Releases: OpenCTI-Platform/connectors
Releases · OpenCTI-Platform/connectors
Version 6.3.3
Bug Fixes:
- #2697 [CrowdStrike] Fix KeyError in CrowdStrike processing
- #2688 Columns in the MITRE ATT&CK kill chain are out of order
- #2667 [urlscan] Connector issues around getting data since last run and configured interval
- #2603 [CrowdStrike TIP] "'FetchedReport' object is not subscriptable" error on Indicator
- #2589 MITRE datasets, filter unsupported types to avoid errors in ingestion works
Pull Requests:
- [urlscan] Resolves GH-2667 by @brett-fitz in #2668
- Update dependency google-api-python-client to v2.146.0 by @renovate in #2669
- Update dependency pydantic to v2.9.2 by @renovate in #2670
- [Fix Pydantic version] Revert "Update dependency pydantic to v2.9.2 (#2670)" by @helene-nguyen in #2684
- Update dependency google-auth to v2.35.0 by @renovate in #2681
- fix(Sekoia): Prevent adding multiple times Sekoia.io as reference by @Darkheir in #2682
- [greynoise-feed] fix feed queries to match documentation by @bradchiappetta in #2685
- Added ShadowTrackr connector by @basvanschaik in #2593
- [Shodan] Save results to note by @annoyingapt in #2636
- [CrowdStrike] Fix KeyError in CrowdStrike processing by @initstring in #2689
- [Crowdstrike] Fix "'FetchedReport' not subscriptable" errors by @Powlinett in #2676
New Contributors:
- @basvanschaik made their first contribution in #2593
- @initstring made their first contribution in #2689
Full Changelog: 6.3.1...6.3.3
Version 6.3.1
No changelog for this release.
Pull Requests:
- Update dependency boto3 to v1.35.20 by @renovate in #2660
- Update dependency vt-py to v0.18.4 by @renovate in #2661
Full Changelog: 6.3.0...6.3.1
Version 6.3.0
Enhancements:
- #2648 [QRadar Connector : Must create different reference sets for each hash type in case of files]
- #2638 [isort] isort version needs to be updated in .pre-commit-config.yaml
- #2351 Improve Ransomware Live connector
- #2089 [CISA KEV] Be able to run the connector on an interval shorter than 1 day
- #1866 [import-external-reference] Refactor the connector, enhance PDF / markdown generation
- #1791 [IPinfo] Create an observable-to-country relationship for country-based victimology
Bug Fixes:
- #2654 [urlscan] Indicators are missing created_by_ref
- #2647 [CrowdStrike] CrowdStrike connector internal error: a bytes-like object is required, not 'dict'
- #2642 [urlscan] Failed:
pydantic:parse_raw_as
has been removed in V2. - #2631 [QRadar Connector : Does not send all hashes in STIX pattern to QRadar]
- #2618 [Jira] Bug custom_fields is not defined
- #2595 [Intel471] incorrect indicator names
Pull Requests:
- Update dependency stix-shifter-modules-splunk to v7.1.0 by @renovate in #2596
- Update dependency stix-shifter-utils to v7.1.0 by @renovate in #2597
- Update dependency boto3 to v1.35.11 by @renovate in #2599
- [FIRST EPSS] Create playbook compatible internal enrichment connector by @Powlinett in #2550
- Update dependency pycti to v6.2.18 by @renovate in #2601
- EPSS FIRST Documentation update by @romain-filigran in #2607
- Update dependency google-api-python-client to v2.144.0 by @renovate in #2608
- Update dependency boto3 to v1.35.13 by @renovate in #2610
- Update dependency pycti to v6.2.18 by @renovate in #2611
- Sets 100% as the maximum width of images when converting to html before to be exported in PDF by @romain-filigran in #2588
- Update dependency boto3 to v1.35.14 by @renovate in #2613
- Update README.md by @damians-filigran in #2604
- [REVERSINGLABS] New connector by @DinkoReversingLabs in #2602
