Releases: OpenCTI-Platform/connectors
Releases Β· OpenCTI-Platform/connectors
Version 5.5.3
7589119
This commit was signed with the committerβs verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #991 Async/High-throughput Connectors
Bug Fixes:
- #1008 [misp-feed] CIRCL feed ingestion fails due to missing 'Attribute' key
- #996 Connector-MISP: "IndexError: list index out of range Killed"
- #985 Connector export PDF throws error when exporting an intrusion set
- #981 [MWDB] ERROR:root:nothing to repeat at position 0
- #974 [VX Vault] Connector leaves a trailing \n character in the name and value of imported indicators and observables
- #973 [VXVault] Connector imports garbage data (HTML tags and blank events)
- #971 [VXVault] connector seems to be broken - failing to import threat intelligence
Pull Requests:
- [VXVault] - Fix #973 and #974 - connector imports garbage data by @GraemeMeyerGT in #975
- [virustotal-livehunt-rules] Fixing error message which doesn't displa⦠by @RaulSokolova in #979
- Fix method to take into account uppercase tags by @fscc-samiR in #984
- [MWDB] Selfsigned certificate support + various bug fixes by @aaarghhh in #989
- [ironnet] Fix IP indicator config option by @rlynch-ironnet in #994
- [VirusTotal] Connector async and added url upload by @sc0ttes in #995
- [VirusTotal] Made IP and Domain relationships optional by @sc0ttes in #998
- [VirusTotal] Ignore empty categories by @sc0ttes in #999
- Connector-Elastic - ECS 8.0.0 compatibility by @sommerda in #1002
- Connector-Elastic - index pattern is used wrongly by @sommerda in #1001
- Connector-Elastic - allowing self-termination by @sommerda in #1003
- Connector-Elastic - datemath requires arrow instead of datetime by @sommerda in #1006
- Connector Abuse-SSL - fixed STIX attribute string: ipv4 -> ipv4-addr by @sommerda in #1005
- setting Attribute key to empty array if not present by @akshaysth in #1009
- Export only selected entities (#1741) by @Archidoit in #1000
- Connector-Elastic - allowing less privileged Elasticsearch access by @sommerda in #1007
- Connector-Elastic - allow sightings-manager to restart the container by @sommerda in #1011
- List exports bug fixes for contained data (#2804) by @Archidoit in #1010
New Contributors
- @GraemeMeyerGT made their first contribution in #975
- @sommerda made their first contribution in #1002
- @akshaysth made their first contribution in #1009
- @Archidoit made their first contribution in #1000
Full Changelog: 5.5.2...5.5.3
Contributors
aaarghhh, akshaysth, and 7 other contributors
Assets 2
Version 5.5.2
9bacd00
This commit was signed with the committerβs verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #910 [DomainTools] Create the connector
Bug Fixes:
- #958 [BUG][MISP] Connector creating a runaway task loop - Leading to Platform Stall
- #952 [Mandiant] News Analysis report creates duplicate notes
Pull Requests:
- Webhook connector by @sc0ttes in #966
- VirusTotal fixes by @sc0ttes in #967
- [urlscan] Fix blob urls by @rlynch-ironnet in #968
- Remove unused property in Readme by @RomuDeuxfois in #962
- [all] Release 5.5.2 by @SarahBocognano in #969
New Contributors:
- @RomuDeuxfois made their first contribution in #962
Full Changelog: 5.5.1...5.5.2
Contributors
sc0ttes, rlynch-ironnet, and 2 other contributors
Assets 2
Version 5.5.1
e86518a
This commit was signed with the committerβs verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #782 [Trickest] Create the connector
Pull Requests:
- [virustotal] "name" key enrichment fix by @sc0ttes in #956
- [virustotal] x_opencti_score of NoneType throws comparison error by @sc0ttes in #954
- [splunk] Use JWT for Splunk auth, sanitize kvstore keys, ignore some entity types by @guiguitodelperuu in #961
- [VirusTotal] Upload unseen artifacts option by @sc0ttes in #959
New Contributors:
- @guiguitodelperuu made their first contribution in #961
Full Changelog: 5.5.0...5.5.1
Contributors
sc0ttes and guiguitodelperuu
Assets 2
Version 5.5.0
05b4117
This commit was signed with the committerβs verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
Bug Fixes:
- #934 [cybercrime-tracker] ERROR:root:'NoneType' object is not subscriptable
- #933 Mandiant connector not creating relationships
Pull Requests:
- Upgrading API client by @mmolenda in #937
- cybersixgill darkfeed connector by @Umamahesh-Loginsoft in #943
- Splunk stream to be able to recover from errors by @RaulSokolova in #950
- New enrichment connector: Tagger by @SYNchroACK in #946
- [domaintools] add enrichment connector by @axelfahy in #951
- [virustotal] Flag for option to keep higher score of VirusTotal or existing score by @sc0ttes in #953
New Contributors:
- @Umamahesh-Loginsoft made their first contribution in #943
- @sc0ttes made their first contribution in #953
Full Changelog: 5.4.1...5.5.0
Contributors
SYNchroACK, sc0ttes, and 4 other contributors
Assets 2
Version 5.4.1
5bacf1c
This commit was signed with the committerβs verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #914 [VirusTotal Livehunt stream] Stream Yara rules to VirusTotal to expand collections
Bug Fixes:
- #922 [CISA known exploited vulns] Bug running the connector
- #925 [5.4.0] Analyst workbench doesn't show all the entities from the bundle. Accepting validation will add them to the report without validation
Pull Requests:
- Virustotal Livehunt stream connector by @RaulSokolova in #915
- Fix X509 Subject and Issuer in Shodan enrichment by @mattreduce in #920
- SophosLabs Intelix Lookup - Enrichment Connector for Url,IPv4-Addr,Do⦠by @0xbennyv in #916
- [VirusTotal LiveHunts Stream] Fixing the README file by @RaulSokolova in #918
- Added report description attribute finder in MISP connector by @SYNchroACK in #921
- [all] Release 5.4.1 by @SarahBocognano in #928
- Add capability to choose to add MISP tags as labels by @SYNchroACK in #927
- Added capability to handle Regions M49 galaxy from MISP by @SYNchroACK in #926
New Contributors
- @0xbennyv made their first contribution in #916
- @SarahBocognano made their first contribution in #928
Full Changelog: 5.4.0...5.4.1
Contributors
mattreduce, SYNchroACK, and 3 other contributors
Assets 2
Version 5.4.0
3fd1547
This commit was signed with the committerβs verified signature.
