default and need to be enabled in the general configuration. This feature is for ISACs or final organisations not redistributing information to other MISP communities.
A new STIX 1 and 2 export for attribute restSearch has been added in complement to the existing event export in STIX 1 and 2. The export works just like the other export
format, you have to specify the format requested in your attribute restSearch query.
Many internal improvements and bugs fixed.
# MISP Modules
- New [Qintel sentry module](https://misp.github.io/misp-modules/expansion/#qintel_qsentry) added.
- [CIRCL hashlookup expansion](https://circl.lu/services/hashlookup/) SHA-256 support added.
The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt).
# MISP Taxonomies
- New [political spectrum taxonomy](https://www.misp-project.org/taxonomies.html#_political_spectrum) added.
- Improvement in exercise taxonomy.
- New [deception taxonomy](https://www.misp-project.org/taxonomies.html#_deception) added.
[MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available.
# MISP Galaxy
- New matrix [CONCORDIA Mobile Modelling Framework - Attack Pattern](https://www.misp-project.org/galaxy.html#_concordia_mobile_modelling_framework_attack_pattern) added (thanks to [Concordia H2020 project](https://www.concordia-h2020.eu/)).
- Many update in threat actor, RAT and tools galaxy.
[MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt)
# MISP Objects
- New Concordia intrusion set object.
- New temporal event object.
- Many improvements in userperson, postal-address, email object.
- New relationships added such as `found-in`, `works-with`, `drives`.
[MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt)
# Acknowledgement
We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html)
.
As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core.