MISP Warning Lists version 2024110800 released

Release Notes for MISP-WarningLists

November 2024 Update

New Additions and Changes:

• Zscaler Source Update:

  • Added the missing script for Zscaler source generation, enhancing the capability to maintain updated and comprehensive warning lists. [Commit: 192534d]

• Apple IP Ranges Update:

  • Updated the Apple IP ranges based on the latest ARIN allocation, ensuring the lists reflect the current state of Apple’s network allocations. Contributed by Xiufeng Guo. [Commits: 94fdbfd, 934175c]

• Living Off Trusted Sites (LOTS) Project:

  • Integrated domains from the “Living Off Trusted Sites” project, expanding the warning lists to cover domains that could potentially be leveraged for trusted-based attacks. Initial work contributed by Goodlandsecurity. [Commits: 3f38437, ae6ad98, fc55112]

• General Updates:

  • Multiple updates and improvements to various warning lists were made to ensure the data remains relevant and effective. [Commits: 018f958, bfbb9a8]

• Blogpost Link Update:

  • Adjustments made to blogpost links to maintain up-to-date references for associated resources. [Commit: dfef76d]

Contributors:

• Alexandre Dulaunoy
• Xiufeng Guo
• Goodlandsecurity
• Karen Yousefi
• Thanat0s

These updates reflect ongoing efforts to maintain and enhance the MISP warning lists, providing better threat intelligence and context for users.

Notes about the release

Starting with this release, misp-warning-lists will be tagged using the %Y%m%d00 format for each new version. This change enables users to easily verify whether they are using the latest release. The versioning is now independent of the MISP core software, as the project is also utilized as a standalone tool in various other applications.