Version 6.2.7

Bug Fixes:

• #2383 [Ironnet] Fix import
• #2378 [urlscan-enrichment] API key error lead to cryptic error messages
• #2374 [splunk] Connection errors are not logged
• #2372 [Mandiant] Connectors exceptions are not logged (only "Terminated")
• #2357 [Cape sandbox] Analysis failing due to incompatable attributes
• #2320 [Sentinel] - Indicator updates are not propagated in Azure Sentinel

Pull Requests:

• [Mandiant] Add log when exception is caught outside of running connector process by @helene-nguyen in #2371
• [import-document] added new exact_match_fields in configuration by @JeremyCloarec in #2335
• [connector] Urlscan, fix Api key error message by @Megafredo in #2382
• [Webhook] Init connector by @Renizmy in #2193
• [Splunk] Add traceback to have more accurate logs by @helene-nguyen in #2381
• [Ironnet] Fix error on running connector by @helene-nguyen in #2384
• [opencti] Fix interval bug by @daemitus in #2353
• Fix for mistake in indent. by @piolug93 in #2377
• [Webhook] Fix circle ci configuration file for more consistency by @helene-nguyen in #2385
• [Webhook] Update version to fix CI build by @helene-nguyen in #2386
• [external-import] ESET connectors TAXII2 and MISP by @polakovicp in #2343
• [Sentinel] - Indicator updates are not propagated in Azure Sentinel by @romain-filigran in #2347
• [cape-sandbox]: Fix, error updating some "File" observable properties by @romain-filigran in #2361

New Contributors:

• @piolug93 made their first contribution in #2377
• @polakovicp made their first contribution in #2343

Full Changelog: 6.2.6...6.2.7

Version 6.2.6

Bug Fixes:

• #2360 [Flashpoint] Alerts on communities are not ingested properly
• #2355 [Cape Sandbox] Cape URL variable not being utilised
• #2349 [Recorded Future Enrichment] Add score on Indicator

Pull Requests:

• [Recorded Future Enrichment] Add score in the correct field by @helene-nguyen in #2350
• Update dependency validators to v0.33.0 by @renovate in #2348
• Update opencti/connector-infoblox Docker tag to v6.2.5 by @renovate in #2352
• [cape-sandbox] - fix docker-compose.yml template by @romain-filigran in #2356
• Update dependency reversinglabs-sdk-py3 to v2.6.3 by @renovate in #2363

New Contributors:

• @romain-filigran made their first contribution in #2356

Full Changelog: 6.2.5...6.2.6

Version 6.2.5

Enhancements:

• #2307 [CrowdStrike] Be able to exclude IOCs during import based on labels applied to them

Bug fixes:

• #2333 [infoblox] Connector fails to start with 'datetime.datetime' has no attribute 'datetime'
• #2334 [mandiant] In some cases, relationships are not created in reports

Pull Requests:

• Update dependency validators to v0.32.0 by @renovate in #2324
• Update dependency boto3 to v1.34.143 by @renovate in #2329
• [infoblox] Add to CI/CD by @SamuelHassine in #2331
• [connector] Fix mandiant relationships by @helene-nguyen in #2332
• Add possibility to exclude IOCs import based on labels by @Lhorus6 in #2308
• Fix the import of library by @Lhorus6 in #2336
• Fix KeyError on dict by @Lhorus6 in #2340
• [flashpoint] Create groupings instead of reports by default by @SamuelHassine in #2342
• [Flashpoint] Fix lint Flashpoint by @helene-nguyen in #2344
• Update dependency stix-shifter to v7.0.11 by @renovate in #2338
• Update dependency stix-shifter-modules-splunk to v7.0.11 by @renovate in #2339
• Update dependency boto3 to v1.34.144 by @renovate in #2346
• Update dependency stix-shifter-utils to v7.0.11 by @renovate in #2345

Full Changelog: 6.2.4...6.2.5

Version 6.2.4

Enhancements:

• #2328 [mandiant] Introduce an option to import aliases of malwares (given overlaps in Advantage platform)
• #2321 [misp/misp-feed] Add more magic in the syntax of labels resolution for STIX objects

