diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 6f2d28c..217c6c1 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -2352,6 +2352,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "d52ca4c4-d214-11e8-8d29-c3e7cb78acce", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" } ], "uuid": "f512de42-f76b-40d2-9923-59e7dbdfec35", @@ -5947,7 +5954,27 @@ }, "uuid": "b27beb94-ce25-11e8-8e11-2f1a59bd0e91", "value": "Roaming Mantis" + }, + { + "description": "ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks", + "meta": { + "refs": [ + "https://www.eset.com/int/greyenergy-exposed/", + "https://www.welivesecurity.com/2018/10/17/greyenergy-updated-arsenal-dangerous-threat-actors/" + ] + }, + "related": [ + { + "dest-uuid": "f512de42-f76b-40d2-9923-59e7dbdfec35", + "tags": [ + "estimative-language:likelihood-probability=\"likely\"" + ], + "type": "similar" + } + ], + "uuid": "d52ca4c4-d214-11e8-8d29-c3e7cb78acce", + "value": "GreyEnergy" } ], - "version": 72 + "version": 73 }