Version 6.3.5

Enhancements:

• #2720 [CISA KEV]: Do not republish all the content at each execution
• #2708 [GreyNoise Vuln] Add new GreyNoise Vulnerability internal enrichment connector
• #2623 [Group IB] improvements
• #2574 [Recorded Future] Integrate the code for Alerts into the connector

Bug Fixes:

• #2683 [crowdstrike] Push queue message size incorrectly set to 0, disabling buffering/throttling of ingestion

Pull Requests:

• Remove MSSP name by @akhanafeer in #2719
• Update dependency pandas to v2.2.3 by @renovate in #2724
• Update dependency stix-shifter-modules-splunk to v7.1.1 by @renovate in #2726
• Update dependency stix-shifter-utils to v7.1.1 by @renovate in #2728
• Update dependency boto3 to v1.35.29 by @renovate in #2736
• Update dependency boto3 to v1.35.30 by @renovate in #2738
• [greynoise-vuln] Add new GreyNoise Vulnerability internal enrichment connector (v2) by @bradchiappetta in #2740
• [Group-IB Connector] bug fixes, code updates, ttl + Improvements 2623 by @uTomasAnderson in #2741
• fixed threatfox doc by @brett-fitz in #2739
• [Crowdstrike] Improve connector and indicators ingestion by @helene-nguyen in #2742
• Update dependency pycti to v6.3.4 by @renovate in #2744
• Update dependency boto3 to v1.35.31 by @renovate in #2745
• [Greynoise Vuln] Add greynoise-vuln enrichment connector in CI/CD by @helene-nguyen in #2743
• [CISA KEV]: Do not republish all the content at each execution by @romain-filigran in #2737
• Update dependency boto3 to v1.35.32 by @renovate in #2752
• [Recorded Future] RF Integrate the code for Alerts and Playbook Alerts into the connector by @helene-nguyen in #2758
• Update dependency boto3 to v1.35.33 by @renovate in #2757

Full Changelog: 6.3.4...6.3.5

Version 6.3.4

Enhancements:

• #2725 [Alienvault, CrowdStrike, Phishunt, ThreatFox, URLHaus] added the ability to set x_opencti_score for select connectors

Bug Fixes:

• #2702 Tanium connector broken
• #2675 [Intel471] Files attached with no extension

Pull Requests:

• [Intel 471] Adding attachments extensions by @mmolenda in #2695
• Update dependency google-api-python-client to v2.147.0 by @renovate in #2705
• Update dependency stix-shifter to v7.1.1 by @renovate in #2710
• Update dependency reversinglabs-sdk-py3 to v2.7.0 by @renovate in #2709
• Update opencti/connector-import-file-misp Docker tag to v6.3.3 by @renovate in #2712
• Update opencti/connector-first-epss Docker tag to v6.3.3 by @renovate in #2711
• Update opencti/connector-shadowtrackr Docker tag to v6.3.3 by @renovate in #2714
• [Tanium] fix : wrong argument name when calling pycti method by @flavienSindou in #2703
• Update dependency boto3 to v1.35.28 by @renovate in #2715
• Update dependency elasticsearch to v7.17.12 by @renovate in #2717
• [Alienvault, CrowdStrike, Phishunt, ThreatFox, URLHaus] added the ability to set x_opencti_score for select connectors by @brett-fitz in #2554
• Fix configuration issues by @akhanafeer in #2718

New Contributors:

• @flavienSindou made their first contribution in #2703
• @akhanafeer made their first contribution in #2718

Full Changelog: 6.3.3...6.3.4

Version 6.2.19

No changelog for this release.

Full Changelog: 6.2.18...6.2.19

Version 6.3.3

Bug Fixes:

• #2697 [CrowdStrike] Fix KeyError in CrowdStrike processing
• #2688 Columns in the MITRE ATT&CK kill chain are out of order
• #2667 [urlscan] Connector issues around getting data since last run and configured interval
• #2603 [CrowdStrike TIP] "'FetchedReport' object is not subscriptable" error on Indicator
• #2589 MITRE datasets, filter unsupported types to avoid errors in ingestion works

Pull Requests:

• [urlscan] Resolves GH-2667 by @brett-fitz in #2668
• Update dependency google-api-python-client to v2.146.0 by @renovate in #2669
• Update dependency pydantic to v2.9.2 by @renovate in #2670
• [Fix Pydantic version] Revert "Update dependency pydantic to v2.9.2 (#2670)" by @helene-nguyen in #2684
• Update dependency google-auth to v2.35.0 by @renovate in #2681
• fix(Sekoia): Prevent adding multiple times Sekoia.io as reference by @Darkheir in #2682
• [greynoise-feed] fix feed queries to match documentation by @bradchiappetta in #2685
• Added ShadowTrackr connector by @basvanschaik in #2593
• [Shodan] Save results to note by @annoyingapt in #2636
• [CrowdStrike] Fix KeyError in CrowdStrike processing by @initstring in #2689
• [Crowdstrike] Fix "'FetchedReport' not subscriptable" errors by @Powlinett in #2676

New Contributors:

• @basvanschaik made their first contribution in #2593
• @initstring made their first contribution in #2689

Full Changelog: 6.3.1...6.3.3

Version 6.3.1

No changelog for this release.