Bug Fixes:

• #2323 MISP is not importing when the filter date field is default "date_from"
• #2319 [External-import][Crowdstrike] Infinit loop lock to identical works
• #2078 MISP error handling causes malformed state

Pull Requests:

• Update dependency pycti to v5.12.33 by @renovate in #2313
• Update dependency pycti to v6 by @renovate in #2314
• Update dependency google-api-python-client to v2.137.0 by @renovate in #2316
• Update dependency boto3 to v1.34.142 by @renovate in #2317
• Update dependency reversinglabs-sdk-py3 to v2.6.2 by @renovate in #2325
• [Crowdstrike] Fix Infinit loop by @Megafredo in #2322

Full Changelog: 6.2.3...6.2.4

Version 6.2.3

Enhancements:

• #2309 [Infoblox] Creation of the Infoblox connector

Bug Fixes:

• #2303 [mandiant] Correctly import Mandiant report news analysis

Pull Requests:

• [Mandiant] Correctly import Mandiant report news analysis by @helene-nguyen in #2305
• Adding the Infoblox connector by @Lhorus6 in #2310
• Update dependency validators to v0.31.0 by @renovate in #2304
• Update dependency boto3 to v1.34.141 by @renovate in #2306
• Update dependency requests to v2.32.2 [SECURITY] by @renovate in #2311
• Update dependency google-auth to v2.32.0 by @renovate in #2312

Full Changelog: 6.2.2...6.2.3

Version 6.2.2

Enhancements:

• #1988 [Flashpoint] Improve and refactor connector to use new Ignite API
• #1555 [mwdb] OpenCTI connector flooding MWDB API with requests when /api/file retuns different HTTP response code than 200
• #446 [Jira] Create the connector

Bug Fixes:

• #2299 [mandiant] Campaign first_seen date is not imported
• #2294 [recorded-future] Threat Actor (person) are imported as threat actor groups (should be individual)

Pull Requests:

• Update dependency boto3 to v1.34.139 by @renovate in #2280
• [CHRONICLE] Fix + doc by @Renizmy in #2239
• Update dependency certifi to v2024.7.4 by @renovate in #2282
• [Chronicle] Fix lint chronicle connector by @helene-nguyen in #2286
• Update dependency google-auth to v2.31.0 by @renovate in #2289
• Update dependency reversinglabs-sdk-py3 to v2.6.1 by @renovate in #2291
• [Recorded Future] Fix import TA as individual when type of Person from RF by @helene-nguyen in #2292
• Update dependency stix-shifter to v7.0.10 by @renovate in #2293
• Update dependency googleapis-common-protos to v1.63.2 by @renovate in #2290
• [MWDB] API connection based on mwdblib, fix issues by @psrok1 in #2285
• [Mandiant] Add campaign first_seen date by @helene-nguyen in #2297
• Update dependency boto3 to v1.34.140 by @renovate in #2295
• Update dependency stix-shifter-modules-splunk to v7.0.10 by @renovate in #2296
• Update dependency pdfminer.six to v20240706 by @renovate in #2301
• Update dependency stix-shifter-utils to v7.0.10 by @renovate in #2300

New Contributors:

• @psrok1 made their first contribution in #2285

Full Changelog: 6.2.1...6.2.2

Version 6.2.1

Bug Fixes:

• #2249 Import document connector is stopping / blocking if trying to process unsupported mime type

Pull Requests:

• [crowdsec] Update internal enrichment connector by @julienloizelet in #2252
• Update dependency boto3 to v1.34.136 by @renovate in #2268
• Update dependency reversinglabs-sdk-py3 to v2.6.0 by @renovate in #2270
• [HarfangLab] Improvement logger and readme by @Megafredo in #2211
• Update dependency validators to v0.29.0 by @renovate in #2271
• [RedFlag] Add type of connector in config sample file by @helene-nguyen in #2273
• Update dependency google-auth to v2.31.0 by @renovate in #2274
• Update dependency boto3 to v1.34.137 by @renovate in #2275
• Update dependency boto3 to v1.34.138 by @renovate in #2278
• Update dependency google-api-python-client to v2.136.0 by @renovate in #2277

