Version 6.3.3

Bug Fixes:

• #2697 [CrowdStrike] Fix KeyError in CrowdStrike processing
• #2688 Columns in the MITRE ATT&CK kill chain are out of order
• #2667 [urlscan] Connector issues around getting data since last run and configured interval
• #2603 [CrowdStrike TIP] "'FetchedReport' object is not subscriptable" error on Indicator
• #2589 MITRE datasets, filter unsupported types to avoid errors in ingestion works

Pull Requests:

• [urlscan] Resolves GH-2667 by @brett-fitz in #2668
• Update dependency google-api-python-client to v2.146.0 by @renovate in #2669
• Update dependency pydantic to v2.9.2 by @renovate in #2670
• [Fix Pydantic version] Revert "Update dependency pydantic to v2.9.2 (#2670)" by @helene-nguyen in #2684
• Update dependency google-auth to v2.35.0 by @renovate in #2681
• fix(Sekoia): Prevent adding multiple times Sekoia.io as reference by @Darkheir in #2682
• [greynoise-feed] fix feed queries to match documentation by @bradchiappetta in #2685
• Added ShadowTrackr connector by @basvanschaik in #2593
• [Shodan] Save results to note by @annoyingapt in #2636
• [CrowdStrike] Fix KeyError in CrowdStrike processing by @initstring in #2689
• [Crowdstrike] Fix "'FetchedReport' not subscriptable" errors by @Powlinett in #2676

New Contributors:

• @basvanschaik made their first contribution in #2593
• @initstring made their first contribution in #2689

Full Changelog: 6.3.1...6.3.3

Version 6.3.1

No changelog for this release.

Pull Requests:

• Update dependency boto3 to v1.35.20 by @renovate in #2660
• Update dependency vt-py to v0.18.4 by @renovate in #2661

Full Changelog: 6.3.0...6.3.1

Version 6.3.0

Enhancements:

• #2648 [QRadar Connector : Must create different reference sets for each hash type in case of files]
• #2638 [isort] isort version needs to be updated in .pre-commit-config.yaml
• #2351 Improve Ransomware Live connector
• #2089 [CISA KEV] Be able to run the connector on an interval shorter than 1 day
• #1866 [import-external-reference] Refactor the connector, enhance PDF / markdown generation
• #1791 [IPinfo] Create an observable-to-country relationship for country-based victimology

Bug Fixes:

• #2654 [urlscan] Indicators are missing created_by_ref
• #2647 [CrowdStrike] CrowdStrike connector internal error: a bytes-like object is required, not 'dict'
• #2642 [urlscan] Failed: pydantic:parse_raw_as has been removed in V2.
• #2631 [QRadar Connector : Does not send all hashes in STIX pattern to QRadar]
• #2618 [Jira] Bug custom_fields is not defined
• #2595 [Intel471] incorrect indicator names

Pull Requests:

