Version 5.3.10

Enhancements:

• #805 [Amitt Connector] Amitt is now DISARM

Full Changelog: 5.3.9...5.3.10

Version 5.3.9

Bug Fixes:

• #811 [5.3.8] Import Document Connector doesn't import pdfs and other files successfully
• #810 NoneType error in Mandiant Connector
• #809 Max marking check on enrichment connector fail for empty marking

Pull Requests:

• [URLHaus Recent Payloads] Update Comments for Config by @YungBinary in #808

Full Changelog: 5.3.8...5.3.9

Version 5.3.8

Enhancements:

• #798 [URLScan] Add the connector
• #790 [AbuseIPDB IP Blacklist] Create the connector
• #788 [Maltiverse] Create the connector
• #787 [mwdb] Create the connector
• #786 [Citalid] Create the connector
• #785 [Orange Cybedefense] Create the connector
• #784 [Splunk] Parse STIX patterns before sending
• #767 [ExportFileCSV] Can the connector use comma instead of semicolon as the column separator?
• #754 [ImportDocument] Modify default country resolution (no aliases)
• #751 [Alienvault] Filter indicator by created option
• #748 [Intel 471] Create the connector
• #749 [Splunk] Take into account the timestamp timezone
• #747 [TAXII2 Client] Be able to choose create observables / indicators
• #742 [TAXII Client] Be able to put client certificate
• #722 [Mandiant] The connector should use report endpoint with STIX and PDF accept headers
• #721 CISA Connector : Time Interval variable correction
• #793 Unable to import indicators in to an Incident
• #680 [MISP] MISP_REPORT_CLASS option should be MISP_REPORT_TYPE
• #655 [VirusTotal] Expand enrichment to IP, Domain, URL Indicators
• #650 [MITRE Datasets]Migrate to STIX 2.1
• #612 [MISP JSON Feeds] Create the connector
• #490 [Hatching Triage] Create the connector

Bug Fixes:

• #803 cyber-campaign-collection infinite looping the import
• #799 [mandiant] Running the connector for the first time results in wrong epoch when trying to get reports
• #794 [MISP] null state fills rabbitmq
• #771 [ExportFileTxt]Some entities cannot be exported by the "ExportFileTxt", but can be exported by the "ExportFileCsv" and "ExportFileStix"
• #740 [Mandiant] Receiving API HTTP 400 errors
• #731 [CrowdStrike] Update will produce only internal modifications
• #724 [Elastic Security] Update connector to use a valid state initialization
• #633 [Elastic Security] Connector fails to launch

Pull Requests:

• Update docker-compose.yml by @cvdsouza in #720
• SOC Prime external-import connector update by @vu-socprime in #729
• [virustotal] fix created_by and refactoring by @axelfahy in #730
• Adding variable Start Date for NVD CVE Feeds by @ReadyElbow in #726
• [virustotal] add external reference to virustotal website by @axelfahy in #732
• Add maltiverse connector by @jlopezzarza in #735
• Add Intel 471 connector by @mmolenda in #737
• Add CI to connector-maltiverse by @jlopezzarza in #741
• Fixes #752 - Update and correct import-external-reference readme by @mattseymour in #768
• Update sekoia.py by @cyrilyxe in #783
• [external-import] Break loop if run and terminate is enabled by @rlynch-ironnet in #762
• Updating Mandiant connector to collect reports by @TheImmigrant in #774
• [riskiq/malpedia] use logger of OpenCTIConnectorHelper for clients by @axelfahy in #761
• [Elastic-stream] Fixing some issue related to the index stream in Elastic stream connector [MWDB-external_import] added a new connector by @aaarghhh in #727
• Abuseipdb ipblacklist import by @eladent in #789
• [urlscan] Implement connector by @rlynch-ironnet in #764
• [MWDB-external_import] Added MWDB to CircleCI by @aaarghhh in #796
• [urlscan] remove corp internal hygiene by @rlynch-ironnet in #800
• [shodan-idb] Shodan InternetDB connector by @rlynch-ironnet in #797
• [alienvault] Filter indicators based on created date, logging by @rlynch-ironnet in #765
• CISA Known Exploited Vulnerabilities by @TechBurn0ut in #795
• Bug - looping the date by @symsal in #801

New Contributors:

• @cvdsouza made their first contribution in #720
• @ReadyElbow made their first contribution in #726
• @jlopezzarza made their first contribution in #735
• @mmolenda made their first contribution in #737
• @cyrilyxe made their first contribution in #783
• @rlynch-ironnet made their first contribution in #762
• @TheImmigrant made their first contribution in #774
• @aaarghhh made their first contribution in #727
• @eladent made their first contribution in #789
• @TechBurn0ut made their first contribution in #795
• @symsal made their first contribution in #801

Full Changelog: 5.3.7...5.3.8

Version 5.3.7

Bug Fixes:

• #714 MISP_IMPORT_CREATOR_ORGS ignored in docker container, works from CLI

Pull Requests:

• Update to the sample config for the IVRE connector by @izm1chael in #715

New Contributors:

• @izm1chael made their first contribution in #715

Full Changelog: 5.3.6...5.3.7

Version 5.3.6

Enhancements:

• #711 MISP connector imports links IoCs as external reference

Bug Fixes:

• #709 [virustotal] confidence level is not treated as a number

Pull Requests:

• fix issue #711 - limit digestion of external references to external a… by @Deventual in #712
• [misp] fix NoneType on observable by @axelfahy in #713

Full Changelog: 5.3.5...5.3.6

Version 5.3.5

Bug Fixes:

• #708 MISP Connector cannot consume events in 5.3.5 release

Pull Requests:

• [virustotal] set confidence level as a number by @axelfahy in #710

Full Changelog: 5.3.4...5.3.5

Version 5.3.4

Bug Fixes:

• #706 VirusTotal Connector TypeError
• #699 Environment Variables parsing with splunk connector

Version 5.3.3

Enhancements:

• #703 Create de SOC Prime connector

Bug Fixes:

• #704 Mandiant connector using the incorrect endpoint for reports

Pull Requests:

• SOC Prime connector by @vu-socprime in #702

New Contributors:

• @vu-socprime made their first contribution in #702

Full Changelog: 5.3.2...5.3.3

Version 5.3.2

Bug Fixes:

• #697 Lots of errors when using connectors/internal-enrichment/virustotal/
• #696 connector-export-report-pdf - KeyError: 'entity_id'

Full Changelog: 5.3.1...5.3.2

Version 5.3.1

Bug Fixes:

• #694 [Mandiant] Name not present in /v4/indicator response
• #689 [import-document] 5.3.0 import document error
• #677 [Mandiant] v5.2.4 connector loops over and over again looking for an entity that doesn't exist on the platform
• #656 [MISP] First start timestamp bug

Pull Requests:

• [virustotal] Expand enrichment to Url, IPv4, Domain-Name by @YungBinary in #671
• Update README.md by @mattseymour in #692
• [Mandiant] Pass in the work_id param by @kudrew in #693
• [Mandiant] replaces name for value and resolves 694 by @fitz003 in #695

New Contributors:

• @mattseymour made their first contribution in #692
• @kudrew made their first contribution in #693
• @fitz003 made their first contribution in #695

Full Changelog: 5.3.0...5.3.1