June 15, 2023
Hello everyone!
Highlights of recent MBC developments include:
- Refined the STIX 2.1 Malware Behavior Extension, which includes new STIX domain objects for MBC objectives, behaviors, and methods.
- Added details to behavior descriptions.
- Expanded the corpus with hand-curated samples, focusing on behaviors without representative malware.
- Defined Attack Flows for Shamoon and SearchAwesome, which reference MBC behaviors.
- Defined a CACAO playbook for Locky Bart, which references MBC behaviors (will be submitted to the CACAO example repo soon).
- Continued MBC website development. The website is slated to go live in the fall.
MBC 3.0 will be released when the updated STIX 2.1 representation is finished and will include the changes outlined in recent newsletters.
Please post questions or comments in Discussions on GitHub or email us at [email protected]. We'd love to get your feedback!