MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more.

Posted 22 Dec 2021 by

MISP 2.4.152 released

MISP 2.4.152 released with timeline improvements, optional filtering on sync, LinOTP improvements and more.

The LinOTP authentication module has been improved to include a mixed mode where both OTP and MISP’s usual password authentication can be used together.

The timelining has been improved in several ways, such as the inclusion of images from objects, as well as various improvements in the timeline’s sighting view. Several bugs were affecting this feature have also been fixed.

A new optional synchronisation filtering has been added to allow for the removal of specific attribute or object types when syncing. The functionality is meant to be used by the final recipient organisations of a synchronisation chain, in order to filter out specific types of information due to legal or specific internal policies. The filtering feature is disabled by default and needs to be enabled in the general configuration. This feature is for ISACs or consumer organisations, not redistributing information to other MISP communities.

A new STIX 1 and 2 export for attribute restSearch has been added in complement to the existing event export in STIX 1 and 2. The export works just like the other event level STIX export, all you need to do is specify the given STIX format as the return type when querying the attribute restSearch endpoint.

Many internal improvements and bugs fixed.

MISP Modules

The MISP modules changelog is available.

MISP Taxonomies

MISP Taxonomies changelog is available.

MISP Galaxy

MISP Galaxy changelog

MISP Objects

  • New Concordia intrusion set object.
  • New temporal event object.
  • Many improvements in user, person, postal-address, email object.
  • New relationships added such as found-in, works-with, drives.

MISP objects changelog

Acknowledgement

We would like to thank all the contributors, reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in misp-objects, misp-taxonomies and misp-galaxy .

As always, a detailed and complete changelog is available with all the fixes, changes and improvements in MISP core.