Version 6.5.1

Bug Fixes:

• #3394 [Connectors] Renaming safebrowsing to google-safebrowsing + correction on docker-compose.yml file
• #3351 Sentinel-Intel Connector Stopped Ingesting Data

Pull Requests:

• [Connectors] Renaming safebrowsing to google-safebrowsing + correction on some docker-compose.yml file by @helene-nguyen in #3395
• Update dependency pytz to v2025 by @renovate in #3370
• [SENTINEL-INTEL] fix: add explicit error when authentication fails by @flavienSindou in #3396

Full Changelog: 6.5.0...6.5.1

Version 6.5.0

Bug Fixes:

• #3355 [CAPE] AttributeError: type object 'Malware' has no attribute 'generate_id'

Pull Requests:

• Fix connector-cape bugs by @t-mtsmt in #3356

New Contributors:

• @t-mtsmt made their first contribution in #3356

Full Changelog: 6.4.11...6.5.0

Version 6.4.11

No changelog for this release.

Pull Requests:

• Update dependency google-auth to v2.38.0 by @renovate in #3335
• [CIRCLECI] Dynamic-CI 💡 by @Renizmy in #3328
• Update dependency google-api-python-client to v2.160.0 by @renovate in #3357
• Update opencti/connector-ibm-xti Docker tag to v6.4.10 by @renovate in #3360
• Update opencti/connector-rst-ioc-lookup Docker tag to v6.4.10 by @renovate in #3361
• Update dependency Titan-Client to v1.20.0.8 by @renovate in #3362
• Update dependency boto3 to v1.36.10 by @renovate in #3363
• Update dependency certifi to v2025 by @renovate in #3367
• Update dependency dnstwist to v20250130 by @renovate in #3368
• [Intel471] Downgrade Titan-Client lib version to 1.20.0.4 by @helene-nguyen in #3377
• [Proofpoint ET Rep List] Create the connector by @helene-nguyen in #3378
• [socradar] Add SOCRadar external import connector by @Radargoger in #3072
• [Sentinel Incidents] 401 Unauthorized error + missing Directory's path by @Powlinett in #3353
• [Group-IB] Update Group-IB connector by @Kchekh in #3204
• [Spycloud] Create external import connector by @Powlinett in #3347
• [GroupIB] Remove copy .env in Dockerfile by @helene-nguyen in #3381
• [Hatching Triage Sandbox] URL analysis support + Playbook compatibility by @helene-nguyen in #3324
• [ImportFileYARA]: Create an import file connector dedicated to import YARA files/rules by @romain-filigran in #3259
• Update dependency Jinja2 to v3.1.5 [SECURITY] by @renovate in #3373
• Update sentinel-incidents docker-compose.yml by @romain-filigran in #3384

New Contributors:

• @Radargoger made their first contribution in #3072
• @Kchekh made their first contribution in #3204

Full Changelog: 6.4.10...6.4.11

Version 6.4.10

Bug Fixes:

• #3345 [All Connectors] Update format following Black dependency upgrade
• #3338 [Crowdstrike] Imports are incorrectly sorted and/or formatted.

Pull Requests:

• [All connectors] Fix Update format following Black dependency upgrade by @helene-nguyen in #3346

Full Changelog: 6.4.9...6.4.10

Version 6.4.9

Enhancements:

• #3309 [IBM X-Force] Add IBM X-Force in CI
• #3308 [IBM XTI] Create IBM XTI OpenCTI connector
• #3306 [RST IOC LookUp] Add RST IOC Look up connector in CI/CD

Bug Fixes:

• #3326 [AbuseIPDB] The connector completed with a "Terminated" status due to an issue occurring outside the main process
• #3320 [RST IOC Lookup] Issue on dependency version for requests
• #3304 [IPSUM] No image build in CI/CD
• #3282 [Zvelo]: Authentication token expiration not correctly managed
• #3275 [CrowdStrike] 'NoneType' object cannot be interpreted as an integer

Pull Requests:

