OSINT profile improvements

[PavelJurka]

We want to use the OSINT profile for threat intelligence, however there are some fields missing from what we currently have. After a discussion with community we suggest to extend it by:

`<style type="text/css"></style>

campaign.name	no	string	-	yes	should add new object (Campaign)	The name of a specific campaign associated with a cyber threat. Campaigns represent organized efforts by threat actors to achieve malicious objectives over a period, often characterized by shared tactics, techniques, and procedures (TTPs).
intrusion_sets	no	string array	-	yes		A grouping of adversarial behaviors and resources believed to be associated with specific threat actors or campaigns. Intrusion sets often encompass multiple campaigns and are used to organize related activities under a common label.
dedtection_pattern_type	no	string	-	yes		Specifies the type of detection pattern used to identify the associated threat indicator. This field identifies whether the pattern is based on behavioral analysis, static indicators, or heuristic methods.
threatActor.name	no	string	-	yes	should add new object (Threat Actor)	The known or attributed name of the threat actor responsible for the observed malicious activity. Threat actor names are often given by cybersecurity organizations or governments based on observed behavior.
threatActor.type	no	string	-	yes	should add new object (Threat Actor)	The classification of the threat actor based on their motivations, capabilities, or affiliations. Common types include nation-state actors, cybercriminal groups, hacktivists, or insider threats.
uploaded_time	no	Timestamp	-	yes		The timestamp indicating when the associated indicator or intelligence was added to the system or repository.
severity	no	string	-	no		Represents the severity level of the threat indicator, typically reflecting its potential impact or damage.
risk_score	no	int	-	no		A numerical representation of the threat indicator’s risk or confidence level.
creator.email_addr	no	string	user	no		The identifier of the user, system, or organization that contributed the indicator.
category	no	string	-	no		Categorizes the threat indicator based on its functional or operational role.
created_time	no	Timestamp	-	no		The timestamp when the indicator was initially created or identified.
desc	no	string	-	no		A detailed explanation of the indicator, including its context, purpose, and relevance.
externalId	no	string	-	yes		A unique identifier assigned by an external system for cross-referencing.
labels	no	string array	-	no		Tags or keywords associated with the indicator to enhance searchability.
malware.name	no	string	malware	no		The name of the malware associated with the indicator.
modified_time	no	Timestamp	-	no		The timestamp of the last modification or update to the indicator.
detection_pattern	no	string	-	no		The specific detection pattern or signature associated with the indicator.
references	no	string array	-	no		Provides a reference to an external source of information related to the CTI being represented. This may include a URL, a document, or some other type of reference that provides additional context or information about the CTI.
expiration_time	no	Timestamp	-	no		The expiration date of the indicator, after which it is no longer considered reliable.
name	yes	string	-	no		Specifies the field(s) in logs or datasets where this indicator is expected to match.
comment	yes	string	-	no		Additional contextual information or attributes associated with the indicator.
attacks.tactics.name	yes	string	-	no		The Tactic object describes the tactic ID and/or name that is associated to an attack, as defined by ATT&CK® Matrix.
vendor_name	yes	string	-	no		The origin or provider of the indicator, such as a threat feed, vendor, or organization.
type_id + type	yes	string	-	no	types: MD5, SHA1, SHA256, URL, IP	The type of threat indicator.
uid	yes	string	-	no		A globally unique identifier assigned to the indicator.
value	yes	string	-	no		The actual data or observable associated with the indicator, such as an IP address, domain name, or hash.

`

We should align naming to STIX.