First cool and impressive outcome of hackathon.lu 2025, MISP fleet commander. An open source project which supports organisation to manage large fleet of MISP instances, tests synchronisation and many other features.
Recherches récentes
Options de recherche
#misp
1 message1 participant0 message aujourd’hui
We just opened a discourse for the hackathon.lu to coordinate more on the different projects, tasks or ideas.
https://discourse.ossbase.org/c/hackathon-lu/5 https://hackathon.lu/
It's a 2-day physical Hackathon, held in Luxembourg on April 8th and 9th, 2025, focuses on the development of free and open-source software for cybersecurity. We aim to convene diverse developer groups to collaborate on complex programming challenges within key cybersecurity areas, such as information sharing, threat intelligence, network and system forensics, data mining, network and computer exploitation, and defense techniques.
ossbase.orghackathon.luThis <strong>2-day physical <a href="https://hackathon.lu/">Hackathon</a>, held in Luxembourg on April 8th and 9th, 2025</strong>, focuses on the development of free and open-source software for cybersecurity. We aim to convene diverse developer groups to collaborate on complex programming challenges within key cybersecurity areas, such as information sharing, threat intelligence, network and system forensics, data mining, network and computer exploitation, and defense techniques. The hackathon’s objectives include improving existing <a href="https://hackathon.lu/projects/">open-source security projects</a>, enhancing interoperability and integration between different security tools, and driving the creation of innovative new solutions.
MISP v2.4.206 and v2.5.8 introduces new workflow modules, enhanced object relationship management and significant improvements to the event synchronisation mechanism. Key highlights include improved a reworked attribute search functionality, better handling of event reports, and various security fixes. Additionally, numerous optimizations and bug fixes enhance stability and performance.
#opensource #threatintel #misp
Release notes https://www.misp-project.org/2025/03/19/MISP.2.5.8.and.2.4.206.released.html/
GIF
The MISP project maintains and offers a comprehensive knowledge base covering threat actors, ransomware groups, malware, and more.
Even if you don't use MISP, you can now easily search across all MISP Project knowledge bases, including galaxies, taxonomies, and MISP object templates.
The MISP Project is pleased to announce the release of MISP v2.5.7 and v2.4.205, bringing several new features, important fixes, and enhancements to improve the overall user experience and platform functionality. This release addresses critical improvements in synchronization filtering, correlation management, and UI enhancements, ensuring a more stable and efficient MISP environment.
#opensource #threatintel #threatintelligence #misp
https://www.misp-project.org/2025/02/24/MISP.2.5.7.and.2.4.205.release.html/
MISP Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing · MISP v2.4.205 and v2.5.7 Released - Enhancements, Fixes, and Improved Correlation ManagementMISP Threat Intelligence & Sharing
Vulnerability app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search.
https://vulnerability.circl.lu/cve/CVE-2024-57969
A reminder to always run the latest version of MISP to ensure reported vulnerabilities are addressed.
vulnerability.circl.lucvelistv5 - CVE-2024-57969Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.
If you're running MISP in a compartmentalized, classified, or sensitive network, controlling the flow of information is crucial. You need a simple yet independent and auditable tool to manage data exchange between MISP instances effectively.
We’re pleased to announce the release of misp-guard version 1.1, incorporating multiple improvements based on feedback from various organizations, including military and intelligence agencies.
GitHubRelease v1.1 · MISP/misp-guardWhat's Changed
add: extend coverage, fix analyst data inspection by @righel in #17
add more logging
change logging defaults
live-reload config if config file was changed, log config settings on lo...
MISP Analyst Data Format - Enhancing STIX 2.1 Integration
The MISP Analyst Data format, part of the broader MISP-standard.org ecosystem, represents a significant step forward in structuring and exchanging cyber threat intelligence. Developed in collaboration with partners, this format builds upon the lessons learned addressing its practical shortcomings while ensuring greater efficiency, flexibility, and usability for analysts.
https://www.misp-project.org/2025/02/07/MISP_Support_for_Analyst_Data_converter_from_STIX2.html/
The MISP team is excited to announce the release of MISP v2.5.6 and MISP v2.4.204. These updates bring several new features, fixes, and performance improvements to enhance the platform’s usability and efficiency.
https://www.misp-project.org/2025/01/13/MISP.2.5.6.and.2.4.204.release.html/
The MISP-standard.org is proud to announce the release of a new standard: Threat Actor Naming (RFC). This standard addresses one of the most critical challenges in cybersecurity information sharing—the consistent and reliable identification of threat actors.
