diff options
| author | W. Kosior <koszko@koszko.org> | 2025-01-08 15:36:59 +0100 |
|---|---|---|
| committer | W. Kosior <koszko@koszko.org> | 2025-01-08 15:37:35 +0100 |
| commit | eaebabe439bd653cfa22701cb64697775d5ac38b (patch) | |
| tree | c783b0e6378d27bd7135a11da3e511a1aaa0c8f4 | |
| parent | c3d3454ab666aafe71f0cccc47699e47aaec4377 (diff) | |
| download | AGH-threat-intel-course-eaebabe439bd653cfa22701cb64697775d5ac38b.tar.gz AGH-threat-intel-course-eaebabe439bd653cfa22701cb64697775d5ac38b.zip | |
Add profile data for Elderwood based on blackobird's PDF.
| -rw-r--r-- | profiles.yaml | 53 |
1 files changed, 37 insertions, 16 deletions
diff --git a/profiles.yaml b/profiles.yaml index fffad38..dc60f00 100644 --- a/profiles.yaml +++ b/profiles.yaml @@ -997,22 +997,41 @@ groups: - name: Elderwood origin: China - # targets: - # - where: - # ref: - # - where: - # ref: - # sectors: - # - sector: - # ref: - # - sector: - # ref: - # goals: - # - goal: - # ref: - # references: - # - label: - # URL: + targets: + - where: Australia + ref: blackorbird-apt-report + - where: Canada + ref: blackorbird-apt-report + - where: China + ref: blackorbird-apt-report + - where: Denmark + ref: blackorbird-apt-report + - where: Hong Kong + ref: blackorbird-apt-report + - where: India + ref: blackorbird-apt-report + - where: Switzerland + ref: blackorbird-apt-report + - where: Taiwan + ref: blackorbird-apt-report + - where: UK + ref: blackorbird-apt-report + - where: USA + ref: blackorbird-apt-report + sectors: + - sector: defense + ref: blackorbird-apt-report + - sector: education + ref: blackorbird-apt-report + - sector: energy + ref: blackorbird-apt-report + - sector: finance + ref: blackorbird-apt-report + - sector: government + ref: blackorbird-apt-report + goals: + - goal: espionage + ref: blackorbird-apt-report - name: Ember Bear origin: Russia @@ -1813,3 +1832,5 @@ references: URL: https://www.trendmicro.com/vinfo/nl/security/news/cybercrime-and-digital-threats/a-look-into-the-lazarus-groups-operations - label: quantum-entanglement URL: https://web.archive.org/web/20200302090751/https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf + - label: blackorbird-apt-report + URL: https://raw.githubusercontent.com/blackorbird/APT_REPORT/master/Threat%20Group%20Cards.pdf |