Thanks @rungrage. Latest thing we've done: extended the social media objects in @MISPProject so we can build better disinformation threat intelligence reports
That's actually very cool, thank you @0x3c7 and @Secureworks for that! That motivated me to script (the import of @MISPProject threat-actor galaxy, 324 actors, including the targeted sector tags! On a clean @QuoLabTech instance, that looks busy :)
threat-actor-intelligence-server software has been updated and threat actor can now be queried by country. There is public API where you can query threat actor by name, country and uuid. #ThreatIntelligence
With the new misp-opendata software, MISP datasets can be automatically extracted and published on @EU_opendata @OpenDataLU portals automatically. #threatintel #opendata
https://github.com/MISP/misp-opendata … This work is part of the @VARIoT_project and co-funded by @inea_eu #CEFtelecom #PODpic.twitter.com/qF3gcwupOO
One of our HEFESTIS Ltd members ended up with a list of 50 domains to research to see if any were malicious. I used the #MISP platform to get an answer for all 50 in a minute.
Would be great if other industry players make their IOCs as easily accessible as @ESETresearch #misp and #yara at
A new version of the #MISP core format is out. It's used to exchange cybersecurity threat information (#CTI) as JSON objects between Open Source Threat Intelligence Sharing Platform instances (aka Malware Information Sharing Platform) and complements other CTI formats like #STIX.
We published an updated version of the MISP core format
https://www.misp-standard.org/rfc/misp-standard-core.html … and SightingDB query format by @tricaud from @devo_Inc #threatintel #Interoperability #openstandardpic.twitter.com/9daMliEiLD
The nifty feature of @MISPProject to extend event has now its own taxonomy to support the reason behind the extended events.
https://www.misp-project.org/taxonomies.html#_extended_event … Let us know what you think about it and don't hesitate to contribute. #threatintel
Thanks to @Ko97551819 for the contribution.pic.twitter.com/HSUco4l1g0
IOC available in the PDF (p23
Or directly on Github
Bonus from @eset : @MISPProject event available as well <3
The detailed white paper is available here:
As usual, the Indicators of Compromise and a @MISPProject event are available on our GitHub repository:
https://github.com/eset/malware-ioc/tree/master/turla#turla-comrat-v4-indicators-of-compromise … #ESETresearch 4/4
A Mastodon instance for Luxembourg and beyond.