Skip to content

Instantly share code, notes, and snippets.

@nicdev

nicdev/top-threats.json

Created September 21, 2018 13:04
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save nicdev/0db5da35ac698cfb60aba882d7f8524f to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save nicdev/0db5da35ac698cfb60aba882d7f8524f to your computer and use it in GitHub Desktop.
Download ZIP
[RFI] GET /collections/top-threats
Raw
top-threats.json
[
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5d4d8ba4-d111-74d4-9f45-e7326430a209",
"collectionTitle": "HMRC Tax Refund Scam via Phishing Campaign",
"collectionWikiContent": "",
"collectionId": "5d4d8ba4d11174d49f45e7326430a209",
"owner": "",
"tags": [
"advisory",
"x-industry:all",
"phishing",
"email",
"xftas",
"campaign",
"x-risk:35"
],
"tlp": "",
"created": "2018-09-20T10:34:49.248Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 35,
"x_ibm_affected_industries": "all",
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d8012270-6728-e2cf-5def-2cc8b955fc57",
"collectionTitle": "Kodi Add-ons Containing Malware Mine Cryptocurrency",
"collectionWikiContent": "",
"collectionId": "d80122706728e2cf5def2cc8b955fc57",
"owner": "",
"tags": [
"xftas",
"cryptomining",
"advisory",
"campaign",
"malware"
],
"tlp": "",
"created": "2018-09-19T13:39:35.685Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--bea90727-02f8-af3c-5aea-d3c92edaf0a6",
"collectionTitle": "New Modular Downloaders Fingerprint Systems - Part 3: COBINT",
"collectionWikiContent": "",
"collectionId": "bea9072702f8af3c5aead3c92edaf0a6",
"owner": "",
"tags": [
"x-risk:30",
"advisory",
"malware",
"xftas",
"phishing"
],
"tlp": "",
"created": "2018-09-19T13:32:27.608Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 30,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--edb9b874-6a68-5b53-346e-d10b6460d36b",
"collectionTitle": "Turla: In and out of its unique Outlook backdoor",
"collectionWikiContent": "",
"collectionId": "edb9b8746a685b53346ed10b6460d36b",
"owner": "",
"tags": [
"advisory",
"apt",
"x-location:east-eur",
"malware",
"campaign",
"backdoor",
"xftas",
"x-industry:all",
"x-risk:32"
],
"tlp": "",
"created": "2018-09-19T13:31:31.970Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 32,
"x_ibm_affected_industries": "all",
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a6ddc252-2f83-4e9d-396c-d4036ff88b55",
"collectionTitle": "Domestic Kitten Surveillance Campaign",
"collectionWikiContent": "",
"collectionId": "a6ddc2522f834e9d396cd4036ff88b55",
"owner": "",
"tags": [
"xftas",
"advisory",
"campaign",
"threat-activity",
"spyware"
],
"tlp": "",
"created": "2018-09-19T11:24:15.547Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f895cb30-5fd7-d9f3-0360-03730ac8e77d",
"collectionTitle": "PyLocky Ransomware",
"collectionWikiContent": "",
"collectionId": "f895cb305fd7d9f3036003730ac8e77d",
"owner": "",
"tags": [
"malware",
"ransomware",
"xftas",
"advisory",
"spam"
],
"tlp": "",
"created": "2018-09-14T12:54:54.326Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--78b496f6-5de9-8217-d0be-eb64025e234f",
"collectionTitle": "LuckyMouse Signs Malicious NDISProxy Driver with Certificate of Chinese IT Company",
"collectionWikiContent": "",
"collectionId": "78b496f65de98217d0beeb64025e234f",
"owner": "",
"tags": [
"advisory",
"xftas",
"threat-actor",
"x-risk:37",
"malware"
],
"tlp": "",
"created": "2018-09-14T11:45:10.065Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 37,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--6bcf4610-86fb-509b-d596-cb1aab210ac6",
"collectionTitle": "Fallout Exploit Kit Delivers Multiple Families of Malware",
"collectionWikiContent": "",
"collectionId": "6bcf461086fb509bd596cb1aab210ac6",
"owner": "",
"tags": [
"malware",
"xftas",
"malvertising",
"campaign",
"advisory"
],
"tlp": "",
"created": "2018-09-13T22:34:48.536Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f6071c66-7a57-7bca-86b6-2cb82b15e1f5",
"collectionTitle": "CVE-2018-5002 and CHAINSHOT Malware",
"collectionWikiContent": "",
"collectionId": "f6071c667a577bca86b62cb82b15e1f5",
"owner": "",
"tags": [
"spearphish",
"advisory",
"xftas",
"malware",
"campaign"
],
"tlp": "",
"created": "2018-09-13T22:34:23.628Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a2a6346a-56ee-4ad1-bd44-2bab8751d7f2",
"collectionTitle": "Rocke: The Champion of Monero Miners",
