misp-galaxy icon indicating copy to clipboard operation
misp-galaxy copied to clipboard
verified publisher icon MISP

Consider including cfr-vulnerabilities-exploited meta field

Open jstnk9 opened this issue 2 years ago • 1 comments

Hi :)

With the goal of create relations between threat actors and vulnerabilities exploited/used, I would like to propose if it's possible include the field cfr-vulnerabilities-exploited as an official field in the meta information within clusters.

If yes, I'll contribute with information about threat actors and CVEs used during their operations.

Thank you guys, Cheers

jstnk9 avatar Oct 13 '23 08:10 jstnk9

It's a good idea.

CFR are usually related to https://www.cfr.org/cyber-operations/ but we could make an official meta field called vulnerabilities-exploited to include the information with the list of CVEs.

adulau avatar Mar 11 '24 09:03 adulau