The US CERT provided IOC’s that can be used to detect North Korean Malicious Cyber Activity referred as HIDDEN COBRA.

For more information about HIDDEN COBRA, please visit https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity

ArcSight converted the official IOC’s to CSV’s that can be imported to Activate Threat Intelligence Active Lists.

Files:

TA17-318A_suspicious_addresses_list.csv

TA17-318A_suspicious_entities_list.csv

TA17-318B_suspicious_addresses_list.csv

TA17-318B_suspicious_entities.csv

TA17-164A_suspicious_addresses.csv

TA17-164A_suspicious_entities.csv
Edit | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | View wiki text | Edit WikiText | More topic actions...
Topic revision: r1 - 22 Nov 2017, TejuSundaresan


 


Activate Wiki 2.1.0.0

This site is powered by FoswikiCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback