MISP v2.5.27 - released with new features and various fixes This release delivers important new modules, major internal performance optimisations, updates to validation logic, and several security fixes. A large amount of work focused on improving JSON handling, filter pipelines, encoding performance, and overall system robustness. https://lnkd.in/eQ86JHaC #opensource #cybersecurity #misp #threatintelligence #threatintel #informationsharing
MISP Project (@misp@misp-community.org )
Sécurité informatique et des réseaux
The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence.
À propos
The core team behind the MISP project is composed of motivated people who think that information sharing can be improved and supported by creating practical open source tools, open format and practises. The governance of the project is lead by the core team who think that doing open source software to support information sharing is the key.
- Site web
-
http://www.misp-project.org/
Lien externe pour MISP Project (@misp@misp-community.org )
- Secteur
- Sécurité informatique et des réseaux
- Taille de l’entreprise
- 11-50 employés
- Siège social
- Luxembourg
- Type
- Non lucratif
- Fondée en
- 2012
Lieux
-
Principal
Obtenir l’itinéraire
Luxembourg, LU
Employés chez MISP Project (@misp@misp-community.org )
Nouvelles
-
MISP Project (@misp@misp-community.org ) a republié ceci
I've been meaning to get on this new-fangled "video" technology to talk about CTI concepts for two years now - finally found the right workflow with the great help of 📓 Tash Postolovski.
There are three essential features in MISP that can prevent benign false positive IoCs from causing chaos in your SIEM, SOAR platform, or security controls. In this video from Cosive's CTO & co-founder Chris Horsley we use the example of public DNS resolvers like Cloudflare and Google’s, common in intel reports but absolutely not malicious. You’ll learn: 1. How the IDS flag works in MISP and why it determines whether an IOC should be detected or blocked 2. How to use Warning Lists to avoid triggering alerts on known safe infrastructure 3. How to mark false positives with sightings so they don’t keep resurfacing in your workflows If you’re ingesting large volumes of threat intel, these techniques will save you time, prevent noisy alerts, and stop you from accidentally blocking benign services your organisation relies on. 🔔 Follow us here on LinkedIn for more #MISP tips and tutorials like this one. #ThreatIntelligence #CTI #ThreatIntel #SOC #SecurityOperations
-
MISP Project (@misp@misp-community.org ) a republié ceci
It was a privilege to represent the Centre for Cybersecurity Belgium (CCB) during Singapore Cyber Week and the Counter Ransomware Initiative Summit. Grateful for the opportunity to engage in bilateral discussions with many global partners on ransomware, phishing, and spam. The challenge remains immense — but together, we have to make a difference. 👉 Let’s share more actionable information on ransomware to strengthen our collective response and build global trust. A sincere thank you to Singapore for hosting, and to Lithuania for continuing the important work of promoting MISP as a tool for secure information exchange. We will do our best to host another MISP workshop, as we did last year — bringing together over 30 different countries to strengthen collaboration and technical trust.
-
-
MISP v2.5.26 released with performance improvements and interoperability fixes. This release brings new features focused on performance improvements, logging enhancements, and data standardisation with the introduction of the UUID attribute type. It also includes several important bug fixes and dependency updates. #misp #cti #threatintelligence #cybersecurity #opensource OASIS CIRCL (Computer Incident Response Center Luxembourg) 🔗 https://lnkd.in/eGVfmxRf
-
MISP Project (@misp@misp-community.org ) a republié ceci
Today we’re going to take a look at one of the coolest features in MISP, hiding in plain sight. From the MISP home screen, click Periodic Summary. This view gives you a quick understanding of what’s been happening in your instance: How many events came in this week? How many attributes? How many objects? You can even visualise it further. Just click 'View this report in MISP'. From there, you’ll get breakdowns by MITRE ATT&CK, TLP levels, and you can jump straight into related event reports. It’s a really handy way to get insight into what you’re actually ingesting. Because for many of us, we’re pulling in a lot of feeds… but we don’t always know what we’re sitting on. This feature helps surface exactly what’s come in over the last week and what it means. There’s even a Countermeasures section at the bottom that suggests what you should be doing based on the MITRE ATT&CK techniques you’re seeing. 🔔 If you found this useful, we share helpful MISP tips almost every week here on the Cosive LinkedIn page, so make sure to follow us for more tips like this one.
