Version 6.1.6

Enhancements:

• #1652 Make the PDF export available for list of objects
• #1103 Create an enrichment connector for urlscan.io

Pull Requests:

• [Mandiant] Remove report creation while importing indicators by @helene-nguyen in #2176
• Update dependency boto3 to v1.34.114 by @renovate in #2183
• [Urlscan] Create an enrichment connector by @Megafredo in #2155
• Update dependency schedule to v1.2.2 by @renovate in #2186

Full Changelog: 6.1.5...6.1.6

Version 6.1.5

Bug Fixes:

• #2092 Sentinel Connector not setting indicator expiry date

Pull Requests:

• Update slack orb to v4.13.3 by @renovate in #2167
• Update typo in README.md by @damians-filigran in #2171
• Update dependency pytest to v8 by @renovate in #2168
• Update dependency boto3 to v1.34.113 by @renovate in #2161
• Update dependency google-api-python-client to v2.130.0 by @renovate in #2159
• Update dependency lxml to v5.2.2 by @renovate in #2162
• Update dependency regex to v2024.5.15 by @renovate in #2137
• Update dependency stix-shifter to v7.0.9 by @renovate in #2164
• Update dependency stix-shifter-modules-splunk to v7.0.9 by @renovate in #2165
• Update dependency weasyprint to v62 by @renovate in #2169
• Update dependency pycti to v6.1.4 by @renovate in #2136
• [Sentinel] Fix expiration datetime for indicator by @Megafredo in #2173
• Update dependency stix-shifter-utils to v7.0.9 by @renovate in #2166
• [RST CLOUD] May 2024: Bug Fixes by @k1r10n in #2180
• Update dependency cron-converter to v1.2.1 by @renovate in #2178
• [Crowdstrike Endpoint Security] Fix import CES import by @helene-nguyen in #2175

New Contributors:

• @damians-filigran made their first contribution in #2171

Full Changelog: 6.1.4...6.1.5

Version 6.1.4

Enhancements:

• #2142 Add new sources to Recorded Future external-import

Bug Fixes:

• #2152 connector-diode-import - Container Issue - python3: can't open file '//diode-import.py':
• #2124 Qradar-Connector Deprecated API
• #2085 Pdf generated via import-external-reference are not automatically treated by import-document
• #2062 [Hybrid Analysis] Unable to enrich TLP:CLEAR file observable

Pull Requests:

• [connectors] Error when trying to export without order by (#2121) by @ValentinBouzinFiligran in #2150
• [Qradar] Fix deprecated API request regarding reference_data by @Megafredo in #2140
• [Diode-Import] Fix directory entrypoint.sh by @Megafredo in #2157
• [Recorded Future] Fix sources for RF report type by @helene-nguyen in #2153

Full Changelog: 6.1.3...6.1.4

Version 6.1.3

Bug Fixes:

• #2146 Virus Total connector fails to enrich observables with an empty score
• #2144 [Import] Validating a workbench within a report can import a random file into it.

Pull Requests:

• [import-document] Initialize file before import (opencti/6999) by @SouadHadjiat in #2141
• [platform] Fix virus total + adapt from client change (#2146) by @richard-julien in #2147

Full Changelog: 6.1.2...6.1.3

Version 6.1.2

Bug Fixes:

• #1437 [QRADAR] - Error - Qradar connector integration

Pull Requests:

• Update virustotal.py by @demonoidvk in #2131
• Update dependency boto3 to v1.34.106 by @renovate in #2112
• Add zerofox feed collectors and include flexibility to ingestion by @DNRRomero in #2132
• Update dependency datalake-scripts to v2.7.3 by @renovate in #2113
• Update dependency google-api-python-client to v2.129.0 by @renovate in #2134
• Update dependency cron-converter to v1.2.0 by @renovate in #2133
• [Qradar] Fix error related to type by @Megafredo in #2135

New Contributors:

• @demonoidvk made their first contribution in #2131

Full Changelog: 6.1.1...6.1.2

Version 6.1.1

Bug Fixes:

• #2127 [import/export] Error when importing text files or PDFs
• #2121 Error when trying to export without order by
• #2091 VirusTotal Connector updating score incorrectly

Pull Requests:

• [Malpedia] Fix Malpedia connector import by @helene-nguyen in #2118
• [VirusTotal] Fix updating score by @Megafredo in #2117
• [connectors] list params getter to avoid crashes (#2121) by @ValentinBouzinFiligran in #2122
• Error when importing text files or PDFs (#6942) by @richard-julien in #2126
• [RF] generate new tcp session on each fusion file - signed by @Renizmy in #2125
• Update Zerofox Connector by @DNRRomero in #2116
• Revert "[import-document] Use tempfile for parsing document" by @SamuelHassine in #2128

New Contributors:

• @DNRRomero made their first contribution in #2116

Full Changelog: 6.1.0...6.1.1

Version 6.1.0

Enhancements:

