Releases: OpenCTI-Platform/connectors
Releases · OpenCTI-Platform/connectors
Version 5.5.0
05b4117
This commit was signed with the committer’s verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
Bug Fixes:
- #934 [cybercrime-tracker] ERROR:root:'NoneType' object is not subscriptable
- #933 Mandiant connector not creating relationships
Pull Requests:
- Upgrading API client by @mmolenda in #937
- cybersixgill darkfeed connector by @Umamahesh-Loginsoft in #943
- Splunk stream to be able to recover from errors by @RaulSokolova in #950
- New enrichment connector: Tagger by @SYNchroACK in #946
- [domaintools] add enrichment connector by @axelfahy in #951
- [virustotal] Flag for option to keep higher score of VirusTotal or existing score by @sc0ttes in #953
New Contributors:
- @Umamahesh-Loginsoft made their first contribution in #943
- @sc0ttes made their first contribution in #953
Full Changelog: 5.4.1...5.5.0
Contributors
SYNchroACK, sc0ttes, and 4 other contributors
Assets 2
Version 5.4.1
5bacf1c
This commit was signed with the committer’s verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #914 [VirusTotal Livehunt stream] Stream Yara rules to VirusTotal to expand collections
Bug Fixes:
- #922 [CISA known exploited vulns] Bug running the connector
- #925 [5.4.0] Analyst workbench doesn't show all the entities from the bundle. Accepting validation will add them to the report without validation
Pull Requests:
- Virustotal Livehunt stream connector by @RaulSokolova in #915
- Fix X509 Subject and Issuer in Shodan enrichment by @mattreduce in #920
- SophosLabs Intelix Lookup - Enrichment Connector for Url,IPv4-Addr,Do… by @0xbennyv in #916
- [VirusTotal LiveHunts Stream] Fixing the README file by @RaulSokolova in #918
- Added report description attribute finder in MISP connector by @SYNchroACK in #921
- [all] Release 5.4.1 by @SarahBocognano in #928
- Add capability to choose to add MISP tags as labels by @SYNchroACK in #927
- Added capability to handle Regions M49 galaxy from MISP by @SYNchroACK in #926
New Contributors
- @0xbennyv made their first contribution in #916
- @SarahBocognano made their first contribution in #928
Full Changelog: 5.4.0...5.4.1
Contributors
mattreduce, SYNchroACK, and 3 other contributors
Assets 2
Version 5.4.0
3fd1547
This commit was signed with the committer’s verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #899 [URLHaus by Abuse] Add Boolean parameter for Observables.
- #881 [CrowdStrike] Enable to import Snort rules
- #857 [OpenCSAM] Create the connector
Bug Fixes:
- #877 [ImportExternalReference] Failed to import with pdf format
- #872 [cape-sandbox] enrichment fails because of max_retries TypeError, and TRID static analysis parsing failure
Pull Requests:
- Fix copypasta typo in cyber-campaign-collection docker-compose name by @ckane in #870
- Update README.md by @mattseymour in #873
- [VMRay Analyzer] New Connector by @YungBinary in #874
- [cape-sandbox] enrichment max_retries integer instead of string by @aakloul in #871
- [Joe Sandbox] Create the connector by @YungBinary in #878
- Add a space separator between the extracted texts by @2xyo in #880
- Fix wrong return misp connector by @SYNchroACK in #889
- [refactor] fix flake8 warnings and run isort by @axelfahy in #893
- Mandiant Connector, adding new report State by @TheImmigrant in #894
- Fix link to Connector Development docs in template by @mattreduce in #902
- Recorded Future Analyst Notes Connector by @Jonah-RF in #900
- Add crowdsec connector by @sbs2001 in #898
- [Mandiant] fixing a label with a type by @TheImmigrant in #903
- [intel471-connector] Fixed variable by @mmolenda in #911
- Add crowdstrike snort rules by @kohsawa in #908
New Contributors:
- @SYNchroACK made their first contribution in #889
