Proposal: add circl:incident-classification="cryptojacking"

MISP / misp-taxonomies

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

https://www.circl.lu/doc/misp-taxonomies/

Other

258 stars 134 forks source link

Proposal: add circl:incident-classification="cryptojacking" #90

Closed d-lord closed 6 years ago

d-lord commented 6 years ago

Hi! I've looked through this repo and I'm not sure how to propose the extension of existing taxonomies.

I think the circl:incident-classification set is very useful, but at AusCERT we've seen a lot of cryptocurrency-mining attacks and would like a standard tag for them.

Happy to make a pull request if that's the correct approach. Is the taxonomy defined elsewhere and would need some discussion?

adulau commented 6 years ago

Indeed good point! It's now fixed in cee6c9dc969353e63ee9ca93141f2b395bd2a0d2 .

The CIRCL official taxonomy has been fixed too: https://www.circl.lu/pub/taxonomy/

Thank you for your feedback.