SamuelHassine
Samuel Hassine
Enhancements:
- #899 [URLHaus by Abuse] Add Boolean parameter for Observables.
- #881 [CrowdStrike] Enable to import Snort rules
- #857 [OpenCSAM] Create the connector
Bug Fixes:
- #877 [ImportExternalReference] Failed to import with pdf format
- #872 [cape-sandbox] enrichment fails because of max_retries TypeError, and TRID static analysis parsing failure
Pull Requests:
- Fix copypasta typo in cyber-campaign-collection docker-compose name by @ckane in #870
- Update README.md by @mattseymour in #873
- [VMRay Analyzer] New Connector by @YungBinary in #874
- [cape-sandbox] enrichment max_retries integer instead of string by @aakloul in #871
- [Joe Sandbox] Create the connector by @YungBinary in #878
- Add a space separator between the extracted texts by @2xyo in #880
- Fix wrong return misp connector by @SYNchroACK in #889
- [refactor] fix flake8 warnings and run isort by @axelfahy in #893
- Mandiant Connector, adding new report State by @TheImmigrant in #894
- Fix link to Connector Development docs in template by @mattreduce in #902
- Recorded Future Analyst Notes Connector by @Jonah-RF in #900
- Add crowdsec connector by @sbs2001 in #898
- [Mandiant] fixing a label with a type by @TheImmigrant in #903
- [intel471-connector] Fixed variable by @mmolenda in #911
- Add crowdstrike snort rules by @kohsawa in #908
New Contributors:
- @SYNchroACK made their first contribution in #889
- @mattreduce made their first contribution in #902
- @Jonah-RF made their first contribution in #900
- @sbs2001 made their first contribution in #898
Full Changelog: 5.3.17...5.4.0
Contributors
2xyo, mattreduce, and 10 other contributors
Assets 2
Version 5.3.17
Enhancements:
- #867 [ABUSESSL] Missing Docker Hub image
- #432 [URLSCAN.io] Create The connector
- #238 [MISP] External analysis are not updated if the event already have been imported
Pull Requests:
- [ABUSESSL] updated docker-compose.yml by @oklien in #866
- [ABUSEIPDB_IPBLACKLIST] updated the service name in docker-compose.yml by @oklien in #865
- [IronNet] New connector by @rlynch-ironnet in #862
- [ExportReportPDF] Export Threat-Actor Entities by @YungBinary in #861
- [shodan] remove indicator, enrich as a note by @rlynch-ironnet in #860
- Add a CRITs external-import connector by @ckane in #849
New Contributors:
Full Changelog: 5.3.16...5.3.17
Contributors
oklien, ckane, and 2 other contributors
Assets 2
Version 5.3.16
Enhancements:
- #330 [SSLBlacklist Abuse] Create the connector
Bug Fixes:
- #843 [CISA Known Exploited Vulnerabilities] - Variables referenced before assignment error
Pull Requests:
- [cisa-known-exploited-vulnerabilities] Fix unknown IDs (#843) by @TheM0ng00se in #854
- Abuse-ssl IP blacklist import connector by @ThisIsNotTheUserYouAreLookingFor in #855
- [sentinelone-threats] Resolves "TypeError: 'str' object cannot be interpreted as an integer" by @YungBinary in #856
New Contributors:
- @TheM0ng00se made their first contribution in #854
- @ThisIsNotTheUserYouAreLookingFor made their first contribution in #855
Full Changelog: 5.3.15...5.3.16
Contributors
TheM0ng00se, ThisIsNotTheUserYouAreLookingFor, and YungBinary
Assets 2
Version 5.3.15
Version 5.3.14
Enhancements:
- #837 [Mandiant] Reports are not replacing the Threat Actor to Instrusion Set based in the parameter
- #652 [Mandiant] Connector config to allow the filter of reports that get ingested.
Bug Fixes:
- #841 [misp] Dates are not handled correctly
- #836 [Mandiant] Connector not extracting description from "News Analysis report"
- #830 [MISP] null state fills rabbitmq | Reopen
Pull Requests:
- [misp-feed] Cannot parse feed of the Flashpoint API by @kohsawa in #840
- Mandiant Connector, adding Report features with the latest update. by @TheImmigrant in #844
Full Changelog: 5.3.13...5.3.14
Contributors
RaulSokolova and kohsawa