From e1407c3c3fda30ea760a097f40db753d809970bf Mon Sep 17 00:00:00 2001
From: Mathieu Beligon <mathieu@feedly.com>
Date: Thu, 2 Mar 2023 10:29:29 -0800
Subject: [PATCH] [threat-actors] Add SLIPPY SPIDER alias to LAPSUS

---
 clusters/threat-actor.json | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index d31bc4b..45914d9 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -8895,11 +8895,13 @@
       "meta": {
         "refs": [
           "https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/",
-          "https://blog.checkpoint.com/2022/03/07/lapsus-ransomware-gang-uses-stolen-source-code-to-disguise-malware-files-as-trustworthy-check-point-customers-remain-protected/"
+          "https://blog.checkpoint.com/2022/03/07/lapsus-ransomware-gang-uses-stolen-source-code-to-disguise-malware-files-as-trustworthy-check-point-customers-remain-protected/",
+          "https://www.crowdstrike.com/adversaries/slippy-spider/"
         ],
         "synonyms": [
           "LAPSUS$",
-          "DEV-0537"
+          "DEV-0537",
+          "SLIPPY SPIDER"
         ]
       },
       "uuid": "d9e5be22-1a04-4956-af6c-37af02330980",