- Added IOC upload by @pietrocapece in #2586
- Update dependency pycti to v6.2.18 by @renovate in #2614
- Update dependency reversinglabs-sdk-py3 to v2.6.4 by @renovate in #2615
- Update FIRST EPSS docker-compose.yml by @romain-filigran in #2617
- Update dependency boto3 to v1.35.15 by @renovate in #2622
- [Sekoia/Crowdstrike/Mandiant/AlienVault/RecordedFuture/CisaKEV] Modification on connector to use the new pycti connector helper scheduler by @helene-nguyen in #2459
- Update dependency google-api-python-client to v2.145.0 by @renovate in #2628
- Update dependency pytz to v2024.2 by @renovate in #2632
- Update dependency boto3 to v1.35.16 by @renovate in #2633
- Update dependency pytest to v8.3.3 by @renovate in #2624
- Update dependency boto3 to v1.35.17 by @renovate in #2644
- Update dependency regex to v2024.9.11 by @renovate in #2643
- Create readme.md for VT by @damians-filigran in #2630
- [Jira] Fix custom_fields is not defined by @Megafredo in #2619
- [Shodan] Add to readme by @Megafredo in #2635
- [urlscan] added x_opencti_score configurability for default, domain-name, and url + resolves GH-2642 by @brett-fitz in #2627
- Change flashpoint misp endpoint from http to https by @WolfByttner in #2656
- [urlscan] fix missing created_by_ref for indicators GH-2654 by @brett-fitz in #2655
- Update dependency Titan-Client to v1.20.0.2 by @renovate in #2651
- Update dependency playwright to v1.47.0 by @renovate in #2650
- [connector] update isort version by @Powlinett in #2639
- Update dependency boto3 to v1.35.19 by @renovate in #2658
- Update dependency idna to v3.9 by @renovate in #2657
- [Intel 471] Improving indicators names (#2595) by @mmolenda in #2652
- [feedly] Use content for reports intsead of creating notes by @Mathieu4141 in #2641
- [IPInfo] Adding ASN, privacy and country details by @annoyingapt in #2629
- [ZeroFox] add created_by_ref and opencti_observable_main_type to stix objects by @DNRRomero in #2625
- [Crowdstrike] Fix error bytes-like object is required, and fix error logger by @Megafredo in #2653
- Update dependency idna to v3.10 by @renovate in #2659
New Contributors:
- @Powlinett made their first contribution in #2550
- @pietrocapece made their first contribution in #2586
- @brett-fitz made their first contribution in #2627
- @WolfByttner made their first contribution in #2656
Full Changelog: 6.2.18...6.3.0
Version 6.2.18
Version 6.2.17
Bug Fixes:
- #2580 [Mandiant] Fail to parse if end_epoch is None
- #2577 [Mandiant] In some cases, the connector crashes when handline None reports
- #2573 [Mandiant] Epoch / state can be set in the future, leading the connector to not work
- #2564 [GroupIB] Fix groupib docker compose
Pull Requests:
- [GroupIB] Fix groupib docker compose by @helene-nguyen in #2565
- Update dependency stix-shifter-utils to v7.0.12 by @renovate in #2566
- Fix anyrun_feed.py by @sari3l in #2562
- Update dependency google-api-core to v2.19.2 by @renovate in #2560
- Update dependency certifi to v2024.8.30 by @renovate in #2567
- Update opencti/connector-cofense Docker tag to v6.2.17 by @renovate in #2576
- [Mandiant] Fix fail to parse if end_epoch is None by @Megafredo in #2581
- Update dependency boto3 to v1.35.9 by @renovate in #2575
New Contributors:
Full Changelog: 6.2.16...6.2.17
Version 6.2.16
Enhancements:
- #2558 [greynoisefeed] Update indicators to include additional attributes and formatting from enricher
- #2539 [GroupIB] NEW Create new GroupIB connector
- #2522 [Cofense] Create Cofense connector
- #2027 Update templates for Community to have proper guidelines to create/update connectors
