MISP 2.4.176 released with various improvements and bugs fixed.

September 15, 2023

MISP 2.4.176 released with various improvements and bugs fixed. This version also includes major improvements in the misp-stix library especially on the storing relationships and the description of relationships in the MISP standard format.

Improvements

  • [logs] add time based filter. Quite useful when you have a large set of logs.
  • [audit] add last password change timestamp for users.
  • [UI] show which attributes/objects are new and awaiting publication still.
  • [console:TrainingShell] Added deleteAllSyncs function.
  • [feeds] add Ellio threat list.

Bugs fixed

  • [internal] improved parameter parsing.
  • Properly filter out query parameters.
  • Method call on null.
  • Fixed invalid ordering errors.
  • Do not require jobId for AdminShell jobGenerateCorrelation, create a new job if jobId is null. fixes #9206.
  • [dashboard:organisationMapWidget] Do not require the config to have start and end date.
  • [restSearch] exact match for values starting with %, fixes #9258.
  • Unable to enrich individual shadow attribute.
  • Unable to enrich individual attribute, fixes #9267.
  • [stix2 import] Fixed debugging message for errors and warnings when the debug option is set.
  • Unable to enrich individual shadow attribute.
  • Unable to enrich individual attribute, fixes #9267.
  • Disable submodule update section when MISP.self_update is disabled, to allow not carrying git dependencies in docker.

misp-objects updates

misp-galaxy updates

  • Update of target sectors in threat-actor database. This now includes the known target sectors as meta.
  • Various updates to the threat-actor database.

misp-warning-lists updates

misp-modules

  • Fix the url of the VirusTotal collection in the VirusTotal expansion module.

PyMISP

Don’t forget to follow us on Mastodon

The MISP projet has its own Mastodon server misp-community.org - don’t forget to follow @misp@misp-community.org on the fediverse. Core contributors of MISP can sign-up if they wish to have an account.

Training video

The latest video of MISP Training - Advanced, Developer session, from API to MISP internals is now available on YouTube.

MISP Professional Services

MISP Professional Services (MPS) is a program handled by the lead developers of MISP Project, in order to offer highly skilled services around MISP and to support the sustainability of the MISP project. This initiative is meant to address the policy requirements of companies/organisations requiring commercial support contracts. Don’t hesitate to get in touch with us if you need specific services.