Alexandre Dulaunoy
Alexandre Dulaunoy
This should be fixed. Feel free to reopen the issue if it's not. Thank you.
Hi, I think it's a matter of security architecture within your organisation. There is no specific issue to install Cerebrate and MISP on the same instances, it will be just...
Blast from the past, thanks for the recall! I just add a look why I did this quick-and-dirty issue. After looking into my notes, the idea was the following based...
Thanks for the contribution, maybe extending the existing object https://github.com/MISP/misp-objects/tree/main/objects/android-app would do the job?
@gallypette if you have feedback or idea to merge the two objects, let me know.
It's indeed a good point. Following a discussion with @iglocska MISP core should have a dedicated custom directory for the misp-warning-lists next to the upstream github repository in the future....
Some more notes: https://www.iblue.team/general-notes-1/favicon-hashing-and-hunting-with-shodan
Some ideas for the galaxy - Use the name `producer` instead of security vendors - Use tags or classification https://github.com/MISP/misp-taxonomies/blob/3d61b20e7ee8bca21f9bffe53c0952c54a6b72b0/information-security-data-source/machinetag.json#L228 to have a consistent way to describe what they actually...
First version at https://github.com/MISP/misp-galaxy/blob/main/clusters/producer.json
The airtable link is outdated compared to what we have in the threat-actor galaxy. It also seems that is unmaintained for some years. So we can safely close this issue.