v1.2.9

Fix Django vulnerabilities 1bd8d08

Full Changelog: v1.2.8...v1.2.9

v1.2.8

Fix Ticket ID undefined BUG

• Fixed an undefined ticket ID BUG when monitoring a new website when the ticket ID field and the list of monitored websites are empty.

Full Changelog: v1.2.7...v1.2.8

v1.2.7

Fix TheHive and MISP API export issues

• MISP Events are now created with the correct TAGS mention in the .env file.
• MISP Event attributes are now created even if the TAGS does not exist in the MISP instance.
• TheHive export now reseting if the Case is not anymore in the TheHive instance.

Full Changelog: v1.2.6...v1.2.7

v1.2.6

What's Changed

• Fix logout 404 bug by @Felix83000 in #77

Full Changelog: v1.2.5...v1.2.6

v1.2.5

Update procedure

Please follow this process.

• If you access Watcher via a DNS (e.g. https://watcher.com) get the last version of /.env and /docker-compose.yml files and fill CSRF_TRUSTED_ORIGINS with your DNS in the /.env file.

What's Changed

• Fix #74 and Fix 403 CSRF Forbidden Error by @Felix83000 in #75

Full Changelog: v1.2.4...v1.2.5

v1.2.4

Update procedure

Please follow this process.

• Please upgrade your /.env and /docker-compose.yml files.

Merged pull request

• Merge pull request #72

Enhancement

• Significantly reduces false positives in the Twisted DNS Finder batch
• Upgrade default blocklist
• Upgrade developpers documentation
• Close issue #70
• Close issue #71 / add THE_HIVE_VERIFY_SSL & Upgrade dependencies
• Fix notification bug

What's Changed

• Bump django from 3.2.10 to 3.2.12 in /Watcher by @dependabot in #63
• Bump nltk from 3.6.5 to 3.6.7 in /Watcher by @dependabot in #62
• Bump follow-redirects from 1.14.4 to 1.14.7 in /Watcher by @dependabot in #61
• Bump django from 3.2.11 to 3.2.12 in /Watcher by @dependabot in #64
• Bump follow-redirects from 1.14.7 to 1.14.8 in /Watcher by @dependabot in #65
• Bump minimist from 1.2.5 to 1.2.6 in /Watcher by @dependabot in #66
• Bump moment from 2.29.1 to 2.29.2 in /Watcher by @dependabot in #68

Full Changelog: v1.2.3...v1.2.4

v1.2.3

What's Changed

• Update dnstwist json keynames in core.py by @RomainPisters in #57
• Fix dnstwist. JSON format just changed in the last release of dnstwist.

New Contributors

• @RomainPisters made their first contribution in #57

Full Changelog: v1.2.2...v1.2.3

v1.2.2

Update procedure

Please follow this process.

• Please upgrade your /.env and /docker-compose.yml files.

New feature

• Add certificate transparency feature:
  • This feature uses Certstream to gather logs from real-time certificate transparency log stream. Alerts will be raised if they match defined keywords in the suspicious domain names detection batch (6824a6a) & (84c8849).

Merged pull request

• Merge pull request #38 by Thomasrgx

Other minor updates

• Add the possibility to modify TheHive and MISP TAGS when exporting (In the .env file) (fbbc78e).
• Add the possibility to modify the database passwords (In the .env file) (e9cbc03) & (bf2a812) & (62c14fc).
• Several documentation upgrades & Simplify the build process (4106b53) & (03e33f6) & (a3a4f9c) & (dadc3d9).
• Add the possibility to verify LDAP SSL server certificate or not (In the .env file) (f28667c).
• Ticket ID (old RTIR) is no longer required #25 (4ec611c).
• Switch to Node.js 16 (03f9ec5).
• Upgrade Python dependencies (6920db0).
  • Upgrade dnstwist to 20211204 release.
  • Upgrade Django to 3.2.10 release.
• Upgrade npm dependencies (a8d97b3).

What's Changed

• Add certificate transparency feature by @Thomasrgx in #38
• Fix number of instances for certstream by @Thomasrgx in #39
• Add documentation on SMTP and PR by @Thomasrgx in #43
• Bump path-parse from 1.0.6 to 1.0.7 in /Watcher by @dependabot in #49

New Contributors

• @Thomasrgx made their first contribution in #38

Full Changelog: v1.1.1...v1.2.2

v1.1.1

Fixed bugs:

• Authentication credentials were not provided #10 (34840fb)
• Problem parsing some trendy words starting with ' #19 (be79b74)
• Fixed an error pop-up window on the homepage when you are not logged in (c5296e1) & (83f7fc1)
  • Fix 'Authentication credentials were not provided.' error pop-up when accessing the homepage when not authenticated.
• Fix TheHive/MISP export bug (6fc26ea)

Closed issues:

• [Feature Request] Bulk registration of new RSS feeds (or any other data) #15 (b7cdf1e) & (0cf1fb3)
• [Feature Request] Report alerts in Twisted DNS directly to TheHive or MISP #16 (b5031df)

Other minor updates:

• Support the new 1.8.1 TheHive Python API (thehive4py) (e42edae)
• Add default User Groups when using populate_db script (9f04dd1)
  • To add the new default User Groups, use populate_db script (https://felix83000.github.io/Watcher/README.html#populate-your-database).
• Models permissions are now applied to Watcher platform wide (9cd35e7)
  • Now, each model permission attribution within Watcher admin console will be taken into account within Watcher platform wide (Admin console & Watcher web UI)
• Add split monitoring choosing option (32e6c68)
• Improve TwitterTweet Layout (d758f26)
• Improve Threat TrendChart (8ca29c5)
• Upgrade /admin console & Update documentation & Minor graphic change (54adbc0)
• Upgrade threat core algorithm & Upgrade default sources (34af344)
• Upgrade default detection blocklist (2642d2c)
• Add new RSS Feeds (13b9b3b)

Merged pull request:

• Merge pull request #21 from dependabot