From e5b3062912eec0a74556f428a2cc30cda2965a8a Mon Sep 17 00:00:00 2001 From: Delta-Sierra Date: Mon, 3 Oct 2022 16:06:13 +0200 Subject: [PATCH 1/2] add Volatile Cedar synonym --- clusters/threat-actor.json | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 50582e6..574c3dc 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -3613,13 +3613,15 @@ "https://blog.checkpoint.com/2015/06/09/new-data-volatile-cedar/", "https://securelist.com/sinkholing-volatile-cedar-dga-infrastructure/69421/", "https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf", - "https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2015/03/20082004/volatile-cedar-technical-report.pdf" + "https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2015/03/20082004/volatile-cedar-technical-report.pdf", + "https://securelist.com/defttorero-tactics-techniques-and-procedures/107610/" ], "suspected-victims": [ "Middle East", "Israel", "Lebanon", - "Saudi Arabia" + "Saudi Arabia", + "DeftTorero" ], "synonyms": [ "Lebanese Cedar" @@ -9884,5 +9886,5 @@ "value": "APT-Q-12" } ], - "version": 249 + "version": 250 } From 355025eb5b8ac7f3d09fb1b9a596681fadeeb2bf Mon Sep 17 00:00:00 2001 From: Delta-Sierra Date: Tue, 4 Oct 2022 13:28:42 +0200 Subject: [PATCH 2/2] fix metadata in wrong slot --- clusters/threat-actor.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 574c3dc..b4923fb 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -3620,11 +3620,11 @@ "Middle East", "Israel", "Lebanon", - "Saudi Arabia", - "DeftTorero" + "Saudi Arabia" ], "synonyms": [ - "Lebanese Cedar" + "Lebanese Cedar", + "DeftTorero" ] }, "related": [