• Create IBM X-Force Premier Threat Intelligence Services connector for OpenCTI platform by @awarrier99 in #3111
• [Zvelo]: Authentication token expiration not correctly managed by @romain-filigran in #3296
• Update dependency PyYAML to v6.0.2 by @renovate in #3301
• [CircleCI] Add RST IOC LookUp connector in CI by @helene-nguyen in #3307
• [CircleCI] Add IBM X-Force in CI by @helene-nguyen in #3310
• [RST IOC Lookup] Change dependency range for RST IOC Lookup requirements by @helene-nguyen in #3321
• Update opencti/connector-ipsum Docker tag to v6.4.8 by @renovate in #3323
• Update dependency pycti to v6.4.8 by @renovate in #3322
• [AbuseIPDB] Add more accurate logs when issue occurring outside the main process by @helene-nguyen in #3327
• Update dependency boto3 to v1.36.5 by @renovate in #3329
• Update dependency minio to v7.2.15 by @renovate in #3330
• [Crowdstrike] Correct imports are incorrectly sorted and/or formatted by @helene-nguyen in #3339

New Contributors:

• @awarrier99 made their first contribution in #3111

Full Changelog: 6.4.8...6.4.9

Version 6.4.8

Enhancements:

• #3287 [RST IoC Lookup] Create the connector
• #3286 [HuntIO] Create the connector
• #3284 [HuntIO] Add HuntIO in CI/CD
• #3279 [Flashpoint]: Enhance Flashpoint connector
• #2263 [Hygiene] Support CIDR and Partial Domains

Bug Fixes:

• #3290 [RST Report Hub] Missing generate id
• #3273 [Templates] Fix syntax error on entity_in_scope in template
• #3271 [All Connectors] Update CI and remove Ipsum connector from build 1
• #3260 [WIZ] - Connector code breaks the CI/CD because it uses test_requirements but has no tests
• #3096 [Flashpoint] interval not taken into account
• #2817 [RST Cloud - Threat Feed] The connector seems active, raises no errors, but nothing is imported
• #2767 [RST Cloud - Report Hub] Several issues

Pull Requests:

• [All Connectors] Update CircleCI by @helene-nguyen in #3272
• Update opencti/connector-wiz Docker tag to v6.4.7 by @renovate in #3264
• Update dependency boto3 to v1.35.98 by @renovate in #3265
• [Templates] Fix syntax error on entity_in_scope in template by @DucNg in #3249
• Update dependency google-api-python-client to v2.159.0 by @renovate in #3277
• Update dependency boto3 to v1.35.99 by @renovate in #3278
• [Hunt IO] Connector for importing C2 feed into OpenCTI by @m4r35 in #3033
• [RST IoC Lookup] Add RST IoC Lookup connector. + Fixes for Report Hub and Threat Feed by @k1r10n in #2864
• [RST Report Hub] Add missing generate id by @helene-nguyen in #3291
• [HuntIO] Add HuntIO in CI/CD by @helene-nguyen in #3285
• [Flashpoint]: Enhance Flashpoint connector by @romain-filigran in #3293
• Update dependency pytz to v2024.2 by @renovate in #3298
• Update dependency boto3 to v1.36.1 - autoclosed by @renovate in #3297
• Update dependency pycti to v6.4.7 by @renovate in #3302
• [CircleCI] Add Ipsum in CI for build_1 by @helene-nguyen in #3305

New Contributors:

• @m4r35 made their first contribution in #3033

Full Changelog: 6.4.7...6.4.8

Version 6.4.7

Enhancements:

• #3248 [flashpoint] Enhance default behaviour when importing communities
• #3243 [Orange CyberDefense] Improve OCD Connector
• #3226 [Zscaler] Stream Connector Circleci
• #2665 [ransomware.live] improvements
• #1419 [Zscaler] Create the connector for ZIA

Bug Fixes:

• #3238 [taxii2] Bug fixes + Change Report Status
• #3237 [eset] Add x_opencti_main_observable_type when missing from atomic indicators
• #3225 [RST Noise Control] unsupported operand type(s) for +: 'NoneType' and 'str'

Pull Requests:

• Update opencti/connector-google-secops-siem Docker tag to v6.4.6 by @renovate in #3233
• Update opencti/connector-stream-exporter Docker tag to v6.4.6 by @renovate in #3234
• [eset] FIX: Add x_opencti_main_observable_type when missing from atomic indicators by @ckane in #3013
• [taxii2] Bug fixes + Change Report Status by @annoyingapt in #3036
• Update opencti/connector-stream-importer Docker tag to v6.4.6 by @renovate in #3239
• Update dependency boto3 to v1.35.95 by @renovate in #3240
• Update dependency minio to v7.2.14 by @renovate in #3241
• Update opencti/connector-recorded-future Docker tag to v6.4.6 by @renovate in #3242
• [Orange CyberDefense] MRTI-6741 - OCD Connector by @ClaireOrange in #3236
• [Zscaler] Stream Connector by @MohamedMerimi in #3007
• [Zscaler] Stream Connector add Circleci by @Megafredo in #3227
• Improve ransomware.live connector by @seanthegeek in #2746

