Skip to content

Commit 602716a

Browse files
amshamah419Kchekh
amshamah419
and
Kchekh
authored
Group-IB 2.0.0 release (reopen) (demisto#39414)
* Update Group-IB Threat Intelligence Pack (demisto#37239) * Skip certain validations * Various fixes * RNs redo * New RN format * Various fixes * Various fixes * Fix pack ignore * Fix for docs and ignore * .pack-ignore Formatting issues * Add BC notice * RNs * Additional readme changes * try committing to solve the issue * Fix potentially * Ignore RM110 --------- Co-authored-by: Kiriill <[email protected]>
1 parent 6d60d73 commit 602716a

File tree

323 files changed

+58823
-7137
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

323 files changed

+58823
-7137
lines changed

Packs/GroupIB_ThreatIntelligenceAttribution/.pack-ignore

Lines changed: 599 additions & 17 deletions
Large diffs are not rendered by default.

Packs/GroupIB_ThreatIntelligenceAttribution/.secrets-ignore

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
11.11.11.11
22
https://some.ru
3+
https://some-url.com
34
some.ru
45
109.70.100.46
56
[email protected]
@@ -14,4 +15,8 @@ password
1415
name TA
1516
Name
1617
provider
17-
region
18+
region
19+
gibextendedcvsstemporal
20+
softwareMixed.softwareType
21+
[email protected]
22+
roup-ib.com

Packs/GroupIB_ThreatIntelligenceAttribution/Classifiers/classifier-Group-IB_Threat_Intelligence_classifier.json

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3,14 +3,28 @@
33
"feed": false,
44
"id": "Group-IB Threat Intelligence (classifier)",
55
"keyTypeMap": {
6-
"bp/phishing": "GIB Brand Protection Phishing",
7-
"bp/phishing_kit": "GIB Brand Protection Phishing Kit",
8-
"compromised/account": "GIB Compromised Account",
96
"compromised/breached": "GIB Data Breach",
10-
"compromised/card": "GIB Compromised Card",
11-
"malware/targeted_malware": "GIB Targeted Malware",
127
"osi/git_repository": "GIB OSI Git Leak",
13-
"osi/public_leak": "GIB OSI Public Leak"
8+
"osi/public_leak": "GIB OSI Public Leak",
9+
"compromised/account_group": "GIB Compromised Account Group",
10+
"compromised/bank_card_group": "GIB Compromised Card Group",
11+
"compromised/mule": "GIB Compromised Mule",
12+
"suspicious_ip/vpn": "GIB Suspicious IP VPN",
13+
"suspicious_ip/scanner": "GIB Suspicious IP Scanner",
14+
"suspicious_ip/tor_node": "GIB Suspicious IP TOR Node",
15+
"suspicious_ip/open_proxy": "GIB Suspicious IP Open Proxy",
16+
"suspicious_ip/socks_proxy": "GIB Suspicious IP Socks Proxy",
17+
"malware/malware": "GIB Malware",
18+
"malware/cnc": "GIB Malware CNC",
19+
"attacks/ddos": "GIB Attacks DDOS",
20+
"attacks/deface": "GIB Attacks Deface",
21+
"attacks/phishing_kit": "GIB Attacks Phishing Kit",
22+
"attacks/phishing_group": "GIB Attacks Phishing Group",
23+
"hi/threat": "GIB Cybercriminal Threat",
24+
"hi/threat_actor": "GIB Cybercriminal Threat Actor",
25+
"apt/threat_actor": "GIB Nation-State Cybercriminals Threat Actor",
26+
"apt/threat": "GIB Nation-State Cybercriminals Threat",
27+
"osi/vulnerability": "GIB OSI Vulnerability"
1428
},
1529
"name": "Group-IB Threat Intelligence (classifier)",
1630
"transformer": {

0 commit comments

Comments
 (0)