diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 64579ae..01c602b 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -979,8 +979,10 @@ "country": "CN", "refs": [ "http://www.crowdstrike.com/blog/cyber-deterrence-in-action-a-story-of-one-long-hurricane-panda-campaign/", - "https://blog.confiant.com/uncovering-2017s-largest-malvertising-operation-b84cd38d6b85", - "https://blog.confiant.com/zirconium-was-one-step-ahead-of-chromes-redirect-blocker-with-0-day-2d61802efd0d" + "https://www.crowdstrike.com/blog/crowdstrike-discovers-use-64-bit-zero-day-privilege-escalation-exploit-cve-2014-4113-hurricane-panda/" + "https://www.crowdstrike.com/blog/storm-chasing/", + "https://www.crowdstrike.com/blog/cyber-deterrence-in-action-a-story-of-one-long-hurricane-panda-campaign/", + "https://go.recordedfuture.com/hubfs/reports/cta-2019-0206.pdf" ], "synonyms": [ "Black Vine", @@ -1124,7 +1126,6 @@ "https://www.fireeye.com/blog/threat-research/2017/04/apt10_menupass_grou.html", "https://www.eweek.com/security/chinese-nation-state-hackers-target-u.s-in-operation-tradesecret", "https://blog.trendmicro.com/trendlabs-security-intelligence/chessmaster-cyber-espionage-campaign/", - "https://go.recordedfuture.com/hubfs/reports/cta-2019-0206.pdf", "https://www.accenture.com/t20180423T055005Z_w_/se-en/_acnmedia/PDF-76/Accenture-Hogfish-Threat-Analysis.pdf", "https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01C-Intrusions_Affecting_Multiple_Victims_Across_Multiple_Sectors.pdf", "https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html", @@ -7433,7 +7434,8 @@ "refs": [ "https://www.microsoft.com/security/blog/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/", "https://duo.com/decipher/apt-groups-moving-down-the-supply-chain", - "https://github.com/GuardaCyber/APT-Groups-and-Operations/blob/master/Reports/FireEye%20Intel%20-%20APT31%20Threat%20Group%20Profile.pdf", + "https://redalert.nshc.net/2019/12/03/threat-actor-targeting-hong-kong-activists", + "https:/twitter.com/bkMSFT/status/1201876664667582466", "http://www.secureworks.com/research/threat-profiles/bronze-vinewood" ], "synonyms": [