{ "Event": { "analysis": "1", "date": "2025-11-01", "extends_uuid": "", "info": "[Threat Intel] Australia Hacktivism", "protected": false, "publish_timestamp": "1772407238", "published": true, "threat_level_id": "2", "timestamp": "1772407235", "uuid": "efdd56e0-b933-4f1f-85cb-a252d4d8c72f", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:producer=\"Dragos\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:target-information=\"Australia\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Academia - University\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Bank\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Civil Aviation\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Defense\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Education\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Electric\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Finance\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Government, Administration\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Industrial\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Legal\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Police - Law enforcement\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Political party\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Technology\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Telecoms\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Transport\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:sector=\"Water\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#150050", "local": false, "name": "rectifyq:sub-category=\"report\"", "relationship_type": "" }, { "colour": "#190061", "local": false, "name": "rectifyq:topic=\"ics-ot\"", "relationship_type": "" }, { "colour": "#f1dfed", "local": false, "name": "rectifyq:TA-category=\"Hacktivist\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#31373d", "local": false, "name": "rectifyq:MY-relevancy=\"not-relevant\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"Cyber Army of Russia Reborn\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"NoName057(16)\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"RipperSec\"", "relationship_type": "" }, { "colour": "#18005c", "local": false, "name": "rectifyq:topic=\"ai\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"APT28\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"Sandworm\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-ics-groups=\"Sandworm\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387154", "to_ids": false, "type": "link", "uuid": "a21b1552-b5e9-42c8-87c1-1511fd14c96f", "value": "https://5943619.hs-sites.com/hubfs/Reports/Dragos-ThreatPerspective-AustraliaHacktivism-Nov25-A4.pdf?hsCtaAttrib=200426277123" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "04080310-c4d8-4ece-a815-76bf208ee596", "value": "NoName057(16)" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "991fd89a-a796-4118-a390-6856be1e6e27", "value": "Team1722" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "0d2739d5-b5ec-4c5f-bbc0-09bec4681cad", "value": "RipperSec" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "887c2f92-3ae5-4a22-8bda-4764a553a51b", "value": "Z-Pentest" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "25c82884-f9e5-41e9-b722-861de875e9ff", "value": "Cyber Army of Russia Reborn" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "aac28a6b-3ddd-4e78-9591-cb146eafb29f", "value": "ZPentest Fighter Blackhat" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "fc7cca19-9e51-4f46-9892-7799c836765b", "value": "Pro-Palestinian Hacker Movement (PPHM)" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "0315cdfe-d7b1-432e-a827-697d4eab9dbd", "value": "CyberArmyofRussia_Reborn(CARR)" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "4f9d3dbf-901f-4c40-8aff-f12fdd0f67e7", "value": "Anonymous" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "460232f6-94d7-40f4-bbfa-fefb2f756a5e", "value": "AnonymousActivist" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "c03c1eb1-301d-48ae-a784-3914ff6f9a38", "value": "Anonymous Palestine" }, { "category": "Attribution", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772387438", "to_ids": false, "type": "threat-actor", "uuid": "ddee2039-90ba-40a1-b4c2-10a207ed79bc", "value": "Liquid Blood" } ] } }