New Contributors:

• @julienloizelet made their first contribution in #2252

Full Changelog: 6.2.0...6.2.1

Version 6.2.0

Enhancements:

• #2241 ReversingLabs enrichment connector
• #1910 Rework the crowdstrike FEED connector to use the FalconPY lib
• #1272 [RedFlagDomain] Create connector
• #777 [Shadow Server] Create the connector

Pull Requests:

• [Crowdstrike Endpoint Security] Fix Crowdstrike documentation by @helene-nguyen in #2250
• [Crowdstrike Feed] Rework the Crowdstrike feed connector to use FalconPy library by @helene-nguyen in #2154
• [NEW] Add 'red flag domains' connector by @AZOGg01 in #2196
• [Shadowserver] Import Shadowserver Connector by @cmandich in #2224
• Update dependency google-auth to v2.30.0 by @renovate in #2227
• [REVERSINGLABS] New connector by @DinkoReversingLabs in #2240

Full Changelog: 6.1.13...6.2.0

Version 6.1.13

Bug Fixes:

• #2221 [ZeroFox] Connector doesn't start
• #2156 [Intel471] List of bug and improvement
• #1048 [CrowdStrike] Sometimes, PDF is not attached to the report

Pull Requests:

• [import-document] added push_analysis in analysis request handling (opencti/6803) by @JeremyCloarec in #2217
• [zerofox] Simplify connector start logic by @Mawdac in #2223
• [Intel 471] Bug fixes and improvements by @mmolenda in #2213
• Update Virustotal builder by @demonoidvk in #2209
• Update dependency boto3 to v1.34.131 by @renovate in #2231
• Update dependency pytest to v8.2.2 by @renovate in #2234
• Update dependency pycountry to v24 by @renovate in #2238
• Update dependency crowdstrike-falconpy to v1.4.4 by @renovate in #2232
• Update dependency google-api-python-client to v2.134.0 by @renovate in #2226
• Update dependency validators to v0.28.3 by @renovate in #2235
• Update dependency weasyprint to v62.3 by @renovate in #2230
• Update dependency certifi to v2024.6.2 by @renovate in #2225
• Update dependency packaging to v24.1 by @renovate in #2229
• Update dependency greynoise to v2.2.0 by @renovate in #2228
• Update dependency pydantic to v1.10.17 by @renovate in #2233
• Build rolling connector images with pycti@master by @sbocahu in #2220
• Update dependency typing-extensions to v4.12.2 by @renovate in #2174
• Update dependency pycti to v6.1.12 by @renovate in #2242
• Update dependency boto3 to v1.34.132 by @renovate in #2244
• Update dependency urllib3 to v2.2.2 [SECURITY] by @renovate in #2218
• Update dependency pydantic to v2.7.4 by @renovate in #2187
• Update dependency domaintools-api to v2 by @renovate in #2236
• Update dependency python-dateutil to v2.9.0.post0 by @renovate in #2243
• add new env MISP_DATE_FILTER_FIELD by @khalidelborai in #2246
• Update dependency boto3 to v1.34.134 by @renovate in #2253
• Update dependency crowdstrike-falconpy to v1.4.4 by @renovate in #2254
• Revert update to pydantic 2.x by @labo-flg in #2256
• Update dependency boto3 to v1.34.135 by @renovate in #2261
• [Taxii2] Option to pull data from custom property and put in a label by @annoyingapt in #2149
• Update dependency google-api-python-client to v2.135.0 by @renovate in #2262

New Contributors:

• @AZOGg01 made their first contribution in #2196
• @DinkoReversingLabs made their first contribution in #2240
• @khalidelborai made their first contribution in #2246
• @labo-flg made their first contribution in #2256

Full Changelog: 6.1.12...6.1.13

Version 6.1.12

Enhancements:

• #1263 Flashpoint Connector Does Not Implement Import_Indicators

Bug Fixes:

• #2215 [tria.ge] certificate verify failed: self-signed certificate

Pull Requests:

• [import-document] make import-document compatible with Analysis connector type by @JeremyCloarec in #2190

Full Changelog: 6.1.11...6.1.12