Alexandre Dulaunoy

icon indicating a website link http://www.foo.be/ icon indicating an email [email protected]

icon company @MISP @CIRCL @cve-search and many others icon location Europe icon location Enjoy when human are using machines in unexpected ways. I break stuff and I do stuff.

Results 382 comments of Alexandre Dulaunoy

UNC2452 missing

There is a set of tools to add. StellarParticle would need to be added a synonym.

UNC2452 missing

# Threat actor galaxy ~~~json { "description": "Reporting regarding activity related to the SolarWinds supply chain injection has grown quickly since initial disclosure on 13 December 2020. A significant amount...

UNC2452 missing

Relationships to add

Solving the issue of threat actor, activity group, campaign and operation

> While I think the operation/campaign distinction makes sense for APT actors, for cybercrime they are often used the other way around: I would read a "ransomware operation" as a...

atomic threat coverage - new galaxies?

Super! Let me know when it's ready and I'll have a look. Thanks a lot.

Multiprocessing per queue is not supported

The best is to simplify such approach. In AIL for example, multiple processes can read from the same queue or publisher. That's it. So depending of the resource of the...

Multiprocessing per queue is not supported

Yes.

Multiprocessing per queue is not supported

From the disque repo: ``` WARNING: This is alpha code NOT suitable for production. The implementation and API will likely change in significant ways during the next months. The code...

[FR] Have unique UUID for case ID

I would strongly support the idea. This could be also used to shared cases via other sharing mechanisms such as MISP.

Add support of MISP-Object in live logs

Confirmed especially when you have indicators such as IP addresses in the objects.