MISP 2.4.143 released including a new audit subsystem, various quality of life improvements and bug fixes.
MISP has, as of the 15th of May, turned 10, to celebrate the occasion we have a celebratory MISP logo acting as a temporary replacement of the usual one for the duration of this release.
MISP 2.4.142 released including many new features, a security fix and a long list of quality of life improvements.
MISP 2.4.141 released including many improvements from email notification, UI, API and installation scripts.
and many more updates check the changelog for details.
MISP objects are containers around contextually linked attributes. They support analysts in grouping related attributes and describing the relations that exist between the data points in a threat event. Combining these objects and relations is something that can then be used to represent the story of what is being told in the threat event.
We have released 2.4.140, the latest release for MISP, introducing a host of new features, including integrations with various authentication systems, various improvements to the handling of objects, CLI improvements as well as a package containing general bug fixes, along with the usual update of the JSON libraries.
We have released 2.4.139, the latest release for MISP squashes a set of pretty annoying bugs, whilst also adding some shiny new features to play with, along with the usual update of the JSON libraries.
We have released 2.4.138, the latest release for MISP along with an update of the JSON libraries.
We have released 2.4.137, a security and bug fix release including a collection of fixes and improvements collected over the past month.
Though we’re rather late with the release notes, we did have some goodies to share for the winter festivities, bundled neatly into the 2.4.136 release.
Don’t let the minor version number change fool you, this release is a game changer for MISP and information sharing in general. Galaxy 2.0 brings about the ability to customise Galaxy clusters (threat-actors, @MITREattack or any knowledge base element) as well as to extend and share it within your community. This release also includes many new improvements such as a new authkey system to better handle your API keys in MISP.
In the previous version of MISP, the new Event Report functionality has been introduced to edit, visualise and share reports in Markdown format, which includes the ability to reference elements from within a MISP event.
MISP is widely known as a powerful tool to gather, correlate and share information. As a response to the growing information-sharing maturity of the community, more features have been introduced over the past few years to meet analyst skills and requirements.
MISP is widely known as a powerful tool to gather, correlate and share information. As a response to the growing information-sharing maturity of the community, more features have been introduced over the past few years to meet analyst skills and requirements.
Here the goal is to push to MISP information gathered on Github. The script add_github_user.py will be used as an example.
A new version of MISP (2.4.132) has been released with several bugs fixed including an important security fix CVE-2020-25766.
A new version of MISP (2.4.131) has been released with improvements, bug fixes and a major update to JavaScript libraries.
A previous post covered how to do MISP service monitoring with OpenNSM. Because having different options is good, this post covers how to achieve similar results with Cacti. For those not familiar with Cacti: it is a network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality.
A new version of MISP (2.4.130) has been released with performance improvements, multiple bugs fixed and new features.
Many organisations adore how quick and easy MISP can be set up. Once it’s running, people start integrating it into their processes and begin to rely on it, for instance by exporting indicators and using them in security or network focused software. Usually this is the time when MISP becomes a fundamental part in the portfolio of fighting attacks, and the need for reliability grows rapidly.
MISP Galaxies and Clusters are an easy way to add context to data. Compared to the relatively simple concept of tags and taxonomies, they allow you to add more complex data structures. There is already a large list of galaxies and clusters available as a community effort, and directly accessible within MISP, but it’s always possible these do not fully address your needs.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.