New Contributors:

• @ClaireOrange made their first contribution in #3236
• @MohamedMerimi made their first contribution in #3007
• @seanthegeek made their first contribution in #2746

Full Changelog: 6.4.6...6.4.7

Version 6.4.6

Enhancements:

• #3228 [stream replication] first version of connectors
• #3215 [greynoisefeed] remove dedup function, add batching for bundle create and submit
• #2965 [Google SecOps SIEM]: Develop an integration
• #2841 [Ransomwarelive] ingests victims with asterisks in the title

Bug Fixes:

• #3206 [Intel471 V1] Issue when upgrading Titan library
• #3195 [RecordedFuture] The connector stops ingesting data if an error (401, 403, ...) occurs while ingesting RF Alerts playbooks
• #3189 [ALL] Renovate Pydantic version to >=2.8.2
• #3184 Connector "Common Vulnerabilities and Exposures" stucked
• #3174 [VirusTotal] invalid literal for int() with base 10: '10 creation'
• #3172 VirusTotal Livehunt Notifications plyara - no attribute logger
• #3169 [Recorded Future] Incident not created on first launch, but created on second launch
• #3168 [Recorded Future] Formatting error prevents incident creation
• #3165 [Sentinel-Incidents]: Documentation screenshots not available
• #3164 [Google-secops-siem] Error path in CircleCI the working directory
• #3153 [HARFANGLAB-INCIDENTS] AttributeError: 'NoneType' object has no attribute 'name'
• #3151 [Flashpoint] Non-predictive STIX ID for Channels
• #3129 [Mandiant]: CTI data quality impacted by Mandiant connector
• #3104 [Shadowserver] ERROR type object 'Vulnerability' has no attribute 'generate_id'

Pull Requests:

• [Google SecOps SIEM] Create Google SecOps SIEM connector by @helene-nguyen in #3100
• [Google-secops-siem] Fix path in CircleCI the working directory by @Megafredo in #3166
• Update dependency domaintools-api to v2.2.0 by @renovate in #3157
• Update dependency google-api-python-client to v2.156.0 by @renovate in #3158
• Update dependency boto3 to v1.35.84 by @renovate in #3161
• Update dependency pycti to v6.4.5 by @renovate in #3162
• Update opencti/connector-harfanglab-intel Docker tag to v6.4.5 by @renovate in #3160
• Update opencti/connector-intel471_v2 Docker tag to v6.4.5 by @renovate in #3163
• Update dependency certifi to v2024.12.14 by @renovate in #3144
• Update dependency pycti to v6.4.5 by @renovate in #3171
• Update dependency boto3 to v1.35.85 by @renovate in #3170
• Migrate renovate config by @renovate in #3173
• Update dependency boto3 to v1.35.86 by @renovate in #3178
• Update dependency Jinja2 to v3.1.5 by @renovate in #3179
• [Mandiant]: Invalid "originates-from" relationships by @romain-filigran in #3182
• [Sentinel Incidents] Fix documentation images by @Powlinett in #3181
• Update dependency boto3 to v1.35.87 by @renovate in #3185
• [Recorded Future] Handle properly incident ID generation and created and updated dates + correct markdown format by @helene-nguyen in #3186
• VirusTotal Livehunt Notifications plyara - no attribute logger by @romain-filigran in #3183
• [HarfangLab Intel] Update HarfangLab config.yml.sample by @romain-filigran in #3024
• [HARFANGLAB INCIDENTS] - Unsafe Alert Process attributes access when creating File by @flavienSindou in #3187
• [ALL] - Renovate pydantic version >= 2.8.2 by @flavienSindou in #3190
• Update dependency prometheus-client to ~=0.21.1 by @renovate in #3193
• Update dependency pydantic to < 3.0.0 by @renovate in #3191
• Update dependency weasyprint to v63 by @renovate in #3199
• Update dependency google-auth to v2.37.0 by @renovate in #3196
• Update dependency reversinglabs-sdk-py3 to v2.8.0 by @renovate in #3192
• Update dependency boto3 to v1.35.90 by @renovate in #3202
• [Intel471] Downgrade Titan-Client lib version to 1.20.0.4 by @helene-nguyen in #3207
• Update dependency google-api-python-client to v2.157.0 by @renovate in #3208
• Update dependency boto3 to v1.35.92 by @renovate in #3214
• [greynoisefeed] remove dedup function, add batching for bundle create and submit by @bradchiappetta in #2812
• Update dependency boto3 to v1.35.93 by @renovate in #3217
• [Recorded Future] Handle properly playbook alerts errors to not block the connector by @helene-nguyen in #3213
• [stream replication] first version of connectors by @axelfahy in #2730
• [Shadowserver] Fix shadowserver and add additional pytests #3104 by @cmandich in #3141
• Implementation of the TLP:AMBER+STRICT marking on multiple connectors: by @Lhorus6 in #3143

