There are many different motivations for wanting to know about current hacking attacks. Examples include discovering problems in your own supply chain, finding out about the latest activities of hacker groups, being able to categorise risks in your own industry or region, etc.
Property | Data type | Comment |
target_sectors | list of strings | A list of sectors that were mentioned in the source document, e.g. ["financial", "internet", "telecom"] |
summary | string | A short summary of the document. |
victim_names | list of strings | A list organisation names that were mentioned as victims in the source document, e.g. [“Acme Inc.“] |
references | List of URLs | The URLs which are mentioned in the original source. |
publishing_company | string | The name of the organisation which has published this hacking attack document. |
target_geographies | list of strings | A list geographic names that were mentioned in the source document, e.g. ["Vietnam", "Russia", "Brazil", "Spain", "US"] |
groups | list of strings | A list adversarial group names that were mentioned in the source document, e.g. ["APT29”] |
version_info | string | The information about the actual document version given in the source document. |
classification | string | In this case it is always “Hacking Attack” |
title | string | The title of the source document. |
tools | list of strings | A list of tools that were mentioned in the source document, e.g. ["command center"] |
url | URL | The URL of the source document. |
cves | list of strings | All mentioned CVE IDs from the source document. |
campaigns | list of strings | A list of campaigns that were mentioned in the source document, e.g. ["operation dracula"] |
scraped_date | datetime string (ISO 8601 standard) | The date when the source document was scraped. The data type is an standard for representing date and time in a machine-readable format. This format includes: Date: 2024-06-29 (Year-Month-Day) Time: T00:00:00 (Hour:Minute:Second) Time Zone Offset: +00:00 (UTC offset) Example: "2024-06-29T00:00:00+00:00" |
last_updated_date | datetime string (ISO 8601 standard) | The date when the source document was last updated. The data type is an standard for representing date and time in a machine-readable format. This format includes: Date: 2024-06-29 (Year-Month-Day) Time: T00:00:00 (Hour:Minute:Second) Time Zone Offset: +00:00 (UTC offset) Example: "2024-06-29T00:00:00+00:00" |
published_date | datetime string (ISO 8601 standard) | The date when the source document was published. The data type is an standard for representing date and time in a machine-readable format. This format includes: Date: 2024-06-29 (Year-Month-Day) Time: T00:00:00 (Hour:Minute:Second) Time Zone Offset: +00:00 (UTC offset) Example: "2024-06-29T00:00:00+00:00" |
botnets | list of strings | A list of botnets that were mentioned in the source document, e.g. ["botnet 1"] |
Hacking attack nodes can have relations to:
CVE nodes
Software nodes
Group nodes
Campaign nodes