-
Major Update to MISP Modules v3.0.3 Release Notes (2025-11-19) * Nextcloud Talk Action Module: A new action module has been added to integrate with Nextcloud Talk, developed during the 2025 hackathon.lu. * Any.Run Sandbox Integration: Implemented sandbox import and expansion modules, including an API wrapper, for enhanced integration with Any.Run. * AssemblyLine Module Updates & Refactor: Enhanced the `AssemblyLine` module with a new API wrapper for improved authentication, submission handling, query management, and error handling. * OpenAPI Interface and Swagger UI: Added functionality to expose the OpenAPI specification and Swagger UI for the `misp-modules` service, improving API discoverability. * Rapid7 AttackerKB CVE Lookup Module: Integrated a new expansion module for looking up CVE information using Rapid7 AttackerKB. * SophosLabs Intelix Update: Fixed template issues, improved readability, and added region support to the SophosLabs Intelix Expansion module. * CrowdStrike Falcon Metadata Capture: Added basic metadata capture for the Falcon expansion module. 🔗 https://lnkd.in/e_sHSGPm ANY.RUN CrowdStrike Sophos Rapid7 #opensource #threatintelligence #threatintel #misp
-
MISP Project (@misp@misp-community.org ) a republié ceci
Lead of Threat Research Centre @ CCB/CyTRIS | #FOR578: CTI SANS Instructor | Co-Author and Domain Leaad @ CTI-CMM | Curated Intelligence member
Well, this could be interesting to share observations in Europe with all the drones hovering our airports and other places these days... Kudos MISP Project (@misp@misp-community.org ) and the contributors Enes Ayata Paul Jung and Bilal Khan!
The MISP Galaxy now includes an updated knowledge base of UAVs and drones covering both civilian and military models. It comes with detailed attributes such as manufacturer, cost, and technical specs. You can now easily classify, model, and share UAV-related observations directly in MISP. 🔗 MISP UAVs overview - https://lnkd.in/eapkTNJS Thanks to @Thanat0s@mastodon.social for the huge contribution. #misp #threatintel #threatintelligence #uav #military #intelligence #drones #drone
-
MISP v2.5.25 introduces a security fix, significant performance improvements for REST searches, new default feeds, and several important bug fixes. #misp #opensource #cybersecurity #threatintelligence 🔗 https://lnkd.in/e6FzcHFi
-
MISP Project (@misp@misp-community.org ) a republié ceci
🚀 Nouvelle étape pour hideNseek LAB : nous rejoignons l'écosystème MISP ! MISP Project (@misp@misp-community.org ) Après plusieurs semaines de travail, nos feeds 🇫🇷 IOC sont désormais disponibles dans MISP Threat Sharing, la référence open-source pour le partage d'indicateurs de compromission. Ce que cela vous apporte : 🔓 Accès gratuit à nos 3 formats de feeds CTI 📈 Données fraîches : IoCs issus de nos honeypots déployés globalement 🤖 Enrichissement IA : contextualisation automatique des menaces ⚡ Mise à jour quotidienne : 23h UTC Formats disponibles : ✅ JSON (AI-enriched data) ✅ CSV (20+ colonnes) ✅ TXT (IP blocklist) Cette intégration marque notre engagement envers la communauté cybersécurité et l'open-source de la Threat Intelligence. Nos feeds sont aussi accessibles dès maintenant sur data.hidenseek.dev 🔗 Vous utilisez déjà MISP dans votre SOC ? Partagez votre expérience en commentaire 👇 #CTI #MISP #ThreatIntelligence #Cybersécurité #OpenSource #SOC #Honeypot #CyberFR
-
MISP Project (@misp@misp-community.org ) a republié ceci
Flowintel release version 2.2.1 with changes and fixes - Markdown support in descriptions for cases, tasks, and templates - New button to view finished tasks - Added a safe installer version - Multiple bug fixes and improvements #opensource #cybersecurity #threatintelligence #threatintel #flowintel https://lnkd.in/egYM936K Thanks to David Cruciani and Koen Van Impe for the hard work! MISP Project (@misp@misp-community.org )