Releases: OpenCTI-Platform/connectors
Releases · OpenCTI-Platform/connectors
Version 6.3.6
Enhancements:
- #2768 [ransomwarelive] Create predictive ids to prevent stix ids location explosion
- #2716 [Bit Defender] - New connector request
Bug Fixes:
- #2780 [ZeroFox] Entity mapping is sometimes inadequately structured
- #2779 [CrowdStrike] On "uses" relationships, the connector is generating too much STIX IDs and different start time
- #2753 [ImportExternalReference] BleepingComputer not importable due to Cloudflare protection
- #2748 [Import Document] Changing type of multiple observables in workbench removes an observable
- #2713 [Virustotal] Error when enriching certain entities
- #2671 [VirusTotal] "TypeError: can only concatenate str (not "NoneType") to str" error on certain results
Pull Requests:
- Update opencti/connector-greynoise-vuln Docker tag to v6.3.5 by @renovate in #2762
- [ZeroFox] fix ordering in intelligence collector by @DNRRomero in #2751
- Update dependency boto3 to v1.35.34 - autoclosed by @renovate in #2763
- Update dependency boto3 to v1.35.35 by @renovate in #2771
- Update dependency google-api-python-client to v2.148.0 by @renovate in #2770
- Update dependency boto3 to v1.35.36 by @renovate in #2774
- [ransomwarelive] Create predictive ids to prevent stix ids location explosion (#2768) by @richard-julien in #2769
- [importExternalReference] Bypasses certain security measures when generating a PDF or MD by @Megafredo in #2761
- [VirusTotal] Fix TypeError: can only concatenate str (not NoneType) to str by @Megafredo in #2766
- Update dependency google-api-core to v2.21.0 by @renovate in #2776
- [Sentinel] Split former Sentinel connector into two new connectors (external import and stream) by @Powlinett in #2749
- Update dependency domaintools-api to v2.1.0 by @renovate in #2783
- Update dependency boto3 to v1.35.39 by @renovate in #2784
- Update dependency reversinglabs-sdk-py3 to v2.7.1 by @renovate in #2788
- Update dependency pycti to v6.3.5 by @renovate in #2787
- [ZeroFox] Format intelligence objects by @DNRRomero in #2789
- [ Webhook Stream ] - Correct CONNECTOR_SCOPE by @stefanbulof in #2775
New Contributors:
- @stefanbulof made their first contribution in #2775
Full Changelog: 6.3.5...6.3.6
Version 6.3.5
Enhancements:
- #2720 [CISA KEV]: Do not republish all the content at each execution
- #2708 [GreyNoise Vuln] Add new GreyNoise Vulnerability internal enrichment connector
- #2623 [Group IB] improvements
- #2574 [Recorded Future] Integrate the code for Alerts into the connector
Bug Fixes:
- #2683 [crowdstrike] Push queue message size incorrectly set to 0, disabling buffering/throttling of ingestion
Pull Requests:
- Remove MSSP name by @akhanafeer in #2719
- Update dependency pandas to v2.2.3 by @renovate in #2724
- Update dependency stix-shifter-modules-splunk to v7.1.1 by @renovate in #2726
- Update dependency stix-shifter-utils to v7.1.1 by @renovate in #2728
- Update dependency boto3 to v1.35.29 by @renovate in #2736
- Update dependency boto3 to v1.35.30 by @renovate in #2738
- [greynoise-vuln] Add new GreyNoise Vulnerability internal enrichment connector (v2) by @bradchiappetta in #2740
- [Group-IB Connector] bug fixes, code updates, ttl + Improvements 2623 by @uTomasAnderson in #2741
- fixed threatfox doc by @brett-fitz in #2739
- [Crowdstrike] Improve connector and indicators ingestion by @helene-nguyen in #2742
