We are pleased to announce the immediate availability of MISP v2.4.195, a summer release aiming to introduce new features, fix a long list of reported bugs and deficiencies as well as give your servers a breather in the scorching summer heat by taking a load off your CPUs thanks to a set of impactful performance fixes.
MISP 2.4.194 released with new functionalities and various bugs fixed.
/users/heartbeat endpoint./users/view, /admin/users/view, /admin/users/index endpoints.exposed_to_org field.mysql.sql.mysql.sql.For a complete list of updates, please refer to the changelog pages. Many thanks to all the diligent contributors that ensure that MISP keeps improving rapidly!
MISP 2.4.193 released with many bugs fixed, API improvements and security fixes
[attributes/enrich] endpoint added.
/attributes/enrich/[attribute_id|attribute_uuid]{"dns": 1, "foo_bar_baz": 1} listing all modules to execute.[misp-community] MISP-LEA information sharing community added.
Security Enhancements:
Logging and Tracking:
We are excited to announce the release of MISP v2.4.190. This latest version introduces a slew of new features, improvements, and fixes designed to streamline operations and enhance security measures for our users.
We are pleased to announce the immediate release of MISP 2.4.189, released with bug fixes, performance improvements and a new blocklist feature.
This lab explains how to connect MISP to the Elastic Stack in order to leverage IOCs from MISP and trigger alerts based on user defined rules.
The MISP Project, renowned for its threat intelligence sharing platform, and Yeti Platform, the Forensics Intelligence platform supporting CTI and DFIR practitioners, are coming together to create a more robust and interconnected open source landscape.
We are pleased to announce the immediate release of MISP 2.4.188, with major performance improvements and many bugs fixed.
ignoreIndexHint parameter (mysqlExtended, mysqlObserverExtended).forceIndexHint.restsearch and /events/view endpoints). This helps with performance issues caused by large sighting data sets.BadRequestException as fail log in CI.misp-galaxy, misp-object, and warning-lists.analyst-data and event-reports.sightings:getLastSighting.includeDecayScore by a factor of 5.unpublishedprivate directive.CURLOPT_NOBODY for HEAD requests.redisReady in dragonfly.Exception to Throwable in ECS.MISP.email_reply_to to server config.misp-stix, attachment scan error handling, OIDC default org handling, alert email titles, shadow attribute handling, and community additions (ICS-CSIRT.io).Details changes are available in Changelog.
We are pleased to announce the immediate release of MISP 2.4.187, including security fixes, new features and bugs fixes.
org list to shell commands.OidcAuth.update_user_role to disable role changes from OIDC.ext-zstd to suggested PHP extensions.removeTagFromObject().Details changes are available in Changelog.
In the ever-evolving landscape of information security, the need for adaptable and efficient tools has never been greater. The MISP project, known for facilitating the sharing of structured threat information, has taken a significant leap forward. We’re excited to announce a pivotal enhancement to the misp-modules, a collection of modules for MISP, extending their functionality to operate not only as an integral part of MISP but also as a standalone web application.
We are pleased to announce the immediate release of MISP 2.4.186, which includes two major new feature called “Analyst Data” and “Collections” along with an extension to the MISP standard format.
Historically, teams shared indicators of compromise (IOCs) via email in documents that were often difficult to analyze and challenging to automate for processing.
We are happy to announce the immediate availability of MISP 2.4.185. This is mainly a bug fix release resolving several issues as well as tightening the security posture of the org image handling.
MISP 2.4.184 released with performance improvements, security and bugs fixes.
MISP.disable_cached_exports enabled by default. Since the /events/export has been marked deprecated for a years, we are starting the process to phase it out by first disabling the endpoint by default. The MISP ReST search API is the API to be used in the future if you still have very old scripts relying on export. We recommend to start making plans to rework those scripts.A series of security fixes were done in this release, the vulnerabilities are accessible to authenticated users, especially those with specific privileges like Org admin. We urge users to update to this version especially if you have different organisations having access to your instances.
MISP 2.4.183 released with a new ECS log feature, improvements and bugs fixed.
Security.ecs_log to enable this new functionality. A new Security.alert_on_suspicious_logins to security audit has been added.Many bugs fixed and minor improvements. Feel free to read the detailed changelog
MISP 2.4.182 released with new features, improvements bugs fixed and an important security fix.
show_server_correlations_for_all_users
allowing non-privileged users to view server correlations. [Sami
Mokaddem][Version] bump. [iglocska]
MISP 2.4.180 released with a new security user login profile feature, bugs fixed and many improvements.
Merge remote-tracking branch ‘origin/develop’ into 2.4. [Christophe Vandeplas]
MISP 2.4.179 released with a host of improvements a security fix and some new tooling.
We currently included our first attempt at an LLM integration for report summarisation and extraction. The development is an outcome of our work with @aaronkaplan during hack.lu 2024 and relies on stochasticCTIExtractor for the extraction and interfacing with LLMs.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.