Version 6.2.11

Bug Fixes:

• #2435 [Hygiene] Hygiene enrichment connector error

Pull Requests:

• [Comlaude] change Identity import and utcnow by @yassine-ouaamou in #2440
• [Hygiene] Hygiene enrichment connector error by @romain-filigran in #2438
• Update dependency greynoise to v2.3.0 by @renovate in #2439

Full Changelog: 6.2.10...6.2.11

Version 6.2.10

Bug Fixes:

• #2437 [Mandiant] Campaigns import is broken

Pull Requests:

• [Mandiant] Fix argument method extract mandiant name by @helene-nguyen in #2436

Full Changelog: 6.2.9...6.2.10

Version 6.2.9

Enhancements:

• #2424 [MISP] Include aliases when searching for threats from tags
• #2420 [Mandiant] Campaign improvements
• #2419 [Shodan InternetDB] Playbook compatibility
• #2397 [Google DNS] Make the Google DNS enrichment connector “playbook compatible”
• #1118 [CROWDSTRIKE] TLS Negotation issues on Alpine 3.17 (OpenSSL 3.0) UNSAFE_LEGACY_RENEGOTIATION_DISABLED

Bug Fixes:

• #2276 Malpedia

Pull Requests:

• Update opencti/connector-cisco-sma Docker tag to v6.2.8 by @renovate in #2413
• Update dependency boto3 to v1.34.150 by @renovate in #2414
• [Malpedia] Fix missing description for intrusion set by @Megafredo in #2415
• [Google DNS] Make the connector 'playbook compatible' by @Megafredo in #2417
• Update dependency boto3 to v1.34.151 by @renovate in #2426
• Update dependency google-api-python-client to v2.139.0 by @renovate in #2423
• [MISP] search for threats in aliases when guess_threats_from_tags is ON by @yassine-ouaamou in #2425
• [Shodan InternetDB] Playbook compatibility by @romain-filigran in #2428
• Update dependency pycti to v6.2.8 by @renovate in #2430
• Update dependency vt-py to v0.18.3 - autoclosed by @renovate in #2431
• Update opencti/connector-shodan-internetdb Docker tag to v6.2.8 by @renovate in #2432
• [Mandiant] Improvement of campaign imports by @helene-nguyen in #2422

Full Changelog: 6.2.8...6.2.9

Version 6.2.8

Enhancements:

• #2404 [Cisco SMA] Creation of the Cisco SMA connector
• #1531 Removing default labelling of connectors
• #963 Add Shodan Search Feature
• #595 [VirusTotal] Add an option to disable labels

Bug Fixes:

• #2389 [Misp] Error outside the main connector process is not logged
• #2214 Error 'standard_id' when using the export-file-stix connector v6.1.10 on a report that contains nested relationships
• #1567 Shodan connector error

Pull Requests:

• Update dependency boto3 to v1.34.148 by @renovate in #2376
• Update dependency pytest to v8.3.2 by @renovate in #2379
• New connector : Cisco SMA by @Lhorus6 in #2406
• Update dependency regex to v2024.7.24 by @renovate in #2402
• Update dependency pydantic_core to v2.20.1 by @renovate in #2401
• [red-flag-domains] Update red-flag-domains docker-compose.yml by @sda06407 in #2405
• Updated exception handling & code quality in external-import template by @Obdam in #2400
• [Misp] Fix indent + add traceback for logs outside connector main process by @helene-nguyen in #2388
• Update dependency google-api-python-client to v2.138.0 by @renovate in #2407
• Update dependency boto3 to v1.34.149 by @renovate in #2408
• Fix path error by @Lhorus6 in #2411
• Update dependency reversinglabs-sdk-py3 to v2.6.4 by @renovate in #2410
• Update dependency pycti to v6.2.7 by @renovate in #2409
• [RSTCLOUD] July Bugfixes and Improvements by @k1r10n in #2380
• fixes Comlaude by @yassine-ouaamou in #2279
• Update dependency stix-shifter to v7.0.11 by @renovate in #2412

New Contributors:

• @sda06407 made their first contribution in #2405
• @Obdam made their first contribution in #2400

Full Changelog: 6.2.7...6.2.8

Version 6.2.7

Bug Fixes:

• #2383 [Ironnet] Fix import
• #2378 [urlscan-enrichment] API key error lead to cryptic error messages
• #2374 [splunk] Connection errors are not logged
• #2372 [Mandiant] Connectors exceptions are not logged (only "Terminated")
• #2357 [Cape sandbox] Analysis failing due to incompatable attributes
• #2320 [Sentinel] - Indicator updates are not propagated in Azure Sentinel

Pull Requests:

• [Mandiant] Add log when exception is caught outside of running connector process by @helene-nguyen in #2371
• [import-document] added new exact_match_fields in configuration by @JeremyCloarec in #2335
• [connector] Urlscan, fix Api key error message by @Megafredo in #2382
• [Webhook] Init connector by @Renizmy in #2193
• [Splunk] Add traceback to have more accurate logs by @helene-nguyen in #2381
• [Ironnet] Fix error on running connector by @helene-nguyen in #2384
• [opencti] Fix interval bug by @daemitus in #2353
• Fix for mistake in indent. by @piolug93 in #2377
• [Webhook] Fix circle ci configuration file for more consistency by @helene-nguyen in #2385
• [Webhook] Update version to fix CI build by @helene-nguyen in #2386
• [external-import] ESET connectors TAXII2 and MISP by @polakovicp in #2343
• [Sentinel] - Indicator updates are not propagated in Azure Sentinel by @romain-filigran in #2347
• [cape-sandbox]: Fix, error updating some "File" observable properties by @romain-filigran in #2361

New Contributors:

