Enhancements:
- #4849 [Crowdstrike] Missing default indicator exclude types
- #4847 [crowdstrike] set the default to ignore password and username types
- #4838 [MISP Feed] replace urllib with requests library
- #4834 [Feedly] Migrate connector to be connector manager supported
- #4833 [Google Threat Intelligence] Migrate connector to be connector manager supported
- #4830 [CVE] Change API key header to follow NIST documentation
- #4823 [PGL-YoYo] Create connector
- #4742 [ransomware.live] Remove WHOIS and DNS enrichment from connector
- #4731 [RecordedFuture] Migrate connector to be connector manager supported
- #4599 [CrowdStrike] Migrate connector to be connector manager supported
- #4343 [DShield Blocking List] connector
- #4307 Add criminalip C2-Daily-Feed connector
- #4283 [microsoft-graph-security-intel]: Use the specified expirationDateTime property
- #3889 [Ransomware Live] Remove need for external API for whois lookups
- #3098 [MISP connector] add bidirectional communication with OpenCTI
- #2066 [Hygiene] Implement multi-threading / parallelism capabilities
Bug Fixes:
- #4859 [MispIntel] Fix configuration defaults to be set when ENV variables are empty
- #4848 [orange-cyberdefense] fix Worldwatch reports error when Datalake disabled
- #4840 [MicrosoftSentinelIntel] Remove mistaken set_state
- #4837 [ZSCALER] Token Authenticate broken after API changes
- #4828 [Zscaler] environment key missing in docker compose file
- #4827 [hub/composer] missing manifest for shodan
- #4808 [ConnectorSDK] Conflict in pycti version when used from master branch
- #4801 [Google TI]: Global issue to fix some misbehaviors in the modelisation.
- #4555 ImportDocument connector cannot access files in restricted containers
- #4416 [dogesec - obstracts] use
show_only_my_feedsto limit results - #4415 [dogesec - ctibutler] new API structure for knowledgebases
- #4355 [HybridAnalysisSandbox] Connector does not read indicators / observables and returns field is empty error
- #4321 [LIA File Feed]: Connector Fails on any null source_url and uses incorrect observable type for URL that has IP mapped to URL path.
- #4284 [Cofense-ThreatHQ]: Connector does not create indicators
Pull Requests:
- [CriminalIP C2-Daily-Feed] Add criminalip C2-Daily-Feed connector by @saravanan30erd in #4308
- DShield by @yassine-ouaamou in #4341
- Implement PGL Yoyo Connector by @blauwers in #4789
- [ConnectorSDK] Fix conflict in pycti version when used from another version or master branch by @pdamoune in #4809
- [Cofense-ThreatHQ] implement promotion of observables to indicators by @mariot in #4797
- [PGL-YoYo] Fix Dockerfile by @Powlinett in #4825
- Correct URL for JOe by @damians-filigran in #4602
- [ransomware live] Remove whois and google dns calls by @Ninoxe in #4725
- Update dependency boto3 to v1.40.39 by @renovate[bot] in #4751
- Update dependency mypy to v1.18.2 by @renovate[bot] in #4748
- Update dependency azure-identity to v1.25.0 by @renovate[bot] in #4746
- Update dependency weasyprint to v66 by @renovate[bot] in #4686
- Update dependency pytest-cov to v7 by @renovate[bot] in #4684
- Update dependency vulncheck-sdk to v0.0.23 by @renovate[bot] in #4677
- [hub/composer] add manifest for shodan by @romain-filigran in #4727
- Update dependency stix-shifter to v7.1.6 by @renovate[bot] in #4673
- [obstracts] use
show_only_my_feedsto limit results muchdogesec/obs… by @fqrious in #4425 - Update dependency stix-shifter-modules-splunk to v7.1.6 by @renovate[bot] in #4674
- Update actions/checkout action to v5 by @renovate[bot] in #4681
- Update dependency stix-shifter-utils to v7.1.6 by @renovate[bot] in #4675
- [microsoft-graph-security-intel]: Add valid_until logic to expiration time, resolving issue #4283 by @shouttrickword in #4414
- [LIA File Feed] Correcting type for parameter x_opencti_main_observable_type by @LIA-Intel in #4487
- [ctibutler] fix renamed paths, add new knowledgebase by @fqrious in #4424
- [GithubAction] Auto assign PR on creation by @pdamoune in #4785
- [CVE] Fixing API key header to follow NIST documentation by @JanoutV in #4829
- [recorded-future] Compatibility with the connectors manager (#4731) by @SamuelHassine in #4831
- [crowdstrike] Compatibility with the connectors manager (#4599) by @SamuelHassine in #4832
- [feedly] Compatibility with the connectors manager (#4834) by @SamuelHassine in #4835
- [misp-intel/hygiene] Introduce the MISP stream connector and hygiene multi-threadings (#3098, #2066) by @SamuelHassine in #4836
- [ZSCALER] Fix Token Authenticate, improved Zscaler auto-activation and status management by @MohamedMerimi in #4603
- [ZSCALER] FIX: Added environment key. by @Sherlocked97 in #4327
- [MISP Feed] Connector replace urllib with requests library and add verify by @msecdsu in #4257
- [HybridAnalysisSandbox] Change deprecated API POST /search/hash to new one GET /search/hash by @pdamoune in #4755
- [MicrosoftSentinelIntel] Remove mistaken set_state by @pdamoune in #4841
- [crowdstrike] set the default to ignore password and username types by @gsilvapt in #4491
- [orange-cyberdefense] fix Worldwatch reports error when Datalake disabled by @ocd-acauchy in #4762
- [Crowdstrike] Fix default indicator exclude types by @helene-nguyen in #4850
- [Google TI] various fix from #4801 by @Kakudou in #4810
- Update dependency requests to v2.32.5 by @renovate[bot] in #4671
- [Google TI] Migrate connector to be connector manager supported #4833 by @Kakudou in #4844
- [All] Fix usage of variable defined with pydantic by @helene-nguyen in #4855
- [Google TI] Fix pydantic for catalog integration by @Kakudou in #4856
- [MispIntel] Fix configuration defaults to be None on empty env var by @pdamoune in #4860
- [importdoc] fix check for file (if in a draft, file_id starts with draft/{draft_id}/import/global) by @JeremyCloarec in #4702
New Contributors:
- @saravanan30erd made their first contribution in #4308
- @shouttrickword made their first contribution in #4414
- @JanoutV made their first contribution in #4829
- @Sherlocked97 made their first contribution in #4327
- @msecdsu made their first contribution in #4257
- @gsilvapt made their first contribution in #4491
- @ocd-acauchy made their first contribution in #4762
Full Changelog: 6.8.0...6.8.1