- Update dependency pycti to v6.3.4 by @renovate in #2744
- Update dependency boto3 to v1.35.31 by @renovate in #2745
- [Greynoise Vuln] Add greynoise-vuln enrichment connector in CI/CD by @helene-nguyen in #2743
- [CISA KEV]: Do not republish all the content at each execution by @romain-filigran in #2737
- Update dependency boto3 to v1.35.32 by @renovate in #2752
- [Recorded Future] RF Integrate the code for Alerts and Playbook Alerts into the connector by @helene-nguyen in #2758
- Update dependency boto3 to v1.35.33 by @renovate in #2757
Full Changelog: 6.3.4...6.3.5
Version 6.3.4
Enhancements:
- #2725 [Alienvault, CrowdStrike, Phishunt, ThreatFox, URLHaus] added the ability to set x_opencti_score for select connectors
Bug Fixes:
Pull Requests:
- [Intel 471] Adding attachments extensions by @mmolenda in #2695
- Update dependency google-api-python-client to v2.147.0 by @renovate in #2705
- Update dependency stix-shifter to v7.1.1 by @renovate in #2710
- Update dependency reversinglabs-sdk-py3 to v2.7.0 by @renovate in #2709
- Update opencti/connector-import-file-misp Docker tag to v6.3.3 by @renovate in #2712
- Update opencti/connector-first-epss Docker tag to v6.3.3 by @renovate in #2711
- Update opencti/connector-shadowtrackr Docker tag to v6.3.3 by @renovate in #2714
- [Tanium] fix : wrong argument name when calling pycti method by @flavienSindou in #2703
- Update dependency boto3 to v1.35.28 by @renovate in #2715
- Update dependency elasticsearch to v7.17.12 by @renovate in #2717
- [Alienvault, CrowdStrike, Phishunt, ThreatFox, URLHaus] added the ability to set x_opencti_score for select connectors by @brett-fitz in #2554
- Fix configuration issues by @akhanafeer in #2718
New Contributors:
- @flavienSindou made their first contribution in #2703
- @akhanafeer made their first contribution in #2718
Full Changelog: 6.3.3...6.3.4
Version 6.2.19
No changelog for this release.
Full Changelog: 6.2.18...6.2.19
Version 6.3.3
Bug Fixes:
- #2697 [CrowdStrike] Fix KeyError in CrowdStrike processing
- #2688 Columns in the MITRE ATT&CK kill chain are out of order
- #2667 [urlscan] Connector issues around getting data since last run and configured interval
- #2603 [CrowdStrike TIP] "'FetchedReport' object is not subscriptable" error on Indicator
- #2589 MITRE datasets, filter unsupported types to avoid errors in ingestion works
Pull Requests:
- [urlscan] Resolves GH-2667 by @brett-fitz in #2668
- Update dependency google-api-python-client to v2.146.0 by @renovate in #2669
- Update dependency pydantic to v2.9.2 by @renovate in #2670
- [Fix Pydantic version] Revert "Update dependency pydantic to v2.9.2 (#2670)" by @helene-nguyen in #2684
- Update dependency google-auth to v2.35.0 by @renovate in #2681
- fix(Sekoia): Prevent adding multiple times Sekoia.io as reference by @Darkheir in #2682
- [greynoise-feed] fix feed queries to match documentation by @bradchiappetta in #2685
- Added ShadowTrackr connector by @basvanschaik in #2593
- [Shodan] Save results to note by @annoyingapt in #2636
- [CrowdStrike] Fix KeyError in CrowdStrike processing by @initstring in #2689
- [Crowdstrike] Fix "'FetchedReport' not subscriptable" errors by @Powlinett in #2676
New Contributors:
- @basvanschaik made their first contribution in #2593
- @initstring made their first contribution in #2689
Full Changelog: 6.3.1...6.3.3
Version 6.3.1
No changelog for this release.