Pull Requests:

• Update dependency boto3 to v1.35.20 by @renovate in #2660
• Update dependency vt-py to v0.18.4 by @renovate in #2661

Full Changelog: 6.3.0...6.3.1

Version 6.3.0

Enhancements:

• #2648 [QRadar Connector : Must create different reference sets for each hash type in case of files]
• #2638 [isort] isort version needs to be updated in .pre-commit-config.yaml
• #2351 Improve Ransomware Live connector
• #2089 [CISA KEV] Be able to run the connector on an interval shorter than 1 day
• #1866 [import-external-reference] Refactor the connector, enhance PDF / markdown generation
• #1791 [IPinfo] Create an observable-to-country relationship for country-based victimology

Bug Fixes:

• #2654 [urlscan] Indicators are missing created_by_ref
• #2647 [CrowdStrike] CrowdStrike connector internal error: a bytes-like object is required, not 'dict'
• #2642 [urlscan] Failed: pydantic:parse_raw_as has been removed in V2.
• #2631 [QRadar Connector : Does not send all hashes in STIX pattern to QRadar]
• #2618 [Jira] Bug custom_fields is not defined
• #2595 [Intel471] incorrect indicator names

Pull Requests:

• Update dependency stix-shifter-modules-splunk to v7.1.0 by @renovate in #2596
• Update dependency stix-shifter-utils to v7.1.0 by @renovate in #2597
• Update dependency boto3 to v1.35.11 by @renovate in #2599
• [FIRST EPSS] Create playbook compatible internal enrichment connector by @Powlinett in #2550
• Update dependency pycti to v6.2.18 by @renovate in #2601
• EPSS FIRST Documentation update by @romain-filigran in #2607
• Update dependency google-api-python-client to v2.144.0 by @renovate in #2608
• Update dependency boto3 to v1.35.13 by @renovate in #2610
• Update dependency pycti to v6.2.18 by @renovate in #2611
• Sets 100% as the maximum width of images when converting to html before to be exported in PDF by @romain-filigran in #2588
• Update dependency boto3 to v1.35.14 by @renovate in #2613
• Update README.md by @damians-filigran in #2604
• [REVERSINGLABS] New connector by @DinkoReversingLabs in #2602
• Added IOC upload by @pietrocapece in #2586
• Update dependency pycti to v6.2.18 by @renovate in #2614
• Update dependency reversinglabs-sdk-py3 to v2.6.4 by @renovate in #2615
• Update FIRST EPSS docker-compose.yml by @romain-filigran in #2617
• Update dependency boto3 to v1.35.15 by @renovate in #2622
• [Sekoia/Crowdstrike/Mandiant/AlienVault/RecordedFuture/CisaKEV] Modification on connector to use the new pycti connector helper scheduler by @helene-nguyen in #2459
• Update dependency google-api-python-client to v2.145.0 by @renovate in #2628
• Update dependency pytz to v2024.2 by @renovate in #2632
• Update dependency boto3 to v1.35.16 by @renovate in #2633
• Update dependency pytest to v8.3.3 by @renovate in #2624
• Update dependency boto3 to v1.35.17 by @renovate in #2644
• Update dependency regex to v2024.9.11 by @renovate in #2643
• Create readme.md for VT by @damians-filigran in #2630
• [Jira] Fix custom_fields is not defined by @Megafredo in #2619
• [Shodan] Add to readme by @Megafredo in #2635
• [urlscan] added x_opencti_score configurability for default, domain-name, and url + resolves GH-2642 by @brett-fitz in #2627
• Change flashpoint misp endpoint from http to https by @WolfByttner in #2656
• [urlscan] fix missing created_by_ref for indicators GH-2654 by @brett-fitz in #2655
• Update dependency Titan-Client to v1.20.0.2 by @renovate in #2651
• Update dependency playwright to v1.47.0 by @renovate in #2650
• [connector] update isort version by @Powlinett in #2639
• Update dependency boto3 to v1.35.19 by @renovate in #2658
• Update dependency idna to v3.9 by @renovate in #2657
• [Intel 471] Improving indicators names (#2595) by @mmolenda in #2652
• [feedly] Use content for reports intsead of creating notes by @Mathieu4141 in #2641
• [IPInfo] Adding ASN, privacy and country details by @annoyingapt in #2629
• [ZeroFox] add created_by_ref and opencti_observable_main_type to stix objects by @DNRRomero in #2625
• [Crowdstrike] Fix error bytes-like object is required, and fix error logger by @Megafredo in #2653
• Update dependency idna to v3.10 by @renovate in #2659

New Contributors:

• @Powlinett made their first contribution in #2550
• @pietrocapece made their first contribution in #2586
• @brett-fitz made their first contribution in #2627
• @WolfByttner made their first contribution in #2656

Full Changelog: 6.2.18...6.3.0

Version 6.2.18

No changelog for this release.