#standard #openstandard #cybersecurity #misp #threatintelligence #threatintel
MISP Standard · MISP-standard.org - Introducing the MISP Threat Actor Naming StandardHow to name threat actor and adversaries in threat intelligence
We are excited to announce the latest updates to MISP with versions v2.5.3 and v2.4.201, which bring numerous enhancements, bug fixes, and security improvements to strengthen threat information sharing capabilities
#opensource #misp #cybersecurity #informationsharing #cti #threatintel #threatintelligence
https://www.misp-project.org/2024/12/22/MISP.2.5.3.and.2.4.201.release.html/
MISP Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing · MISP v2.5.3 and v2.4.201 released with numerous enhancements, bug fixes, and security improvements to strengthen threat information sharing capabilities.MISP Threat Intelligence & Sharing
AIL 6.0 and MISP-LEA: Empowering LEAs with Direct Access to a Data Lake of Dark Web and Cybercriminal Information.
We are thrilled to announce the integration of the latest AIL 6.0 release into the MISP-LEA ecosystem, enabling Law Enforcement Agencies (LEAs) to request and gain direct access to a comprehensive data lake containing dark web crawled information...
FlowIntel 1.3.1 released and MISP integration.
FlowIntel is a lightweight and flexible platform built to help teams manage their tasks and cases efficiently. It offers a range of features, from detailed documentation tools to integration with external platforms, ensuring that workflows remain seamless and adaptable to various needs.
https://www.misp-project.org/2024/12/09/FlowIntel.1.3.1.released.and.MISP.integration.html/
New blog post: Improving Cybersecurity Taxonomies Describing Impact and Cyber Harms Against Organizations
I’ve introduced a new MISP taxonomy and shared insights into the critical role of impact description in effective information sharing.
#CyberSecurity #MISP #taxonomies #taxonomy
https://foo.be/2024/12/Improving-Cybersecurity-Impact-Taxonomies
The Chinese APT Techniques report from Intel471 highlights insights into vulnerability exploitation. Interestingly, some MISP communities had already shared related details as early as three years ago.
Better tracking, usage, and visibility of vulnerabilities are essential for SOCs and DFIR teams to prioritize their focus effectively.
#misp #vulnerability #threatintel #cybersecurity
@misp
@circl https://vulnerability.circl.lu/bundle/c54ba016-1255-4e07-9fb6-686f9a0a936b#combined-sightings
vulnerability.circl.luBundle - Chinese APT TechniquesVulnerability-Lookup - Fast vulnerability lookup correlation from different sources.
Latest version of MITRE ATT&CK @mitreattack has been added in MISP galaxy and will be available in MISP.
https://github.com/MISP/misp-galaxy/commit/a5fd2de2d9a7e867cc200079bcf4bdb4bce39688
GitHubchg: [mitre attack] updated to the latest version · MISP/misp-galaxy@a5fd2deClusters and elements to attach to MISP events or attributes (like threat actors) - chg: [mitre attack] updated to the latest version · MISP/misp-galaxy@a5fd2de
Exploring the debate around TA attributions like Salt Typhoon, GhostEmperor, or FamousSparrow and how they differ from Earth Estries.
The new analyst data and opinion in MISP makes it easier to document and explain such disagreements in attribution.
New features in vulnerability lookup includes sighting from different sources including @misp communities. The example below is a vulnerability in Android but the CVE is not yet published. You can track the sighting evolution.
https://vulnerability.circl.lu/vuln/CVE-2024-43093#sightings
MISP Galaxy 2024110700 has been released with many updates and improvements.
GitHubRelease MISP Galaxy 2024110700 has been released with many updates and improvements · MISP/misp-galaxyMISP Galaxy Release Notes
Release Date: November 7, 2024
Overview:
This release introduces a variety of updates and enhancements to the MISP galaxy and clusters. Highlights include updates to threa...
Running MISP in classified networks or air-gapped infrastructure, there is a new version of misp-guard
https://github.com/MISP/misp-guard/releases/tag/v0.6
« misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based on a set of customizable block rules. »
#misp #threatintelligence #informationsharing #opensource #mitmproxy
GitHubRelease v0.6 · MISP/misp-guardWhat's Changed
Add Whitelisting Features to allow some external conntections by @sva-mk in #4
Allow galaxy clusters sync by @righel in #5
fix: change namings to make it generic by @righel in #6
fi...