• Update dependency stix-shifter-modules-splunk to v7.1.0 by @renovate in #2596
• Update dependency stix-shifter-utils to v7.1.0 by @renovate in #2597
• Update dependency boto3 to v1.35.11 by @renovate in #2599
• [FIRST EPSS] Create playbook compatible internal enrichment connector by @Powlinett in #2550
• Update dependency pycti to v6.2.18 by @renovate in #2601
• EPSS FIRST Documentation update by @romain-filigran in #2607
• Update dependency google-api-python-client to v2.144.0 by @renovate in #2608
• Update dependency boto3 to v1.35.13 by @renovate in #2610
• Update dependency pycti to v6.2.18 by @renovate in #2611
• Sets 100% as the maximum width of images when converting to html before to be exported in PDF by @romain-filigran in #2588
• Update dependency boto3 to v1.35.14 by @renovate in #2613
• Update README.md by @damians-filigran in #2604
• [REVERSINGLABS] New connector by @DinkoReversingLabs in #2602
• Added IOC upload by @pietrocapece in #2586
• Update dependency pycti to v6.2.18 by @renovate in #2614
• Update dependency reversinglabs-sdk-py3 to v2.6.4 by @renovate in #2615
• Update FIRST EPSS docker-compose.yml by @romain-filigran in #2617
• Update dependency boto3 to v1.35.15 by @renovate in #2622
• [Sekoia/Crowdstrike/Mandiant/AlienVault/RecordedFuture/CisaKEV] Modification on connector to use the new pycti connector helper scheduler by @helene-nguyen in #2459
• Update dependency google-api-python-client to v2.145.0 by @renovate in #2628
• Update dependency pytz to v2024.2 by @renovate in #2632
• Update dependency boto3 to v1.35.16 by @renovate in #2633
• Update dependency pytest to v8.3.3 by @renovate in #2624
• Update dependency boto3 to v1.35.17 by @renovate in #2644
• Update dependency regex to v2024.9.11 by @renovate in #2643
• Create readme.md for VT by @damians-filigran in #2630
• [Jira] Fix custom_fields is not defined by @Megafredo in #2619
• [Shodan] Add to readme by @Megafredo in #2635
• [urlscan] added x_opencti_score configurability for default, domain-name, and url + resolves GH-2642 by @brett-fitz in #2627
• Change flashpoint misp endpoint from http to https by @WolfByttner in #2656
• [urlscan] fix missing created_by_ref for indicators GH-2654 by @brett-fitz in #2655
• Update dependency Titan-Client to v1.20.0.2 by @renovate in #2651
• Update dependency playwright to v1.47.0 by @renovate in #2650
• [connector] update isort version by @Powlinett in #2639
• Update dependency boto3 to v1.35.19 by @renovate in #2658
• Update dependency idna to v3.9 by @renovate in #2657
• [Intel 471] Improving indicators names (#2595) by @mmolenda in #2652
• [feedly] Use content for reports intsead of creating notes by @Mathieu4141 in #2641
• [IPInfo] Adding ASN, privacy and country details by @annoyingapt in #2629
• [ZeroFox] add created_by_ref and opencti_observable_main_type to stix objects by @DNRRomero in #2625
• [Crowdstrike] Fix error bytes-like object is required, and fix error logger by @Megafredo in #2653
• Update dependency idna to v3.10 by @renovate in #2659

New Contributors:

• @Powlinett made their first contribution in #2550
• @pietrocapece made their first contribution in #2586
• @brett-fitz made their first contribution in #2627
• @WolfByttner made their first contribution in #2656

Full Changelog: 6.2.18...6.3.0

Version 6.2.18

No changelog for this release.

Pull Requests:

• Update dependency pycti to v6.2.17 by @renovate in #2582

Full Changelog: 6.2.17...6.2.18

Version 6.2.17

Bug Fixes:

• #2580 [Mandiant] Fail to parse if end_epoch is None
• #2577 [Mandiant] In some cases, the connector crashes when handline None reports
• #2573 [Mandiant] Epoch / state can be set in the future, leading the connector to not work
• #2564 [GroupIB] Fix groupib docker compose

Pull Requests:

• [GroupIB] Fix groupib docker compose by @helene-nguyen in #2565
• Update dependency stix-shifter-utils to v7.0.12 by @renovate in #2566
• Fix anyrun_feed.py by @sari3l in #2562
• Update dependency google-api-core to v2.19.2 by @renovate in #2560
• Update dependency certifi to v2024.8.30 by @renovate in #2567
• Update opencti/connector-cofense Docker tag to v6.2.17 by @renovate in #2576
• [Mandiant] Fix fail to parse if end_epoch is None by @Megafredo in #2581
• Update dependency boto3 to v1.35.9 by @renovate in #2575

New Contributors:

• @sari3l made their first contribution in #2562

Full Changelog: 6.2.16...6.2.17

Version 6.2.16

Enhancements:

• #2558 [greynoisefeed] Update indicators to include additional attributes and formatting from enricher
• #2539 [GroupIB] NEW Create new GroupIB connector
• #2522 [Cofense] Create Cofense connector
• #2027 Update templates for Community to have proper guidelines to create/update connectors