• #2093 Patch ID generation RiskIQ
• #2032 [Question] How to make PDF,MD,HTML data
• #1100 [CrowdStrike Streaming API] Create the external import connector to send IoC from OpenCTI
• #977 Collection Information Replication in OpenCTI in Observations
• #863 [CrowdStrike] Doesn't create an state until it finishs the job.
• #406 [Malpedia] Refactor the connector to use stix bundle

Bug Fixes:

• #2090 Improve Data Import Error messages intezer-sandbox
• #2079 connector-abuseipdb bug
• #2076 [Recorded Future] connector stop while doing initial import/lookback
• #2058 Hygiene is breaking
• #2043 [VirusTotal] OpenCTI API is not reachable and AUTH_REQUIRED errors
• #2026 layout problem when generating a report
• #1834 ESET connector causing runaway Redis memory consumption despite REDIS__TRIMMING=1000000

Pull Requests:

• Update dependency vt-py to v0.18.1 by @renovate in #2056
• Update dependency stix-shifter-utils to v7.0.6 by @renovate in #2055
• [import-document] Use tempfile for parsing document by @Alt-NoRock in #2059
• Update dependency regex to v2024 by @renovate in #2061
• Update dependency boto3 to v1.34.88 by @renovate in #2060
• Add relationship for DomainName and Indicator, Add support for Score. by @cmandich in #2065
• Update dependency validators to v0.28.1 by @renovate in #2063
• [backend] Define file marking definitions (#opencti/5797-export) by @Goumies in #2011
• [export-pdf] Fix indicator for case by @Megafredo in #2077
• [connector] Changed linked-to ref to related-to relation by @JeremyCloarec in #2014
• [abuseipdb] Fix error by @Megafredo in #2086
• Update riskiq.py by @Lhorus6 in #2094
• [Crowdstrike Endpoint Security] Rework stream connector and allow update event by @helene-nguyen in #1983
• [Malpedia] Refactor the connector to use stix bundle by @Megafredo in #2075
• [All connectors] Fix naming folders for tests by @helene-nguyen in #2095
• Google safebrowsing by @sudesh0sudesh in #2096
• #2090 by @rguignard in #2099
• [greynoise_enricher] change API key validation to use local state file by @bradchiappetta in #2098
• [Recorded Future] connector stop while doing initial import/lookback by @magsen in #2080
• [eset] Bug: Fix entities and SCOs created with no author by @ckane in #2072
• [eset] Bug: Fix cases where ESET randomly-generates STIX ids, creating infinite aliases by @ckane in #2071
• Update dependency boto3 to v1.34.98 by @renovate in #2069
• Update dependency vt-py to v0.18.2 by @renovate in #2068
• [taxii2] Added work_id to send_stix2_bundle by @annoyingapt in #2064
• [connectors] Marking definition filters to export files (#5797) by @ValentinBouzinFiligran in #2081
• [external-file-stix] Fix stix export (#opencti/issue/5797) by @Kedae in #2102
• Fix/malcore by @yassine-ouaamou in #2107
• Update README.md by @sudesh0sudesh in #2109
• [taxii2] added missing tz argument by @annoyingapt in #2111
• Update dependency Jinja2 to v3.1.4 [SECURITY] by @renovate in #2108
• Update dependency crowdstrike-falconpy to v1.4.3 by @renovate in #2101
• Update dependency google-api-python-client to v2.128.0 by @renovate in #2100

New Contributors:

• @Alt-NoRock made their first contribution in #2059
• @JeremyCloarec made their first contribution in #2014
• @rguignard made their first contribution in #2099
• @magsen made their first contribution in #2080
• @ValentinBouzinFiligran made their first contribution in #2081

Full Changelog: 6.0.10...6.1.0

Version 6.0.10

Enhancements:

• #1839 Make RF playbook compatible

Bug Fixes:

• #2033 Qradar connector error in script
• #2023 [mandiant] Open vocabularies very strange behaviour in production
• #2004 [internal-export-file-stix] Incomplete JSON export of reports

Pull Requests:

• Update the Hive connector by @yassine-ouaamou in #2007
• fixes a header issue by @Ekultek in #2008
• [cpe] fix configuration file example with cpe.interval attribute by @guillaumededrie in #2012
• Update dependency boto3 to v1.34.79 by @renovate in #2001
• [internal-export-file-stix] fix incomplete JSON export of reports (#2004) by @marieflorescontact in #2005
• Update dependency validators to v0.28.0 by @renovate in #2002
• Update dependency typing-extensions to v4.11.0 by @renovate in #2013
• Diode import connector (#2009) by @richard-julien in #2010
• [Connector] Fix open vocabularies for intrusion set by @Megafredo in #2022
• [RF Enrichment] Make RF enrichment connector playbook compliant by @helene-nguyen in #2018
• fix File created_by_ref and add error catch by @yassine-ouaamou in #2016
• [Import External Reference] Correct config variable name by @helene-nguyen in #2031
• [Recorded Future] Fix interval configuration and update documentation by @helene-nguyen in #2029
• [Qradar] Fix docker-compose variable by @Megafredo in #2034
• [theHive] Fix remove all confidence levels by @Megafredo in #2036
• [Qradar] Fix docker-compose structure by @Megafredo in #2039
• Update dependency idna to v3.7 [SECURITY] by @renovate in #2025
• Update dependency pandas to v2.2.2 by @renovate in #2021
• Update dependency boto3 to v1.34.85 by @renovate in #2017
• Update GreyNoise internal-enrichment - API key validation and SDK by @bradchiappetta in #2038
• Socprime connector - new features by @vu-socprime in #2020
• [ThreatFox] Added if statement to send_stix2_bundle by @annoyingapt in #2024
• Update dependency google-api-python-client to v2.126.0 by @renovate in #2046
• Update dependency jbxapi to v3.23.0 by @renovate in #2047
• Update dependency boto3 to v1.34.86 by @renovate in #2049
• [RiskIQ] Add support for import start date by @yanover in #2030
• [Malcore] Updates by @Ekultek in #2045
• Update dependency stix-shifter to v7.0.6 by @renovate in #2050
• Update dependency pycti to v5.12.33 by @renovate in #2053
• Update dependency stix-shifter-modules-splunk to v7.0.6 - autoclosed by @renovate in #2054

New Contributors:

• @Ekultek made their first contribution in #2008
• @guillaumededrie made their first contribution in #2012
• @marieflorescontact made their first contribution in #2005

Full Changelog: 6.0.9...6.0.10

Version 6.0.9

Bug Fixes:

• #1954 MISP connector unable to fetch data to OpenCTI
• #1984 [Connector] Recorded Future connector crashes with unmanaged "None" criticality score

Pull Requests:

• Update dependency PyGithub to v2.3.0 by @renovate in #1971
• Update dependency validators to v0.24.0 by @renovate in #1972
• Update dependency cron-converter to v1.1.0 by @renovate in #1973
• Update dependency stix-shifter-utils to v7.0.4 by @renovate in #1974
• [Recorded Future] Fix risk rules criticality score, handle empty string by @helene-nguyen in #1976
• Add Malcore connector by @Lhorus6 in #1966
• CI: add malcore by @sbocahu in #1986
• [templates] fix typos and add metrics for external-import by @axelfahy in #1980
• Update core.py by @Lhorus6 in #1991
• Anyrun-task fixes by @yassine-ouaamou in #1987
• Update dependency boto3 to v1.34.76 - autoclosed by @renovate in #1981
• Update dependency tldextract to v5.1.2 by @renovate in #1978
• Feature/recordedfuture alert to incident by @srobaux in #1977
• Update dependency google-api-python-client to v2.125.0 by @renovate in #1992
• Update dependency lxml to v5.2.1 by @renovate in #1993
• update docker-compose anyrun_task by @yassine-ouaamou in #1997
• Update anyrun/opencti-connector-anyrun-feed Docker tag to v6.0.8 by @renovate in #1996
• Update dependency validators to v0.27.0 by @renovate in #1995
• Update dependency crowdstrike-falconpy to v1.4.2 by @renovate in #1998
• Update slack orb to v4.13.2 by @renovate in #1999
• Update dependency pydantic to v1.10.15 by @renovate in #2000

New Contributors:

• @srobaux made their first contribution in #1977

Full Changelog: 6.0.8...6.0.9

Version 6.0.8

Bug Fixes:

• #1959 ImportCSV error: "JSON data objects is empty"
• #1958 Connectors still continues to fail silently with no explanation
• #1951 TAXII 2 connector confidence level makes the connector crashing
• #1946 Crowdsec connector seems to be lacking a depedency

Pull Requests:

• [AnyRun Task] Fix default config AnyRun API endpoint by @helene-nguyen in #1950
• CrowdSec Enrichment Connector install dependencies fix by @rr404 in #1953
• return timestamp as None when error by @yassine-ouaamou in #1955
• [Sekoia] Connector do not re-run and fail silently by @helene-nguyen in #1960
• [Threatfox] rework, improvements by @daemitus in #1961
• [RANSOMWARELIVE] Doc enhancement by @Renizmy in #1952
• Update dependency stix-shifter to v7.0.4 by @renovate in #1942
• Update dependency stix-shifter-modules-splunk to v7.0.4 by @renovate in #1943
• [joe-sandbox] remove live-interaction parameter by @Kalkran in #1956
• Update dependency google-api-python-client to v2.123.0 by @renovate in #1962
• Update dependency google-auth to v2.29.0 by @renovate in #1963
• Update anyrun/opencti-connector-anyrun-feed Docker tag to v6.0.7 by @renovate in #1968
• Update dependency validators to v0.23.2 by @renovate in #1967
• Update anyrun/opencti-connector-anyrun-task Docker tag to v6.0.7 by @renovate in #1969
• Update dependency boto3 to v1.34.69 - autoclosed by @renovate in #1970

New Contributors:

• @rr404 made their first contribution in #1953
• @Kalkran made their first contribution in #1956

Full Changelog: 6.0.7...6.0.8