• @piolug93 made their first contribution in #2377
• @polakovicp made their first contribution in #2343

Full Changelog: 6.2.6...6.2.7

Version 6.2.6

Bug Fixes:

• #2360 [Flashpoint] Alerts on communities are not ingested properly
• #2355 [Cape Sandbox] Cape URL variable not being utilised
• #2349 [Recorded Future Enrichment] Add score on Indicator

Pull Requests:

• [Recorded Future Enrichment] Add score in the correct field by @helene-nguyen in #2350
• Update dependency validators to v0.33.0 by @renovate in #2348
• Update opencti/connector-infoblox Docker tag to v6.2.5 by @renovate in #2352
• [cape-sandbox] - fix docker-compose.yml template by @romain-filigran in #2356
• Update dependency reversinglabs-sdk-py3 to v2.6.3 by @renovate in #2363

New Contributors:

• @romain-filigran made their first contribution in #2356

Full Changelog: 6.2.5...6.2.6

Version 6.2.5

Enhancements:

• #2307 [CrowdStrike] Be able to exclude IOCs during import based on labels applied to them

Bug fixes:

• #2333 [infoblox] Connector fails to start with 'datetime.datetime' has no attribute 'datetime'
• #2334 [mandiant] In some cases, relationships are not created in reports

Pull Requests:

• Update dependency validators to v0.32.0 by @renovate in #2324
• Update dependency boto3 to v1.34.143 by @renovate in #2329
• [infoblox] Add to CI/CD by @SamuelHassine in #2331
• [connector] Fix mandiant relationships by @helene-nguyen in #2332
• Add possibility to exclude IOCs import based on labels by @Lhorus6 in #2308
• Fix the import of library by @Lhorus6 in #2336
• Fix KeyError on dict by @Lhorus6 in #2340
• [flashpoint] Create groupings instead of reports by default by @SamuelHassine in #2342
• [Flashpoint] Fix lint Flashpoint by @helene-nguyen in #2344
• Update dependency stix-shifter to v7.0.11 by @renovate in #2338
• Update dependency stix-shifter-modules-splunk to v7.0.11 by @renovate in #2339
• Update dependency boto3 to v1.34.144 by @renovate in #2346
• Update dependency stix-shifter-utils to v7.0.11 by @renovate in #2345

Full Changelog: 6.2.4...6.2.5

Version 6.2.4

Enhancements:

• #2328 [mandiant] Introduce an option to import aliases of malwares (given overlaps in Advantage platform)
• #2321 [misp/misp-feed] Add more magic in the syntax of labels resolution for STIX objects

Bug Fixes:

• #2323 MISP is not importing when the filter date field is default "date_from"
• #2319 [External-import][Crowdstrike] Infinit loop lock to identical works
• #2078 MISP error handling causes malformed state

Pull Requests:

• Update dependency pycti to v5.12.33 by @renovate in #2313
• Update dependency pycti to v6 by @renovate in #2314
• Update dependency google-api-python-client to v2.137.0 by @renovate in #2316
• Update dependency boto3 to v1.34.142 by @renovate in #2317
• Update dependency reversinglabs-sdk-py3 to v2.6.2 by @renovate in #2325
• [Crowdstrike] Fix Infinit loop by @Megafredo in #2322

Full Changelog: 6.2.3...6.2.4

Version 6.2.3

Enhancements:

• #2309 [Infoblox] Creation of the Infoblox connector

Bug Fixes:

• #2303 [mandiant] Correctly import Mandiant report news analysis

Pull Requests:

• [Mandiant] Correctly import Mandiant report news analysis by @helene-nguyen in #2305
• Adding the Infoblox connector by @Lhorus6 in #2310
• Update dependency validators to v0.31.0 by @renovate in #2304
• Update dependency boto3 to v1.34.141 by @renovate in #2306
• Update dependency requests to v2.32.2 [SECURITY] by @renovate in #2311
• Update dependency google-auth to v2.32.0 by @renovate in #2312

Full Changelog: 6.2.2...6.2.3

Version 6.2.2

Enhancements:

• #1988 [Flashpoint] Improve and refactor connector to use new Ignite API
• #1555 [mwdb] OpenCTI connector flooding MWDB API with requests when /api/file retuns different HTTP response code than 200
• #446 [Jira] Create the connector

Bug Fixes:

• #2299 [mandiant] Campaign first_seen date is not imported
• #2294 [recorded-future] Threat Actor (person) are imported as threat actor groups (should be individual)

Pull Requests:

• Update dependency boto3 to v1.34.139 by @renovate in #2280
• [CHRONICLE] Fix + doc by @Renizmy in #2239
• Update dependency certifi to v2024.7.4 by @renovate in #2282
• [Chronicle] Fix lint chronicle connector by @helene-nguyen in #2286
• Update dependency google-auth to v2.31.0 by @renovate in #2289
• Update dependency reversinglabs-sdk-py3 to v2.6.1 by @renovate in #2291
• [Recorded Future] Fix import TA as individual when type of Person from RF by @helene-nguyen in #2292
• Update dependency stix-shifter to v7.0.10 by @renovate in #2293
• Update dependency googleapis-common-protos to v1.63.2 by @renovate in #2290
• [MWDB] API connection based on mwdblib, fix issues by @psrok1 in #2285
• [Mandiant] Add campaign first_seen date by @helene-nguyen in #2297
• Update dependency boto3 to v1.34.140 by @renovate in #2295
• Update dependency stix-shifter-modules-splunk to v7.0.10 by @renovate in #2296
• Update dependency pdfminer.six to v20240706 by @renovate in #2301
• Update dependency stix-shifter-utils to v7.0.10 by @renovate in #2300

New Contributors:

• @psrok1 made their first contribution in #2285

Full Changelog: 6.2.1...6.2.2