Bug Fixes:
- #2559 [mwdb] Fixed error when tags not present, added except
- #2544 [RiskIQ] Attack-pattern tag format has changed
- #2543 [RiskIQ] attack-pattern id generation is incomplete
- #2535 [jira] Incorrect connector Dockerfile path
- #2532 [Malpedia] Rate limite Error
- #2531 [Mandiant] reports not created since August 4
- #2507 [import-document,import-file-stix] Support running as an arbitrary user (OpenShift Container Platform)
Pull Requests:
- [import-document,import-file-stix] Changes in Dockerfile to resolve #2507 by @leitosama in #2508
- Update dependency boto3 to v1.35.5 by @renovate in #2519
- Update dependency stix-shifter-modules-splunk to v7.0.12 by @renovate in #2520
- [connector] Float values are not exported on csv (#7951) by @ValentinBouzinFiligran in #2521
- Update dependency idna to v3.8 by @renovate in #2525
- Update opencti/connector-google-safebrowsing Docker tag to v6.2.15 by @renovate in #2526
- Fix #2507 for import-file-stix image by @leitosama in #2529
- Updated World Watch import for their new api + refactoring by @cert-orangecyberdefense in #2470
- Update README.md from Partner by @Jipegien in #2542
- [RiskIQ] Fix handling of attack-pattern tag by @debelyoo in #2545
- Update dependency PyGithub to v2.4.0 by @renovate in #2537
- [Malpedia] Better manage rate limit by @Megafredo in #2533
- [Mandiant] Send bundle for each report and its context by @helene-nguyen in #2536
- [Templates] Rework templates by @helene-nguyen in #2512
- Update dependency googleapis-common-protos to v1.65.0 by @renovate in #2538
- [Cofense] NEW Cofense connector from Cofense by @helene-nguyen in #2524
- [Cofense] Fix entrypoint by @helene-nguyen in #2553
- [greynoisefeed] Update indicators to include additional attributes and formatting from enricher by @bradchiappetta in #2555
- Update dependency boto3 to v1.35.8 by @renovate in #2552
- Update dependency cofense-intelligence to v5.2.0 by @renovate in #2551
- [Group-IB Connector] download feeds from TI convert to STIX objects a… by @uTomasAnderson in #2534
- Fixed error when tags not present, added except by @XGREENi3 in #2509
New Contributors:
- @leitosama made their first contribution in #2508
- @uTomasAnderson made their first contribution in #2534
- @XGREENi3 made their first contribution in #2509
Full Changelog: 6.2.15...6.2.16
Version 6.2.15
Enhancements:
- #2515 [Safebrowsing] Add connector to Circle CI
Bug Fixes:
- #2517 [CrowdStrike] "KeyError" when importing a report
- #2479 [Sekoia] Reports ingested with attachments without extension (pdf_report)
Pull Requests:
- [Sekoia] Fix extension and fix related_objects by @Megafredo in #2497
- Update dependency boto3 to v1.35.2 by @renovate in #2506
- Update dependency google-api-python-client to v2.142.0 by @renovate in #2510
- Update dependency nltk to v3.9 [SECURITY] by @renovate in #2511
- [Safebrowsing] Add connector to Circle CI by @Megafredo in #2516
- Update dependency nltk to v3.9.1 by @renovate in #2513
- Update dependency stix-shifter to v7.0.12 by @renovate in #2514
- [CrowdStrike] Fix KeyError for missing 'description' in report by @Megafredo in #2518
Full Changelog: 6.2.14...6.2.15
Version 6.2.14
Enhancements:
- #2481 [Sentinel] Need Update Readme
- #2460 Forcing Malpedia markings to Organisations requirements
- #1965 Create a splunk app
Bug Fixes:
- #2498 [Malpedia] default_marking recovery error
- #2492 [Mandiant] Handle multiple standard ID for a software when importing a report + fix state
- #1832 [virustotal-livehunt-notifications]
Pull Requests:
