From 51aacd6b03cb5cd6854d433480e559772a20ded5 Mon Sep 17 00:00:00 2001
From: Mathieu Beligon <mathieu@feedly.com>
Date: Tue, 26 Jul 2022 23:53:22 -0700
Subject: [PATCH] Reduce diff with old version

---
 clusters/threat-actor.json | 68 +++++++++++++++++++-------------------
 1 file changed, 34 insertions(+), 34 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index bf0c65b..89c0611 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -1782,6 +1782,40 @@
       "uuid": "ba724df5-9aa0-45ca-8e0e-7101c208ae48",
       "value": "Flying Kitten"
     },
+    {
+      "description": "One of the threat actors responsible for the denial of service attacks against U.S in 2012–2013. Three individuals associated with the group—believed to be have been working on behalf of Iran’s Islamic Revolutionary Guard Corps—were indicted by the Justice Department in 2016.",
+      "meta": {
+        "attribution-confidence": "50",
+        "cfr-suspected-state-sponsor": "Iran (Islamic Republic of)",
+        "cfr-suspected-victims": [
+          "United States",
+          "Bank of America",
+          "US Bancorp",
+          "Fifth Third Bank",
+          "Citigroup",
+          "PNC",
+          "BB&T",
+          "Wells Fargo",
+          "Capital One",
+          "HSBC",
+          "AT&T",
+          "NYSE"
+        ],
+        "cfr-type-of-incident": [
+          "Denial of service"
+        ],
+        "country": "IR",
+        "refs": [
+          "https://www.cfr.org/interactive/cyber-operations/itsecteam",
+          "https://www.justice.gov/usao-sdny/file/835061/download"
+        ],
+        "synonyms": [
+          "ITsecTeam"
+        ]
+      },
+      "uuid": "11e17436-6ede-4733-8547-4ce0254ea19e",
+      "value": "Cutting Kitten"
+    },
     {
       "description": "Charming Kitten (aka Parastoo, aka Newscaster) is an group with a suspected nexus to Iran that targets organizations involved in government, defense technology, military, and diplomacy sectors.",
       "meta": {
@@ -9555,40 +9589,6 @@
       "uuid": "091a0b69-74de-44b6-bb12-16b7a8fd078b",
       "value": "ToddyCat"
     },
-    {
-      "description": "One of the threat actors responsible for the denial of service attacks against U.S in 2012–2013. Three individuals associated with the group—believed to be have been working on behalf of Iran’s Islamic Revolutionary Guard Corps—were indicted by the Justice Department in 2016.",
-      "meta": {
-        "attribution-confidence": "50",
-        "cfr-suspected-state-sponsor": "Iran (Islamic Republic of)",
-        "cfr-suspected-victims": [
-          "United States",
-          "Bank of America",
-          "US Bancorp",
-          "Fifth Third Bank",
-          "Citigroup",
-          "PNC",
-          "BB&T",
-          "Wells Fargo",
-          "Capital One",
-          "HSBC",
-          "AT&T",
-          "NYSE"
-        ],
-        "cfr-type-of-incident": [
-          "Denial of service"
-        ],
-        "country": "IR",
-        "refs": [
-          "https://www.cfr.org/interactive/cyber-operations/itsecteam",
-          "https://www.justice.gov/usao-sdny/file/835061/download"
-        ],
-        "synonyms": [
-          "ITsecTeam"
-        ]
-      },
-      "uuid": "7a3f505b-10e9-4177-a96f-d476b55fd3dd",
-      "value": "CUTTING KITTEN"
-    },
     {
       "description": "Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.",
       "meta": {