-
Hello everyone,
I'm working on a project where I need to import data from OpenCTI connectors into Elasticsearch to create tasks. These tasks will be used for various purposes, including API develop…
-
Add better documentation on how and when slips queries the APIS of urlhaus, spamhaus and cirl, in the threat_intelligence module.
-
## Description
When the MISP connector imports an event from MISP, it shows entities like intrusion sets, threat actor groups, and malware. appear under "Entities distribution" as shown in image-1…
-
Apparently, during the last few days simplelogin.io somehow got into the Threat Intelligence Feeds on NextDNS, blocking request for everyone with that feed enabled, which seems a little unfair IMO. Pe…
-
**Kibana version**:
8.12, but potentially exists in all previous versions as well
**Description of the problem including expected versus actual behavior**:
When viewing threat intelligence resp…
-
The "threat intelligence feed" filter countered "Iliad.it" as a threat but it is a false positive since it is the official website of Iliad Italy to check the consumption of the offer.
![IMG_1984](…
-
The [definition](https://github.com/Azure/azure-rest-api-specs/blob/dad644cc6d0c88991f291eda37e18f27c16739b2/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-10-…
-
might be a good feature wherein we can manage and add a lists of list of IP from several threat intel sources, where these lists of IP(or domains) will then be converted to the blacklist.lst (or white…
-
It appears that the following paths that are off so they are not returning data:
```
GET /intel/combined/indicators/v1?filter=_marker%3A%3E%221234567890%22&limit=10000&offset=0&sort=_marker.asc
G…
-
---
layout: post
type: link
date: 2024-07-07 18:00:00 -0700
title: "Examining the Deception Infrastructure in Place Behind code.microsoft.com"
link: https://techcommunity.microsoft.com/t5/microso…