- Update requirements.txt for ransomwarelive by @sudesh0sudesh in #2483
- Update dependency boto3 to v1.34.162 by @renovate in #2480
- Update dependency google-api-python-client to v2.141.0 by @renovate in #2484
- [Sentinel] Update Documentation by @Megafredo in #2482
- [ZeroFox] Document collectors and add software observable to C2Domains collector by @DNRRomero in #2453
- Update cimg/python Docker tag to v3.12 by @renovate in #2485
- [Mandiant] Handle multiple standard ID for a software when importing a report + fix state when entity use epoch time by @helene-nguyen in #2493
- Update dependency google-api-core to v2.19.1 by @renovate in #2486
- Update dependency lxml to v5.3.0 by @renovate in #2487
- Update dependency requests to v2.32.3 by @renovate in #2489
- [virustotal] Enhance all notes by @SamuelHassine in #2496
- [REVERSINGLABS] New connector by @DinkoReversingLabs in #2478
- Update dependency google-auth to v2.34.0 by @renovate in #2501
- Update dependency boto3 to v1.35.0 by @renovate in #2500
- [Malpedia] Fix default_marking recovery error and update readme by @Megafredo in #2499
- Update dependency pycti to v6.2.13 by @renovate in #2504
- Update dependency simplejson to v3.19.3 by @renovate in #2505
- [VirusTotal Livehunt Notification] Fix issue on json dump by @helene-nguyen in #2503
Full Changelog: 6.2.13...6.2.14
Version 6.2.13
Bug Fixes:
- #2467 [Mandiant] Import a vulnerability report can create a lot of relationships between vulnerability and software
- #2449 [HarfangLab] Error : Failure observable created
- #2433 [VirusTotal] - Exception during IP address enrichment when VT does not return the expected information
Pull Requests:
- Update opencti/connector-fortinet-ti Docker tag to v6.2.12 by @renovate in #2464
- [VirusTotal] - Exception during IP address enrichment when VT does not return the expected information by @romain-filigran in #2434
- Update dependency boto3 to v1.34.158 by @renovate in #2463
- Update dependency nltk to v3.8.2 by @renovate in #2471
- [HarfangLab] Fix bug create observable by @Megafredo in #2450
- Update dependency dnstwist to v20240812 by @renovate in #2473
- [Mandiant] Create 2 new environment variables for creating CPE or not for software and limit number of relationships by @helene-nguyen in #2468
Full Changelog: 6.2.12...6.2.13
Version 6.2.12
Enhancements:
- #2429 [Fortinet TI] Creation of the Fortinet TI connector
- #2392 [Sekoia] Import "related threat" from Sekoia connector
Pull Requests:
- Update dependency boto3 to v1.34.152 by @renovate in #2441
- [Sekoia] Adding related threat by @Megafredo in #2416
- [ShadowServer] - Connector updates by @cmandich in #2446
- Fix Tagger Connector entity type comparison and safe attribute access" by @obideuce in #2445
- Update dependency boto3 to v1.34.153 by @renovate in #2447
- [Connectors] Integrate Pydantic V2 Compatibility Changes by @Megafredo in #2444
- Update dependency wheel to v0.44.0 by @renovate in #2448
- New Fortinet connector by @Lhorus6 in #2442
- Update README Fortinet by @Lhorus6 in #2455
- Update dependency boto3 to v1.34.154 by @renovate in #2452
- Update dependency pycti to v6.2.11 by @renovate in #2451
- [Comlaude] Fix Identity import by @yassine-ouaamou in #2454
- [Comlaude] Tiny fix for labels by @Lhorus6 in #2457
- Update dependency google-api-python-client to v2.140.0 by @renovate in #2458
- Update dependency crowdstrike-falconpy to v1.4.5 by @renovate in #2456
- Update dependency google-auth to v2.33.0 by @renovate in #2461
- Update dependency PyYAML to v6.0.2 by @renovate in #2462
New Contributors:
Full Changelog: 6.2.11...6.2.12