Changelog
Synapse-Group-IB Changelog
NEXTVERS - 2024-XX-YY
NOTE: This release is a BETA preview and may be subject to change!
Bugfixes
Fixed typos in command help messages.
v0.6.0 - 2024-06-28
NOTE: This release is considered Beta and may be subject to change.
Features and Enhancements
Replace deprecated
risk:hasvuln
usage withrisk:vulnerable
.
This release contains an automatic data migration that will run when the package is first upgraded.
The migration creates risk:vulnerable
nodes from the deprecated risk:hasvuln
nodes.
Bugfixes
Fix an issue with API responses where the count of returned items used to be an integer but is now a dictionary.
v0.5.0 - 2024-06-05
NOTE: This release is considered Beta and may be subject to change.
Bugfixes
Safely skip invalid CPE strings.
v0.4.1 - 2024-05-20
NOTE: This release is considered Beta and may be subject to change.
Bugfixes
Fix an issue where large C2 configs would generate an error.
Fix an issue where newer API versions were generating invalid
risk:threat
nodes.Fix an issue where
groupib.ti.threat.actors.search
was usingrisk:threat:name
to enrich nodes instead ofrisk:threat:org:name
v0.4.0 - 2024-04-22
NOTE: This release is considered Beta and may be subject to change.
Features and Enhancements
Add commands for retrieving compromised account and bank card data.
Bugfixes
Fix an issue where enriching
media:news
nodes created during threat actor ingest would create newmedia:news
nodes rather than updating the existing node.
v0.3.1 - 2024-02-20
NOTE: This release is considered Beta and may be subject to change.
Features and Enhancements
Update deprecated
$lib.dict()
usage to JSON style syntax.
v0.3.0 - 2023-11-22
NOTE: This release is considered Beta and may be subject to change.
Features and Enhancements
Add
groupib.ti.threat.reports.byid
command to retrieve a single report by ID.Add a
rep.groupib.ioc
tag to nodes when ingesting indicators.Convert threat report HTML to text before scraping to avoid incorrectly matching hashes contained in links.
Add
groupib.ti.iocs.updated
,groupib.ti.malware.configs.updated
,groupib.ti.threat.actors.updated
,groupib.ti.threat.reports.updated
, andgroupib.ti.vulns.updated
commands which use the/updated
versions of the endpoints withseqUpdate
logic for iteration. These commands also have a--since-last
option which can be used to pull new results since the last run of the command with a particular query.
v0.2.0 - 2023-07-05
NOTE: This release is considered Beta and may be subject to change.
Features and Enhancements
Parse additional C2 configuration values.
Adjust command names to be under the
groupib.ti
namespace.Update required permission to
power-ups.groupib.ti.user
.Add
groupib.ti.iocs.search
command.Add
groupib.ti.vulns.search
command.Add
groupib.ti.threat.reports.search
command.
Bugfixes
Fix an issue where the
risk:tool:software:tag
property was not set.
v0.1.0 - 2023-05-23
NOTE: This release is considered Beta and may be subject to change.
Features and Enhancements
Initial beta release of the
Synapse-Group-IB
Power-Up