Enhancements:
- #3523 [stream-importer] refine metrics
- #3513 [Ransomware.live] Update to use API v2
- #3476 [attribution-tools] Install gfortran, openblas, xsimd
- #3465 [ThreatMatch] refacto: code improvements
- #3352 [MISP] Support PAP markings, use TLP:CLEAR
- #3205 Graphical items are missing in Malware Bazaar connector
- #3092 [Bambenek]: Create a connector for "Bambenek Consulting Feed"
- #3054 [Comlaude] improvements
Bug Fixes:
- #3556 [microsoft-defender-incidents]: Errors when converting “IPEvidence” containing IPv6 addresses
- #3544 [Tenable Vuln Management] : Inconsistent "pagination" presence in API response should be handled gracefully
- #3543 [Tenable Vuln Management] p-cpe URI format not handled (only cpe one)
- #3542 [Tenable Vuln Management] : last_scan_target attribute inconsistent presence in API response should be handled gracefully
- #3539 [microsoft-sentinel-incidents]: "NoneType" exception when converting HostEntity
- #3525 [Taxii2] Handling Int in Config
- #3524 [vulncheck ] Use append for SCOPE_SOFTWARE in vulncheck (nistnvd2 source)
- #3518 [tenable-vuln-management] Fails to start with KeyError: 'connector'
- #3516 [microsoft-sentinel-incidents] Error during imports related to the datetime format on the created field.
- #3511 [Bambenek] Fix Dockerfile for CI
- #3473 [tenable-vuln-management] Tenable API changes
- #3315 CISA KEV connector doesn't update objects
Pull Requests:
- [attribution-tools] Install gfortran, openblas, xsimd by @ckane in #3115
- Update dependency PyGithub to v2.6.1 by @renovate in #3471
- [Comlaude] connector improvements by @MohamedMerimi in #3459
- [urlscan-enrichment] Make indicator creation optional by @DucNg in #3139
- Update dependency boto3 to v1.37.0 by @renovate in #3479
- Update dependency crowdstrike-falconpy to v1.4.7 by @renovate in #3482
- Update dependency dateparser to v1.2.1 by @renovate in #3483
- Update dependency plyara to v2.2.8 by @renovate in #3485
- Update dependency pycti to v6.5.3 by @renovate in #3486
- Update dependency pydantic to v2.10.6 by @renovate in #3487
- Update dependency reversinglabs-sdk-py3 to v2.8.3 by @renovate in #3488
- Update dependency ruff to v0.9.7 by @renovate in #3489
- Update dependency vulncheck-sdk to v0.0.8 by @renovate in #3490
- Update opencti/connector-microsoft-defender-incidents Docker tag to v6.5.3 by @renovate in #3491
- [Bambenek] create bambenek connector by @larryfinch in #3280
- Update dependency google-api-python-client to v2.162.0 by @renovate in #3507
- [ThreatMatch] Added Beautifulsoup parsing and cleaned up code by @pietrocapece in #3047
- [Ransomware.live] Update to use API v2 by @JMousqueton in #3258
- [Bambenek] Fix Dockerfile for CI by @helene-nguyen in #3512
- Update dependency pycti to v6.5.3 by @renovate in #3508
- Improvement - Ipsum by @baptiste-fourmont in #3456
- [MISP] handle PAP markings, use TLP:CLEAR instead of TLP:WHITE by @debelyoo in #3354
- Update dependency beautifulsoup4 to v4.13.3 by @renovate in #3520
- Update dependency domaintools-api to v2.3.0 by @renovate in #3521
- [stream-importer] refine metrics by @axelfahy in #3342
- [vulncheck ] Use append for SCOPE_SOFTWARE in vulncheck (nistnvd2 source) by @giacomovitangeli in #3492
- [MalwareBazaar] Add SHA256 Indicators and visual change by @Noxurge in #3311
- [Taxii2] Handling Int in Config by @annoyingapt in #3448
- [All connectors] Remove remaining confidence_level in many connectors by @Powlinett in #3526
- Update dependency boto3 to v1.37.4 by @renovate in #3530
- [microsoft-sentinel-incidents] Error during imports related to the datetime format on the created field. by @romain-filigran in #3527
- [microsoft-sentinel-incidents]: "NoneType" exception when converting HostEntity by @romain-filigran in #3540
- [Tenable Vuln Management] fix: Connector config loader only works with config.yaml by @flavienSindou in #3541
- [Tenable Vuln Management] fix: Unhandled CPE URI formats should be skipped by @flavienSindou in #3545
- [Tenable Vuln Management] fix: inconsistent pagination section presence in response api should be handled gracefully by @flavienSindou in #3546
- [Tenable Vuln Management] fix: last_scan_target attribute inconsistent presence in API response should be handled gracefully by @flavienSindou in #3547
- Update dependency isort to v6.0.1 by @renovate in #3534
- Update dependency googleapis-common-protos to v1.69.0 by @renovate in #3550
- Update dependency boto3 to v1.37.5 by @renovate in #3551
- Update dependency pytest to v8.3.5 by @renovate in #3552
- Update dependency ruff to v0.9.9 by @renovate in #3553
- Update opencti/connector-microsoft-sentinel-incidents Docker tag to v6.5.3 by @renovate in #3554
- Update dependency psutil to v7 by @renovate in #3555
- [microsoft-defender-incidents]: Errors when converting “IPEvidence” containing IPv6 addresses by @romain-filigran in #3557
New Contributors:
- @larryfinch made their first contribution in #3280
- @giacomovitangeli made their first contribution in #3492
- @Noxurge made their first contribution in #3311
Full Changelog: 6.5.3...6.5.4