A new version of MISP 2.4.82 has been released including an improved publish-subscribe ZMQ format, improvements in the feeds system, sightings are now ingested and synchronised among MISP instances, many bug fixes and export improvements.
A new version of MISP 2.4.80 has been released including the most awaited MISP objects feature along with other new features, security fix CVE-2017-14337 and improvements.
A new version of MISP 2.4.81 has been released including a significant rework of the graphical visualisation, support for STIX 2.0 export, multiple bug-fixes and improvements for misp-objects.
A new version of MISP 2.4.79 has been released including an important security fix (persistent XSS on comment field), multiple bug fixes and new functionalities.
A new version of MISP 2.4.78 has been released including an important security fix (if you use sharing groups), multiple bug fixes and some new functionalities.
A new version of MISP 2.4.77 has been released including security fixes, bug fixes and various improvements.
This version includes multiple security fixes reported by cert.govt.nz including:
A new version of MISP 2.4.76 has been released including bug fixes and a set of performance improvements at the ingestion level.
A new version of MISP 2.4.75 has been released including bug fixes and a set of performance improvements.
In this release the most important improvement is performance tuning to improve the day-to-day life of the users. The performance improvements are most explicitly on:
A new version of MISP 2.4.74 has been released including new features, improvements and bug fixes.
The ZeroMQ pub-sub feature has been significantly improved in MISP to allow for a complete flexible notification scheme for a host of actions which take place within a MISP instance, such as:
A new version of MISP 2.4.73 has been released including new features, improvements and bug fixes.
A new module type Cortex has been introduced allowing for easy integration of MISP and Cortex. Cortex is the analysis engine part of the TheHive Project which supports expansion services from Cortex within MISP. A new setting has been added to support Cortex similarly to MISP expansion modules where you set the remote Cortex instance. MISP includes a new Cortex attribute type to allow for the raw analysis to be stored along with the event for subsequent analysis.
A new version of MISP 2.4.72 has been released including improvements and important bug fixes.
Improvements have been introduced to better support large MISP instances:
A new version of MISP 2.4.71 has been released including new features, improvements and important bug fixes.
Various bugs fixed in the sharing group synchronisation and delegation. Improvements to the UI popups when using low-resolution (aka potato displays).
A new version of MISP 2.4.70 has been released including new features, improvements and important bug fixes.
Many other bugs fixed and minor features added.
A new version of MISP 2.4.69 has been released including multiple security bug fixes and minor improvements.
Improvements added:
Two security vulnerabilities (XSS) reported by Tien Phan and David Maciejak of Fortinet’s FortiGuard Labs were fixed. Thanks to them for reporting the vulnerabilities.
A new version of MISP 2.4.68 has been released including multiple bug fixes and improvements.
Improvements and features added:
Blacklisting of deleted events is now enabled by default. This feature existed before but was not enabled by default. This feature allows MISP users to ensure that deleted events never propagate back to their instance. The blacklist can easily be managed from the MISP interface. As this feature is a default behaviour that a large majority of the MISP community needs, we have decided to enable this feature by default starting from version 2.4.68.
A new version of MISP 2.4.67 has been released, including improvements to the sighting feature, user management and activity visualisation.
Sighting activities over tags and galaxy clusters are now visualised using sparklines, giving us an interesting outlook of contextual activity:
Sighting is an endless topic of discussion. This is a required feature especially when information or indicators are regularly shared to gather feedback from users said shared data. Adequate sightings can be an incredible source of information in order to describe the life-time of an indicator, its evolution and especially to ensure the understanding of indicators among a group of users using the information to detect, mitigate or block malicious activities in their infrastructures. The potential is endless, potentially being a significant gain for organised communities of infosec professionals sharing information or even serve as a requirement for advanced algorithms ranging from machine learning to reinforcement learning. But to reach such a state of a feedback loop, you first require a functional model of sighting.
A new version of MISP 2.4.65 (and 2.4.64) has been released, including bug fixes and new features.
API access added to the MISP statistics providing additional statistics regarding information on contributions by organisation, attributes used and tags. The API can be also used by monitoring tools to monitor the state of a MISP instance.
A new version of MISP 2.4.63 has been released, including bug fixes and new features.
New features in the API:
Added a new setting to show post count on the event index including a notification if it has a post newer than 24 hours.
A new version of MISP 2.4.62 has been released, including bug fixes and new features.
MISP feed has been expanded to support local feed allowing users to import feeds from local directories (if MISP format) or local files (like free-text or CSV import) in addition to the network feeds.
© MISP project. Software released under approved open source licenses and content of this website released as CC BY-SA 3.0.
Template by Bootstrapious. Ported to Hugo by DevCows.