Bug Fixes:

• #2559 [mwdb] Fixed error when tags not present, added except
• #2544 [RiskIQ] Attack-pattern tag format has changed
• #2543 [RiskIQ] attack-pattern id generation is incomplete
• #2535 [jira] Incorrect connector Dockerfile path
• #2532 [Malpedia] Rate limite Error
• #2531 [Mandiant] reports not created since August 4
• #2507 [import-document,import-file-stix] Support running as an arbitrary user (OpenShift Container Platform)

Pull Requests:

• [import-document,import-file-stix] Changes in Dockerfile to resolve #2507 by @leitosama in #2508
• Update dependency boto3 to v1.35.5 by @renovate in #2519
• Update dependency stix-shifter-modules-splunk to v7.0.12 by @renovate in #2520
• [connector] Float values are not exported on csv (#7951) by @ValentinBouzinFiligran in #2521
• Update dependency idna to v3.8 by @renovate in #2525
• Update opencti/connector-google-safebrowsing Docker tag to v6.2.15 by @renovate in #2526
• Fix #2507 for import-file-stix image by @leitosama in #2529
• Updated World Watch import for their new api + refactoring by @cert-orangecyberdefense in #2470
• Update README.md from Partner by @Jipegien in #2542
• [RiskIQ] Fix handling of attack-pattern tag by @debelyoo in #2545
• Update dependency PyGithub to v2.4.0 by @renovate in #2537
• [Malpedia] Better manage rate limit by @Megafredo in #2533
• [Mandiant] Send bundle for each report and its context by @helene-nguyen in #2536
• [Templates] Rework templates by @helene-nguyen in #2512
• Update dependency googleapis-common-protos to v1.65.0 by @renovate in #2538
• [Cofense] NEW Cofense connector from Cofense by @helene-nguyen in #2524
• [Cofense] Fix entrypoint by @helene-nguyen in #2553
• [greynoisefeed] Update indicators to include additional attributes and formatting from enricher by @bradchiappetta in #2555
• Update dependency boto3 to v1.35.8 by @renovate in #2552
• Update dependency cofense-intelligence to v5.2.0 by @renovate in #2551
• [Group-IB Connector] download feeds from TI convert to STIX objects a… by @uTomasAnderson in #2534
• Fixed error when tags not present, added except by @XGREENi3 in #2509

New Contributors:

• @leitosama made their first contribution in #2508
• @uTomasAnderson made their first contribution in #2534
• @XGREENi3 made their first contribution in #2509

Full Changelog: 6.2.15...6.2.16

Version 6.2.15

Enhancements:

• #2515 [Safebrowsing] Add connector to Circle CI

Bug Fixes:

• #2517 [CrowdStrike] "KeyError" when importing a report
• #2479 [Sekoia] Reports ingested with attachments without extension (pdf_report)

Pull Requests:

• [Sekoia] Fix extension and fix related_objects by @Megafredo in #2497
• Update dependency boto3 to v1.35.2 by @renovate in #2506
• Update dependency google-api-python-client to v2.142.0 by @renovate in #2510
• Update dependency nltk to v3.9 [SECURITY] by @renovate in #2511
• [Safebrowsing] Add connector to Circle CI by @Megafredo in #2516
• Update dependency nltk to v3.9.1 by @renovate in #2513
• Update dependency stix-shifter to v7.0.12 by @renovate in #2514
• [CrowdStrike] Fix KeyError for missing 'description' in report by @Megafredo in #2518

Full Changelog: 6.2.14...6.2.15

Version 6.2.14

Enhancements:

• #2481 [Sentinel] Need Update Readme
• #2460 Forcing Malpedia markings to Organisations requirements
• #1965 Create a splunk app

Bug Fixes:

• #2498 [Malpedia] default_marking recovery error
• #2492 [Mandiant] Handle multiple standard ID for a software when importing a report + fix state
• #1832 [virustotal-livehunt-notifications]

Pull Requests:

• Update requirements.txt for ransomwarelive by @sudesh0sudesh in #2483
• Update dependency boto3 to v1.34.162 by @renovate in #2480
• Update dependency google-api-python-client to v2.141.0 by @renovate in #2484
• [Sentinel] Update Documentation by @Megafredo in #2482
• [ZeroFox] Document collectors and add software observable to C2Domains collector by @DNRRomero in #2453
• Update cimg/python Docker tag to v3.12 by @renovate in #2485
• [Mandiant] Handle multiple standard ID for a software when importing a report + fix state when entity use epoch time by @helene-nguyen in #2493
• Update dependency google-api-core to v2.19.1 by @renovate in #2486
• Update dependency lxml to v5.3.0 by @renovate in #2487
• Update dependency requests to v2.32.3 by @renovate in #2489
• [virustotal] Enhance all notes by @SamuelHassine in #2496
• [REVERSINGLABS] New connector by @DinkoReversingLabs in #2478
• Update dependency google-auth to v2.34.0 by @renovate in #2501
• Update dependency boto3 to v1.35.0 by @renovate in #2500
• [Malpedia] Fix default_marking recovery error and update readme by @Megafredo in #2499
• Update dependency pycti to v6.2.13 by @renovate in #2504
• Update dependency simplejson to v3.19.3 by @renovate in #2505
• [VirusTotal Livehunt Notification] Fix issue on json dump by @helene-nguyen in #2503

Full Changelog: 6.2.13...6.2.14

Version 6.2.13

Bug Fixes:

• #2467 [Mandiant] Import a vulnerability report can create a lot of relationships between vulnerability and software
• #2449 [HarfangLab] Error : Failure observable created
• #2433 [VirusTotal] - Exception during IP address enrichment when VT does not return the expected information

Pull Requests:

• Update opencti/connector-fortinet-ti Docker tag to v6.2.12 by @renovate in #2464
• [VirusTotal] - Exception during IP address enrichment when VT does not return the expected information by @romain-filigran in #2434
• Update dependency boto3 to v1.34.158 by @renovate in #2463
• Update dependency nltk to v3.8.2 by @renovate in #2471
• [HarfangLab] Fix bug create observable by @Megafredo in #2450
• Update dependency dnstwist to v20240812 by @renovate in #2473
• [Mandiant] Create 2 new environment variables for creating CPE or not for software and limit number of relationships by @helene-nguyen in #2468

Full Changelog: 6.2.12...6.2.13

Version 6.2.12

Enhancements:

• #2429 [Fortinet TI] Creation of the Fortinet TI connector
• #2392 [Sekoia] Import "related threat" from Sekoia connector

Pull Requests:

• Update dependency boto3 to v1.34.152 by @renovate in #2441
• [Sekoia] Adding related threat by @Megafredo in #2416
• [ShadowServer] - Connector updates by @cmandich in #2446
• Fix Tagger Connector entity type comparison and safe attribute access" by @obideuce in #2445
• Update dependency boto3 to v1.34.153 by @renovate in #2447
• [Connectors] Integrate Pydantic V2 Compatibility Changes by @Megafredo in #2444
• Update dependency wheel to v0.44.0 by @renovate in #2448
• New Fortinet connector by @Lhorus6 in #2442
• Update README Fortinet by @Lhorus6 in #2455
• Update dependency boto3 to v1.34.154 by @renovate in #2452
• Update dependency pycti to v6.2.11 by @renovate in #2451
• [Comlaude] Fix Identity import by @yassine-ouaamou in #2454
• [Comlaude] Tiny fix for labels by @Lhorus6 in #2457
• Update dependency google-api-python-client to v2.140.0 by @renovate in #2458
• Update dependency crowdstrike-falconpy to v1.4.5 by @renovate in #2456
• Update dependency google-auth to v2.33.0 by @renovate in #2461
• Update dependency PyYAML to v6.0.2 by @renovate in #2462

New Contributors:

• @obideuce made their first contribution in #2445

Full Changelog: 6.2.11...6.2.12