Pull Requests:
- Update dependency boto3 to v1.35.20 by @renovate in #2660
- Update dependency vt-py to v0.18.4 by @renovate in #2661
Full Changelog: 6.3.0...6.3.1
Version 6.3.0
Enhancements:
- #2648 [QRadar Connector : Must create different reference sets for each hash type in case of files]
- #2638 [isort] isort version needs to be updated in .pre-commit-config.yaml
- #2351 Improve Ransomware Live connector
- #2089 [CISA KEV] Be able to run the connector on an interval shorter than 1 day
- #1866 [import-external-reference] Refactor the connector, enhance PDF / markdown generation
- #1791 [IPinfo] Create an observable-to-country relationship for country-based victimology
Bug Fixes:
- #2654 [urlscan] Indicators are missing created_by_ref
- #2647 [CrowdStrike] CrowdStrike connector internal error: a bytes-like object is required, not 'dict'
- #2642 [urlscan] Failed:
pydantic:parse_raw_as
has been removed in V2. - #2631 [QRadar Connector : Does not send all hashes in STIX pattern to QRadar]
- #2618 [Jira] Bug custom_fields is not defined
- #2595 [Intel471] incorrect indicator names
Pull Requests:
- Update dependency stix-shifter-modules-splunk to v7.1.0 by @renovate in #2596
- Update dependency stix-shifter-utils to v7.1.0 by @renovate in #2597
- Update dependency boto3 to v1.35.11 by @renovate in #2599
- [FIRST EPSS] Create playbook compatible internal enrichment connector by @Powlinett in #2550
- Update dependency pycti to v6.2.18 by @renovate in #2601
- EPSS FIRST Documentation update by @romain-filigran in #2607
- Update dependency google-api-python-client to v2.144.0 by @renovate in #2608
- Update dependency boto3 to v1.35.13 by @renovate in #2610
- Update dependency pycti to v6.2.18 by @renovate in #2611
- Sets 100% as the maximum width of images when converting to html before to be exported in PDF by @romain-filigran in #2588
- Update dependency boto3 to v1.35.14 by @renovate in #2613
- Update README.md by @damians-filigran in #2604
- [REVERSINGLABS] New connector by @DinkoReversingLabs in #2602
- Added IOC upload by @pietrocapece in #2586
- Update dependency pycti to v6.2.18 by @renovate in #2614
- Update dependency reversinglabs-sdk-py3 to v2.6.4 by @renovate in #2615
- Update FIRST EPSS docker-compose.yml by @romain-filigran in #2617
- Update dependency boto3 to v1.35.15 by @renovate in #2622
- [Sekoia/Crowdstrike/Mandiant/AlienVault/RecordedFuture/CisaKEV] Modification on connector to use the new pycti connector helper scheduler by @helene-nguyen in #2459
- Update dependency google-api-python-client to v2.145.0 by @renovate in #2628
- Update dependency pytz to v2024.2 by @renovate in #2632
- Update dependency boto3 to v1.35.16 by @renovate in #2633
- Update dependency pytest to v8.3.3 by @renovate in #2624
- Update dependency boto3 to v1.35.17 by @renovate in #2644
- Update dependency regex to v2024.9.11 by @renovate in #2643
- Create readme.md for VT by @damians-filigran in #2630
- [Jira] Fix custom_fields is not defined by @Megafredo in #2619
- [Shodan] Add to readme by @Megafredo in #2635
- [urlscan] added x_opencti_score configurability for default, domain-name, and url + resolves GH-2642 by @brett-fitz in #2627
- Change flashpoint misp endpoint from http to https by @WolfByttner in #2656
- [urlscan] fix missing created_by_ref for indicators GH-2654 by @brett-fitz in #2655
- Update dependency Titan-Client to v1.20.0.2 by @renovate in #2651
- Update dependency playwright to v1.47.0 by @renovate in #2650
- [connector] update isort version by @Powlinett in #2639
- Update dependency boto3 to v1.35.19 by @renovate in #2658
- Update dependency idna to v3.9 by @renovate in #2657
- [Intel 471] Improving indicators names (#2595) by @mmolenda in #2652
- [feedly] Use content for reports intsead of creating notes by @Mathieu4141 in #2641
- [IPInfo] Adding ASN, privacy and country details by @annoyingapt in #2629
- [ZeroFox] add created_by_ref and opencti_observable_main_type to stix objects by @DNRRomero in #2625