Pull Requests:

• Update dependency pycti to v6.2.17 by @renovate in #2582

Full Changelog: 6.2.17...6.2.18

Version 6.2.17

Bug Fixes:

• #2580 [Mandiant] Fail to parse if end_epoch is None
• #2577 [Mandiant] In some cases, the connector crashes when handline None reports
• #2573 [Mandiant] Epoch / state can be set in the future, leading the connector to not work
• #2564 [GroupIB] Fix groupib docker compose

Pull Requests:

• [GroupIB] Fix groupib docker compose by @helene-nguyen in #2565
• Update dependency stix-shifter-utils to v7.0.12 by @renovate in #2566
• Fix anyrun_feed.py by @sari3l in #2562
• Update dependency google-api-core to v2.19.2 by @renovate in #2560
• Update dependency certifi to v2024.8.30 by @renovate in #2567
• Update opencti/connector-cofense Docker tag to v6.2.17 by @renovate in #2576
• [Mandiant] Fix fail to parse if end_epoch is None by @Megafredo in #2581
• Update dependency boto3 to v1.35.9 by @renovate in #2575

New Contributors:

• @sari3l made their first contribution in #2562

Full Changelog: 6.2.16...6.2.17

Version 6.2.16

Enhancements:

• #2558 [greynoisefeed] Update indicators to include additional attributes and formatting from enricher
• #2539 [GroupIB] NEW Create new GroupIB connector
• #2522 [Cofense] Create Cofense connector
• #2027 Update templates for Community to have proper guidelines to create/update connectors

Bug Fixes:

• #2559 [mwdb] Fixed error when tags not present, added except
• #2544 [RiskIQ] Attack-pattern tag format has changed
• #2543 [RiskIQ] attack-pattern id generation is incomplete
• #2535 [jira] Incorrect connector Dockerfile path
• #2532 [Malpedia] Rate limite Error
• #2531 [Mandiant] reports not created since August 4
• #2507 [import-document,import-file-stix] Support running as an arbitrary user (OpenShift Container Platform)

Pull Requests:

• [import-document,import-file-stix] Changes in Dockerfile to resolve #2507 by @leitosama in #2508
• Update dependency boto3 to v1.35.5 by @renovate in #2519
• Update dependency stix-shifter-modules-splunk to v7.0.12 by @renovate in #2520
• [connector] Float values are not exported on csv (#7951) by @ValentinBouzinFiligran in #2521
• Update dependency idna to v3.8 by @renovate in #2525
• Update opencti/connector-google-safebrowsing Docker tag to v6.2.15 by @renovate in #2526
• Fix #2507 for import-file-stix image by @leitosama in #2529
• Updated World Watch import for their new api + refactoring by @cert-orangecyberdefense in #2470
• Update README.md from Partner by @Jipegien in #2542
• [RiskIQ] Fix handling of attack-pattern tag by @debelyoo in #2545
• Update dependency PyGithub to v2.4.0 by @renovate in #2537
• [Malpedia] Better manage rate limit by @Megafredo in #2533
• [Mandiant] Send bundle for each report and its context by @helene-nguyen in #2536
• [Templates] Rework templates by @helene-nguyen in #2512
• Update dependency googleapis-common-protos to v1.65.0 by @renovate in #2538
• [Cofense] NEW Cofense connector from Cofense by @helene-nguyen in #2524
• [Cofense] Fix entrypoint by @helene-nguyen in #2553
• [greynoisefeed] Update indicators to include additional attributes and formatting from enricher by @bradchiappetta in #2555
• Update dependency boto3 to v1.35.8 by @renovate in #2552
• Update dependency cofense-intelligence to v5.2.0 by @renovate in #2551
• [Group-IB Connector] download feeds from TI convert to STIX objects a… by @uTomasAnderson in #2534
• Fixed error when tags not present, added except by @XGREENi3 in #2509

New Contributors:

• @leitosama made their first contribution in #2508
• @uTomasAnderson made their first contribution in #2534
• @XGREENi3 made their first contribution in #2509

Full Changelog: 6.2.15...6.2.16

Version 6.2.15

Enhancements:

• #2515 [Safebrowsing] Add connector to Circle CI

Bug Fixes:

• #2517 [CrowdStrike] "KeyError" when importing a report
• #2479 [Sekoia] Reports ingested with attachments without extension (pdf_report)

Pull Requests:

• [Sekoia] Fix extension and fix related_objects by @Megafredo in #2497
• Update dependency boto3 to v1.35.2 by @renovate in #2506
• Update dependency google-api-python-client to v2.142.0 by @renovate in #2510
• Update dependency nltk to v3.9 [SECURITY] by @renovate in #2511
• [Safebrowsing] Add connector to Circle CI by @Megafredo in #2516
• Update dependency nltk to v3.9.1 by @renovate in #2513
• Update dependency stix-shifter to v7.0.12 by @renovate in #2514
• [CrowdStrike] Fix KeyError for missing 'description' in report by @Megafredo in #2518

Full Changelog: 6.2.14...6.2.15