We are pleased to announce the immediate release of MISP 2.4.189, released with bug fixes, performance improvements and a new blocklist feature.

misp-project.org/2024/04/12/MIS…

#cti #opensource #misp #ThreatIntelligence

MISP - Elastic Stack - Docker

This lab explains how to connect MISP to the Elastic Stack in order to leverage IOCs from MISP and trigger alerts based on user defined rules.

misp-project.org/2024/04/05/ela…

Elastic

#elastic #misp #opensource #threatintel

A MISP (@[email protected]) tip of the week: Confused about the statuses returned by MISP remote servers? This small mindmap clarifies them. You can also display the status as a widget in the MISP dashboard. github.com/cudeso/misp-ti…

AIL framework 5.4 released with many semantic improvements in chat channels, new Tor vanity domain explorer and various improvements.

ail-project.org/blog/2024/03/2…

#darkweb #opensource #monitoring #threatintelligence #ThreatIntel #tor

MISP 2.4.188 released with major performance improvements, enhancement and many bugs fixed.

misp-project.org/2024/03/25/MIS…

#misp #opensource #threatintel

MISP 2.4.187 released, including security fixes, new features and bugs fixes.

misp-project.org/2024/03/24/MIS…

#misp #opensource #threatintel #threatintel ligence

Poppy a new Bloom filter format and open source project has been released.

misp-project.org/2024/03/25/Pop…

#misp #opensource #bloomfilter #threatintel #sharing

New MISP (@[email protected]) Jupyter playbook added in the JupyterUniverse🌌 by Koen Van Impe ☕! Check this out 🤩!! #python #ThreatIntel

👉juniverse.securitybreak.io

Sharing some stats on my MISP (@[email protected]) #OSINT #CTI feed at botvrij.eu ; +37k unique visitors ; unusual to see UAE as the top visitor for the last 30 days

A new MISP (@[email protected]) playbook to help with curation of decayed indicators. Use the custom model of the playbook or one of the MISP build-in models. Decayed indicators are disabled and tagged. #cti github.com/MISP/misp-play…

List of intelligence agencies added to the MISP galaxy.

misp-galaxy.org/intelligence-a…

#intelligence #misp #threatintel #opensource #opendata

We transformed the MISP modules into a standalone project featuring a unique user interface. Now, it's easier to utilise all the expansion modules for enhanced open-source intelligence, threat intelligence efforts and keep a track of all your pivoting.

misp-project.org/2024/03/12/Int…

🔍 Kunai v0.2.0-rc.2 is out! Featuring configurable detection rules, IoC matching & new events! Check it out at: github.com/kunai-project/… 📑 Latest docs ready for exploration. 🧪 Calling all testers! Dive in & help us refine this powerful tool! #ThreatDetection #SOC #DFIR

We are pleased to announce the immediate release of MISP 2.4.186, which includes two major new feature called “Analyst Data” and “Collections”.

misp-project.org/2024/03/06/MIS…

#infosec #opensource #threatintel #threatintel ligence #misp

Mihari v7.4.0 is out.
github.com/ninoseki/mihari
It introduces attributes/observables level tagging for MISP (@[email protected])/TheHive.
(Thanks to Serhii Melnyk for his suggestion)

.MISP (@[email protected]) is made to share information with trusted circles in a standard, automatable format.
How does HarfangLab's CTI team use it to update & centralize detection rules, and manage whitelists?
We invite you behind the scenes: harfanglab.io/en/blog/produc…
#Cyber security #Cyber

MISP will be at the FIRST.org CTI 2024 in Berlin with a workshop MISP API and Automation Workshop - Monday, April 15th 2024 14:00-18:00.

misp-project.org/events/

#cti #ThreatIntel #misp #opensource

Koen Van Impe ☕ Directoratul Național de Securitate Cibernetică It's indeed great and thanks to Directoratul Național de Securitate Cibernetică - the YARA rules are also in the MISP CIRCL - @[email protected] OSINT feed circl.lu/doc/misp/feed-… MISP (@[email protected])

I added a new feature to MISP (@[email protected]) 2 Microsoft Sentinel. “misp_flatten_attributes = True” allows to flatten attributes from MISP objects and translate them to individual STIX indicators, and then sync to Microsoft Sentinel. github.com/cudeso/misp2se…

Now up we have Koen Van Impe ☕ talking to us about MISP Playbooks! 🔖

These Playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse specific intelligence received by #MISP .