Full Changelog: 6.4.5...6.4.6

Version 6.4.5

Enhancements:

• #3137 [Intel471_v2] Creating the intel471_v2 connector
• #2847 [Tenable Security Center] Create the connector
• #2591 [Zvelo] Create a connector to download Zvelo intel

Bug Fixes:

• #3145 [MISP] Timestamp issue
• #3135 [Harfanglab-incident] TypeError
• #3127 [CircleCI] Add a build_4
• #3123 [Harfang lab incidents]: Add connector image to docker hub
• #3122 [Harfang Lab intel]: Add connector image to docker hub
• #3061 [crowstrike] Cannot process the message
• #2997 [Tenable] Error while importing data
• #2828 [Zerofox] Title indicator and country structure to be corrected
• #2825 The Hive importing wrong data

Pull Requests:

• Limit renovate PRs to nights and weekend by @aHenryJard in #3120
• [Tenable Vuln Management] - Integrate source api changes by @flavienSindou in #3081
• [Harfanglab-Intel] Add publish docker image by @Megafredo in #3124
• [The Hive] - Change confusing logger level by @flavienSindou in #3069
• [Harfanglab-Incidents] Add publish docker image by @Megafredo in #3126
• [CircleCI] Add a build_4 and build_rolling_4 (Bug #3127) by @Megafredo in #3128
• [Zerofox] Add format changes to malware endpoint and country entities by @DNRRomero in #2988
• Update dependency boto3 to v1.35.80 by @renovate in #3133
• Update dependency google-api-python-client to v2.155.0 by @renovate in #3113
• Update dependency boto3 to v1.35.81 by @renovate in #3142
• Update dependency boto3 to v1.35.82 by @renovate in #3148
• Adding Intel 471 Connector v2 by @mmolenda in #3146
• [Intel471_v2] Adding intel471v_v2 in CircleCI by @Megafredo in #3138
• [Tenable Security Center]: Connector Initial Creation by @flavienSindou in #3044
• [Zvelo] Create a connector to download Zvelo intel by @romain-filigran in #3121
• [Harfanglab incidents] feat: configuration loader raises explicit error if missing required variables by @flavienSindou in #3149

Full Changelog: 6.4.4...6.4.5

Version 6.4.4

Bug Fixes:

• #3103 [Orange Cyber Defense] Fix bug in WorldWatch report entities crawling
• #3090 [MISP] Update default MISP docker-compose.yml to avoid confusion
• #3087 [Import Document] Update importDocument docker-compose.yml
• #2938 [RecordedFuture]: Exceptions observed during import of Analyst Notes

Pull Requests:

• Update importDocument docker-compose.yml by @romain-filigran in #3016
• Update default MISP docker-compose.yml to avoid confusion by @romain-filigran in #3063
• Update dependency reversinglabs-sdk-py3 to v2.7.2 by @renovate in #3088
• Update dependency wheel to v0.45.1 by @renovate in #3089
• [Recorded Future] handle exception raised when no attachment and no object_refs to report by @helene-nguyen in #3079
• [TEMPLATE] create init script by @Renizmy in #3030
• [CrowdStrike-Endpoint-Security] Fixing severity map bug by @al0rd25l in #3093
• Update dependency plyara to ~=2.2.1 by @renovate in #3094
• Update dependency google-api-core to v2.24.0 by @renovate in #3097
• Update dependency playwright to v1.49.1 by @renovate in #3102
• Update dependency boto3 to v1.35.78 by @renovate in #3101
• [Connector] Fix bug in WorldWatch report entities crawling by @cert-orangecyberdefense in #3051

New Contributors:

• @al0rd25l made their first contribution in #3093

Full Changelog: 6.4.3...6.4.4