We are pleased to announce the immediate availability of MISP v2.4.169 with various improvements and bug fixes.
It includes many improvement release of misp-stix, the core Python library for importing and exporting STIX (1, 2.0 and 2.1).
fail2ban is known to do a great job at giving attackers a hard time when they try to “test” passwords or enumerate users of a service. fail2ban constantly analyses relevant log files and keeps track of IP addresses trying to log into such services. If a configurable threshold is reached, it uses the Linux firewall (Netfilter / iptables) to block the suspected attackers.
As of the past 2 months, we’ve received two separate reports of two unrelated SQLi vector vulnerabilities in MISP that can lead to any authenticated user being able to execute arbitrary SQL queries in MISP.
We are pleased to announce the immediate availability of MISP v2.4.168 with bugs fixed and various security fixes.
It includes a rather substantial release of misp-stix, the core Python library for importing and exporting STIX (1, 2.0 and 2.1).
We are pleased to announce the immediate availability of MISP v2.4.167 with new features and fixes, bugs fixed and a security fix.
Jupyter notebook used during the training session.
MISP has been a widely used open source CTI platform for the past decade, with a long list of tools that allow users to customise the data models and contextualisation of the platform, yet true customisation of the actual workflows and processes had to be done externally using custom scripts.
We are pleased to announce the immediate availability of MISP v2.4.166 with new features and fixes, including two critical security fixes.
We are pleased to announce the immediate availability of MISP v2.4.165 with many improvements to the workflow subsystem along with various performance improvements.
When you receive threat intelligence from different sources you quickly realise there is a big difference in the quality of the received information. Where some organisations go to great length to ensure their events are accurate, complete and contextualised, other organisations use different standards. Some of these differences are caused by particular use cases but can also be caused by human errors or maturity growing pains. Regardless of what’s causing these differences, as a consumer, it costs time to wade through events and manually curate them.
Communities can share cyber threat intelligence on platforms, such as MISP. In the H2020 project Prometheus TNO has developed a way to securely aggregate cyber threat intelligence and publish the result on MISP.
We are pleased to announce the immediate availability of MISP v2.4.164 with a new tag relationship features, many improvements and a security fix.
We are pleased to announce the immediate availability of MISP v2.4.163 with an updated periodic notification system and many improvements.
For more information, check out the Periodic summaries - Visualize summaries of MISP data blog.
We are pleased to announce the immediate availability of MISP v2.4.162 with a new periodic notification system, workflow updates and many improvements.
Let’s say that by no means should an attribute of type passport-number leave your MISP instance. Aside from the analyst following best practices when encoding the data, MISP does not have a built-in mechanism to prevent these leaks to happen, but now you can achieve this by using a third-party tool called misp-guard.
As of version 2.4.162, MISP includes a periodic summary feature allowing users to consult a summary based on a requested time-frame for data the user has access to.
We are pleased to announce the immediate availability of MISP v2.4.161.
tlp:amber+strict and tlp:clear are now valid tagsexternal_references parsing for attack patterns objectsThanks to all the contributors and users reporting bugs to make the software better.
We are pleased to announce the immediate availability of MISP v2.4.160. With the August summer-holiday season kicking into high gear, we have a very special release for you all, containing a long list of major new features, improvements and general quality of life improvements.
There are a lot of websites that regularly publish reports on new threats, campaigns or actors with useful indicators, references and context information. Unfortunately only a few publish information in an easily accessible and structured format, such as a MISP-feed. As a result, we often find ourself manually scraping these sites, and then copy-pasting this information in new MISP events. These tedious tasks are time-consuming and certainly not the most interesting aspect of CTI-work.
We are pleased to announce the immediate availability of MISP v2.4.159. This releases includes many improvements, bug fixes and improvements concerning performance on large datasets.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.