Nice to see new sharing communities using MISP being created.

Hey, sure you can
You need to use the following parameters:

endpoint: /events/upload_stix
Accept: application/xml
Content-Type: application/json

Then you paste the content of your stix file as HTTP body of your query, and it should work

If you have any question, let me know

Yeah, to address this issue, now MISP has an additional field "threat actor classification" under which the "operation" value can be added.

Thank you for pointing this out. We welcome pull-request and changes.

FYI, MISP is no more called "Malware Information Sharing Platform" but MISP - Open Source Threat Intelligence Platform as the sharing is much more broad nowadays.

Thanks @rungrage. Latest thing we've done: extended the social media objects in @MISPProject so we can build better disinformation threat intelligence reports

Docker @MISPProject core-v2.4.125b is building

- Default to modern SSL, with secure option. Fixes other MISPs unable to connect
- Ensures submodules are updated as expected on updates
- Move SSL cert location <- NOTE THIS see #53 …

That's actually very cool, thank you @0x3c7 and @Secureworks for that! That motivated me to script (the import of @MISPProject threat-actor galaxy, 324 actors, including the targeted sector tags! On a clean @QuoLabTech instance, that looks busy :) …

threat-actor-intelligence-server software has been updated and threat actor can now be queried by country. There is public API where you can query threat actor by name, country and uuid. …

With the new misp-opendata software, MISP datasets can be automatically extracted and published on @EU_opendata @OpenDataLU portals automatically. … This work is part of the @VARIoT_project and co-funded by @inea_eu

One of our HEFESTIS Ltd members ended up with a list of 50 domains to research to see if any were malicious. I used the platform to get an answer for all 50 in a minute.

@MISPProject …

Yes - love the feature so much made the CMCF based on some advice from @Iglocska. MISP = Super helpful group of folks.

Would be great if other industry players make their IOCs as easily accessible as @ESETresearch and at …

A new version of the core format is out. It's used to exchange cybersecurity threat information () as JSON objects between Open Source Threat Intelligence Sharing Platform instances (aka Malware Information Sharing Platform) and complements other CTI formats like . …

We published an updated version of the MISP core format … and SightingDB query format by @tricaud from @devo_Inc

Any friends intergrated @sleuthkit central repository and @MISPProject before? I could really do with your knowledge if you have!

Virtual coffee's provided!

The nifty feature of @MISPProject to extend event has now its own taxonomy to support the reason behind the extended events. … Let us know what you think about it and don't hesitate to contribute.

Thanks to @Ko97551819 for the

remains a key driver in keeping our societies and economies secure, even in the face of a pandemic.

Here's a peek at our research in 2019, including work on security, encryption, & with @MISPProject

Show more
OpenCloud Luxembourg Mastodon instance

A Mastodon instance for Luxembourg and beyond.