Enhancements:
- #5769 [VulnCheck] Add attack patterns, courses of action, all CVSS version, labels and more
- #5753 [Crowdstrike] Model CrowdStrike malware capabilities as OpenCTI malware types
- #5629 [Virustotal-livehunt-notification] Add TLP marking
- #5234 [shadowserver] Migrate connector to be connector manager supported
- #2003 [crowdstrike] Add function to import malware families
Bug Fixes:
- #5780 [Google ti feeds] Failed tests
- #5777 [Google TI] Indicator scores from GTI assessment are not correctly mapped
- #5756 [misp-intel] IOCs not being published
- #5716 [MISP] Connector hangs indefinitely when MISP instance is unreachable
- #5658 [Recorded Future Enrichment] Incorrect documentation
Pull Requests:
- [Recorded future enrichment] fix incorrect documentation by @Ninoxe in #5760
- [VulnCheck] Add attack patterns, courses of action, all CVSS version, labels and more by @maddawik in #4796
- [MISP] Add timeout settings for MISP requests by @jabesq in #5761
- [virustotal-livehunt-notification] Add TLP markings to the entities by @jabesq in #5738
- [misp-intel] Fix publication (#5756) by @SamuelHassine in #5774
- [URLHaus] docs: Fix Urlhaus URL in manifest json by @maximerafaillac in #5770
- [ci] Add automation to add new issues/PRs to project (#5727) by @ncarenton in #5747
- [Google TI] Indicator scores from GTI assessment are not correctly mapped by @romain-filigran in #5779
- [Google ti feeds] fix tests and add condition in get_score function by @Ninoxe in #5781
- [crowdstrike] Add function to import malware families (#2003) by @Kakudou in #5223
- [crowdstrike] Map capabilities to malware_types by @Powlinett in #5763
- [shadowserver] Update connector to be "manager_supported" by @Powlinett in #5679
Full Changelog: 6.9.17...6.9.18