From d0a1e04de606ec47eb6c853b97f3fa8f0436e26a Mon Sep 17 00:00:00 2001 From: Rony <49360849+r0ny123@users.noreply.github.com> Date: Tue, 26 Mar 2024 00:59:48 +0530 Subject: [PATCH] chg: [threat-actors] updated with references --- clusters/threat-actor.json | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index b308faa..6c36d99 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -8100,7 +8100,22 @@ "https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf", "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi", "https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf", - "https://www.proofpoint.com/us/blog/threat-insight/above-fold-and-your-inbox-tracing-state-aligned-activity-targeting-journalists" + "https://www.proofpoint.com/us/blog/threat-insight/above-fold-and-your-inbox-tracing-state-aligned-activity-targeting-journalists", + "https://www.fortinet.com/blog/psirt-blogs/importance-of-patching-an-analysis-of-the-exploitation-of-n-day-vulnerabilities", + "https://intrusiontruth.wordpress.com/2023/05/11/article-1-whats-cracking-at-the-kerui-cracking-academy", + "https://intrusiontruth.wordpress.com/2023/05/12/the-illustrious-graduates-of-wuhan-kerui", + "https://intrusiontruth.wordpress.com/2023/05/13/all-roads-lead-back-to-wuhan-xiaoruizhi-science-and-technology-company", + "https://intrusiontruth.wordpress.com/2023/05/15/trouble-in-paradise", + "https://intrusiontruth.wordpress.com/2023/05/16/introducing-cheng-feng", + "https://intrusiontruth.wordpress.com/2023/05/17/missing-links", + "https://ics-cert.kaspersky.com/media/Kaspersky-ICS-CERT-Common-TTPs-of-attacks-against-industrial-organizations-implants-for-remote-access-En.pdf", + "https://asec.ahnlab.com/ko/55070", + "https://intrusiontruth.wordpress.com/2023/07/04/wuhan-xiaoruizhi-class-of-19", + "https://intrusiontruth.wordpress.com/2023/07/07/one-man-and-his-lasers", + "https://www.verfassungsschutz.de/SharedDocs/publikationen/DE/cyberabwehr/2023-02-bfv-cyber-brief.pdf?__blob=publicationFile&v=6", + "https://www.justice.gov/opa/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting-perceived", + "https://www.justice.gov/opa/media/1345141/dl?inline", + "https://www.gov.uk/government/news/uk-holds-china-state-affiliated-organisations-and-individuals-responsible-for-malicious-cyber-activity" ], "synonyms": [ "ZIRCONIUM", @@ -10853,7 +10868,12 @@ "https://www.crowdstrike.com/blog/overwatch-exposes-aquatic-panda-in-possession-of-log-4-shell-exploit-tools", "https://decoded.avast.io/luigicamastra/backdoored-client-from-mongolian-ca-monpass", "https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf", - "https://go.recordedfuture.com/hubfs/reports/cta-2023-0808.pdf" + "https://go.recordedfuture.com/hubfs/reports/cta-2023-0808.pdf", + "https://securelist.com/apt-annual-review-2021/105127", + "https://securelist.com/apt-trends-report-q2-2021/103517", + "https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/jolly-jellyfish/NCSC-MAR-Jolly-Jellyfish.pdf", + "https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/pdf/2022-year-in-retrospect-report.pdf", + "https://www.youtube.com/watch?v=-7Swd1ZetiQ", ], "synonyms": [ "CHROMIUM", @@ -10864,7 +10884,9 @@ "AQUATIC PANDA", "Red Dev 10", "RedHotel", - "Charcoal Typhoon" + "Charcoal Typhoon", + "BountyGlad", + "Red Scylla" ] }, "related": [