- [Crowdstrike] Fix error bytes-like object is required, and fix error logger by @Megafredo in #2653
- Update dependency idna to v3.10 by @renovate in #2659
New Contributors:
- @Powlinett made their first contribution in #2550
- @pietrocapece made their first contribution in #2586
- @brett-fitz made their first contribution in #2627
- @WolfByttner made their first contribution in #2656
Full Changelog: 6.2.18...6.3.0
Version 6.2.18
Version 6.2.17
Bug Fixes:
- #2580 [Mandiant] Fail to parse if end_epoch is None
- #2577 [Mandiant] In some cases, the connector crashes when handline None reports
- #2573 [Mandiant] Epoch / state can be set in the future, leading the connector to not work
- #2564 [GroupIB] Fix groupib docker compose
Pull Requests:
- [GroupIB] Fix groupib docker compose by @helene-nguyen in #2565
- Update dependency stix-shifter-utils to v7.0.12 by @renovate in #2566
- Fix anyrun_feed.py by @sari3l in #2562
- Update dependency google-api-core to v2.19.2 by @renovate in #2560
- Update dependency certifi to v2024.8.30 by @renovate in #2567
- Update opencti/connector-cofense Docker tag to v6.2.17 by @renovate in #2576
- [Mandiant] Fix fail to parse if end_epoch is None by @Megafredo in #2581
- Update dependency boto3 to v1.35.9 by @renovate in #2575
New Contributors:
Full Changelog: 6.2.16...6.2.17
Version 6.2.16
Enhancements:
- #2558 [greynoisefeed] Update indicators to include additional attributes and formatting from enricher
- #2539 [GroupIB] NEW Create new GroupIB connector
- #2522 [Cofense] Create Cofense connector
- #2027 Update templates for Community to have proper guidelines to create/update connectors
Bug Fixes:
- #2559 [mwdb] Fixed error when tags not present, added except
- #2544 [RiskIQ] Attack-pattern tag format has changed
- #2543 [RiskIQ] attack-pattern id generation is incomplete
- #2535 [jira] Incorrect connector Dockerfile path
- #2532 [Malpedia] Rate limite Error
- #2531 [Mandiant] reports not created since August 4
- #2507 [import-document,import-file-stix] Support running as an arbitrary user (OpenShift Container Platform)
Pull Requests:
- [import-document,import-file-stix] Changes in Dockerfile to resolve #2507 by @leitosama in #2508
- Update dependency boto3 to v1.35.5 by @renovate in #2519
- Update dependency stix-shifter-modules-splunk to v7.0.12 by @renovate in #2520
- [connector] Float values are not exported on csv (#7951) by @ValentinBouzinFiligran in #2521
- Update dependency idna to v3.8 by @renovate in #2525
- Update opencti/connector-google-safebrowsing Docker tag to v6.2.15 by @renovate in #2526
- Fix #2507 for import-file-stix image by @leitosama in #2529
- Updated World Watch import for their new api + refactoring by @cert-orangecyberdefense in #2470
- Update README.md from Partner by @Jipegien in #2542
- [RiskIQ] Fix handling of attack-pattern tag by @debelyoo in #2545
- Update dependency PyGithub to v2.4.0 by @renovate in #2537
- [Malpedia] Better manage rate limit by @Megafredo in #2533
- [Mandiant] Send bundle for each report and its context by @helene-nguyen in #2536
- [Templates] Rework templates by @helene-nguyen in #2512
- Update dependency googleapis-common-protos to v1.65.0 by @renovate in #2538
- [Cofense] NEW Cofense connector from Cofense by @helene-nguyen in #2524
- [Cofense] Fix entrypoint by @helene-nguyen in #2553
- [greynoisefeed] Update indicators to include additional attributes and formatting from enricher by @bradchiappetta in #2555
- Update dependency boto3 to v1.35.8 by @renovate in #2552
- Update dependency cofense-intelligence to v5.2.0 by @renovate in #2551
- [Group-IB Connector] download feeds from TI convert to STIX objects a… by @uTomasAnderson in #2534
- Fixed error when tags not present, added except by @XGREENi3 in #2509
New Contributors:
- @leitosama made their first contribution in #2508
- @uTomasAnderson made their first contribution in #2534
- @XGREENi3 made their first contribution in #2509
Full Changelog: 6.2.15...6.2.16