Skip to content

Commit

Permalink
Merge pull request #876 from Mathieu4141/threat-actors/cobalt-mirage
Browse files Browse the repository at this point in the history
[threat-actors] More aliases of Iranian apts
  • Loading branch information
cvandeplas authored Oct 17, 2023
2 parents 75d950f + e086bee commit e9f884e
Showing 1 changed file with 10 additions and 3 deletions.
13 changes: 10 additions & 3 deletions clusters/threat-actor.json
Original file line number Diff line number Diff line change
Expand Up @@ -6246,13 +6246,19 @@
"https://securityaffairs.co/wordpress/56348/intelligence/magic-hound-campaign.html",
"https://www.cfr.org/cyber-operations/apt-35",
"https://blogs.microsoft.com/on-the-issues/2019/03/27/new-steps-to-protect-customers-from-hacking/",
"https://research.checkpoint.com/2022/apt35-exploits-log4j-vulnerability-to-distribute-new-modular-powershell-toolkit/"
"https://research.checkpoint.com/2022/apt35-exploits-log4j-vulnerability-to-distribute-new-modular-powershell-toolkit/",
"https://www.microsoft.com/en-us/security/blog/2021/11/16/evolving-trends-in-iranian-threat-actor-activity-mstic-presentation-at-cyberwarcon-2021/",
"https://www.sentinelone.com/labs/log4j2-in-the-wild-iranian-aligned-threat-actor-tunnelvision-actively-exploiting-vmware-horizon/",
"https://www.secureworks.com/blog/cobalt-mirage-conducts-ransomware-operations-in-us"
],
"synonyms": [
"Newscaster Team",
"Magic Hound",
"G0059",
"Phosphorus"
"Phosphorus",
"Mint Sandstorm",
"TunnelVision",
"COBALT MIRAGE"
]
},
"related": [
Expand Down Expand Up @@ -11573,7 +11579,8 @@
"https://www.microsoft.com/en-us/security/blog/2022/09/07/profiling-dev-0270-phosphorus-ransomware-operations/"
],
"synonyms": [
"Nemesis Kitten"
"Nemesis Kitten",
"Storm-0270"
]
},
"related": [
Expand Down

0 comments on commit e9f884e

Please sign in to comment.