From 92f9ed1148b245b62ef892262dea6fb696f24674 Mon Sep 17 00:00:00 2001 From: Mathieu Beligon Date: Thu, 14 Dec 2023 15:00:22 +0100 Subject: [PATCH] [threat-actors] Add Callisto aliases --- clusters/threat-actor.json | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index f76a009..a00fe33 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -4751,14 +4751,16 @@ "https://www.microsoft.com/security/blog/2022/08/15/disrupting-seaborgiums-ongoing-phishing-operations", "https://blog.sekoia.io/calisto-continues-its-credential-harvesting-campaign", "https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf", - "https://www.darkreading.com/attacks-breaches/russian-apt-bluecharlie-swaps-infrastructure-to-evade-detection" + "https://www.darkreading.com/attacks-breaches/russian-apt-bluecharlie-swaps-infrastructure-to-evade-detection", + "https://www.microsoft.com/en-us/security/blog/2023/12/07/star-blizzard-increases-sophistication-and-evasion-in-ongoing-attacks/" ], "synonyms": [ "COLDRIVER", "SEABORGIUM", "TA446", "GOSSAMER BEAR", - "BlueCharlie" + "BlueCharlie", + "Star Blizzard" ], "targeted-sector": [ "Government, Administration",