- @mattreduce made their first contribution in #902
- @Jonah-RF made their first contribution in #900
- @sbs2001 made their first contribution in #898
Full Changelog: 5.3.17...5.4.0
Contributors
2xyo, mattreduce, and 10 other contributors
Assets 2
Version 5.3.17
Enhancements:
- #867 [ABUSESSL] Missing Docker Hub image
- #432 [URLSCAN.io] Create The connector
- #238 [MISP] External analysis are not updated if the event already have been imported
Pull Requests:
- [ABUSESSL] updated docker-compose.yml by @oklien in #866
- [ABUSEIPDB_IPBLACKLIST] updated the service name in docker-compose.yml by @oklien in #865
- [IronNet] New connector by @rlynch-ironnet in #862
- [ExportReportPDF] Export Threat-Actor Entities by @YungBinary in #861
- [shodan] remove indicator, enrich as a note by @rlynch-ironnet in #860
- Add a CRITs external-import connector by @ckane in #849
New Contributors:
Full Changelog: 5.3.16...5.3.17
Contributors
oklien, ckane, and 2 other contributors
Assets 2
Version 5.3.16
Enhancements:
- #330 [SSLBlacklist Abuse] Create the connector
Bug Fixes:
- #843 [CISA Known Exploited Vulnerabilities] - Variables referenced before assignment error
Pull Requests:
- [cisa-known-exploited-vulnerabilities] Fix unknown IDs (#843) by @TheM0ng00se in #854
- Abuse-ssl IP blacklist import connector by @ThisIsNotTheUserYouAreLookingFor in #855
- [sentinelone-threats] Resolves "TypeError: 'str' object cannot be interpreted as an integer" by @YungBinary in #856
New Contributors:
- @TheM0ng00se made their first contribution in #854
- @ThisIsNotTheUserYouAreLookingFor made their first contribution in #855
Full Changelog: 5.3.15...5.3.16
Contributors
TheM0ng00se, ThisIsNotTheUserYouAreLookingFor, and YungBinary
Assets 2
Version 5.3.15
Version 5.3.14
Enhancements:
- #837 [Mandiant] Reports are not replacing the Threat Actor to Instrusion Set based in the parameter
- #652 [Mandiant] Connector config to allow the filter of reports that get ingested.
Bug Fixes:
- #841 [misp] Dates are not handled correctly
- #836 [Mandiant] Connector not extracting description from "News Analysis report"
- #830 [MISP] null state fills rabbitmq | Reopen
Pull Requests:
- [misp-feed] Cannot parse feed of the Flashpoint API by @kohsawa in #840
- Mandiant Connector, adding Report features with the latest update. by @TheImmigrant in #844
Full Changelog: 5.3.13...5.3.14
Contributors
RaulSokolova and kohsawa
Assets 2
Version 5.3.13
Bug Fixes:
- #828 [external-import/restore-files] fails with KeyError on get_state["current"]
- #827 Mandiant Connector - Parsing Threat Actors from Reports
Pull Requests:
- [intel471-connector] Refactoring STIX mappers and updating user agent string by @mmolenda in #834
- Bugfix: cyber-campaign-collection crashes when date fails parsing, infinite loop adding earlier items to queue forever by @ckane in #835
Full Changelog: 5.3.12...5.3.13
Contributors
ckane and mmolenda
Assets 2
Version 5.3.12
Bug Fixes:
- #823 Misp connector should handle http errors (429 specifically)
- #819 [Virustotal] KeyError: 'name'
- #743 [Kaspersky] Connector is creating dups
Pull Requests:
- Removed references to OpenCTI UUID tool by @TechBurn0ut in #821
- [misp-feed] An easy typo of environment name is exists in the block of parsing config variables by @kohsawa in #831
New Contributors:
Full Changelog: 5.3.11...5.3.12
Contributors
TechBurn0ut and kohsawa
Assets 2
Version 5.3.11
No changelog for this release.
Pull Requests:
- Update typo in docker-compose file cisa known exploited vulnerabilities by @StevenD33 in #817
- Add 3 default MISP feeds: CIRCL, ThreatFox, Botvrij by @ckane in #815
New Contributors:
- @StevenD33 made their first contribution in #817
Full Changelog: 5.3.10...5.3.11
Contributors
ckane and StevenD33