"collectionWikiContent": "",
"collectionId": "a2a6346a56ee4ad1bd442bab8751d7f2",
"owner": "",
"tags": [
"cryptomining",
"advisory",
"vulnerability",
"malware",
"xftas"
],
"tlp": "",
"created": "2018-09-13T15:24:24.303Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--0fa6578f-adc8-aa09-ed22-05adf9fc2423",
"collectionTitle": "Middle Eastern Government Targeted By OilRig Group",
"collectionWikiContent": "",
"collectionId": "0fa6578fadc8aa09ed2205adf9fc2423",
"owner": "",
"tags": [
"xftas",
"spearphish",
"trojan",
"advisory",
"campaign"
],
"tlp": "",
"created": "2018-09-13T12:36:52.170Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--cbb0ba41-28f8-3a23-918e-0db08d8148cd",
"collectionTitle": "The Urpage Connection to Bahamut, Confucius and Patchwork",
"collectionWikiContent": "",
"collectionId": "cbb0ba4128f83a23918e0db08d8148cd",
"owner": "",
"tags": [
"campaign",
"malware",
"x-risk:42",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-09-13T12:28:02.176Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 42,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--60680123-dc6d-1b2e-c405-dce666cab376",
"collectionTitle": "A Chronology of GandCrab v4.x",
"collectionWikiContent": "",
"collectionId": "60680123dc6d1b2ec405dce666cab376",
"owner": "",
"tags": [
"malware",
"advisory",
"ransomware",
"xftas",
"x-risk:37"
],
"tlp": "",
"created": "2018-09-12T12:49:06.177Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 37,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--e0a0de17-8cbc-2be3-55e6-92c34bc077cf",
"collectionTitle": "Spam Campaign Infects Users in Japan with BEBLOH and URSNIF Malware",
"collectionWikiContent": "",
"collectionId": "e0a0de178cbc2be355e692c34bc077cf",
"owner": "",
"tags": [
"malware",
"phishing",
"advisory",
"xftas",
"campaign"
],
"tlp": "",
"created": "2018-09-12T02:00:03.895Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--204ff79a-037c-cd3f-6e2e-f31df1bc96f1",
"collectionTitle": "Android/HiddenMiner.A!tr Sample Analyzed",
"collectionWikiContent": "",
"collectionId": "204ff79a037ccd3f6e2ef31df1bc96f1",
"owner": "",
"tags": [
"coinminer",
"malware",
"monero",
"xftas",
"advisory"
],
"tlp": "",
"created": "2018-09-11T12:59:31.327Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--744da350-1a98-a080-0796-064cda0174c6",
"collectionTitle": "Yet Another Monero Miner",
"collectionWikiContent": "",
"collectionId": "744da3501a98a0800796064cda0174c6",
"owner": "",
"tags": [
"malware",
"advisory",
"xftas",
"monero"
],
"tlp": "",
"created": "2018-09-11T01:27:41.075Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--20ce93bf-9659-3699-ce8e-d0e70124cc62",
"collectionTitle": "Recent Geodo Malware Campaigns Feature Heavily Obfuscated Macros",
"collectionWikiContent": "",
"collectionId": "20ce93bf96593699ce8ed0e70124cc62",
"owner": "",
"tags": [
"malware",
"bankingtrojan",
"advisory",
"xftas",
"phishing"
],
"tlp": "",
"created": "2018-09-10T16:37:55.731Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--14c1c15b-4f95-7880-268c-94aad0f9b25f",
"collectionTitle": "Hakai Variant",
"collectionWikiContent": "",
"collectionId": "14c1c15b4f957880268c94aad0f9b25f",
"owner": "",
"tags": [
"vulnerability",
"x-risk:33",
"malware",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-09-07T14:37:40.520Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": 33,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4dc75868-68cc-fd8e-d461-04d6b1cf5fb3",
"collectionTitle": "PowerPool malware exploits ALPC LPE zero-day vulnerability",
"collectionWikiContent": "",
"collectionId": "4dc7586868ccfd8ed46104d6b1cf5fb3",
"owner": "",
"tags": [
"xftas",
"malware",
"advisory",
"phishing",
"0-day"
],
"tlp": "",
"created": "2018-09-07T13:38:13.085Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d7e9e794-56e1-1f34-417d-55689093d71d",
"collectionTitle": "Email Campaign Delivers HERMES Ransomware via a Password Protected Word Document",
"collectionWikiContent": "",
"collectionId": "d7e9e79456e11f34417d55689093d71d",
"owner": "",
"tags": [
"ransomware",
"incident",
"advisory",
"xftas",
"campaign"
],
"tlp": "",
"created": "2018-09-07T06:07:07.889Z",
"modified": "2018-09-21T13:00:25.882Z",
"x_ibm_relevance_score": null,
"x_ibm_affected_industries": null,
"x_ibm_affected_countries": null,
"x_ibm_threat_type": "Threat Activity"
}
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment