From ca2f9425920a8ce2a0589f97b710bd964236613c Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 22 Dec 2021 16:52:47 +0100 Subject: [PATCH] new: [blog] MISP release 2.4.152 --- _posts/2021-12-22-MISP.2.4.152.released.md | 62 ++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 _posts/2021-12-22-MISP.2.4.152.released.md diff --git a/_posts/2021-12-22-MISP.2.4.152.released.md b/_posts/2021-12-22-MISP.2.4.152.released.md new file mode 100644 index 0000000..d51b0a2 --- /dev/null +++ b/_posts/2021-12-22-MISP.2.4.152.released.md @@ -0,0 +1,62 @@ +--- +title: MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more. +layout: post +featured: /assets/images/misp/blog/timeline-improvement.png +--- + +# MISP 2.4.152 released + +MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more. + +LinOTP authentication module has been improved to include a mixed mode where OTP and MISP password can be used together. + +Timeline now includes images from objects. Improvement in the sighting view in the timeline and various bugs were fixed. + +New optional synchronisation filtering has been added to remove specific attribute type or object type when syncing. The functionality can be used +for final recipient organisation to filter out specific type of information due to legal or specific internal police. The filtering feature is disabled +by default and need to be enabled in the general configuration. This feature is for ISACs or final organisations not redistributing information to other MISP communities. + +A new STIX 1 and 2 export for attribute restSearch has been added in complement to the existing event export in STIX 1 and 2. The export works just like the other export +format, you have to specify the format requested in your attribute restSearch query. + + +Many internal improvements and bugs fixed. + +# MISP Modules + +- New [Qintel sentry module](https://misp.github.io/misp-modules/expansion/#qintel_qsentry) added. +- [CIRCL hashlookup expansion](https://circl.lu/services/hashlookup/) SHA-256 support added. + +The [MISP modules changelog is available](https://www.misp-project.org/Changelog-misp-modules.txt). + +# MISP Taxonomies + +- New [political spectrum taxonomy](https://www.misp-project.org/taxonomies.html#_political_spectrum) added. +- Improvement in exercise taxonomy. +- New [deception taxonomy](https://www.misp-project.org/taxonomies.html#_deception) added. + +[MISP Taxonomies changelog](https://www.misp-project.org/Changelog-misp-taxonomies.txt) is available. + +# MISP Galaxy + +- New matrix [CONCORDIA Mobile Modelling Framework - Attack Pattern](https://www.misp-project.org/galaxy.html#_concordia_mobile_modelling_framework_attack_pattern) added (thanks to [Concordia H2020 project](https://www.concordia-h2020.eu/)). +- Many update in threat actor, RAT and tools galaxy. + +[MISP Galaxy changelog](https://www.misp-project.org/Changelog-misp-galaxy.txt) + +# MISP Objects + +- New Concordia intrusion set object. +- New temporal event object. +- Many improvements in userperson, postal-address, email object. +- New relationships added such as `found-in`, `works-with`, `drives`. + +[MISP objects changelog](https://www.misp-project.org/Changelog-misp-objects.txt) + +# Acknowledgement + +We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) +. + +As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements in MISP core. +