From eb665e288368dd2046d7c284b8f14eef7bd45690 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 10 Mar 2019 11:15:13 +0100
Subject: [PATCH] chg: [threat-actor] jq all the things

---
 clusters/threat-actor.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index e4f7c21..bd910c1 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -6404,16 +6404,16 @@
       "value": "APT-C-36"
     },
     {
-      "value": "IRIDIUM",
-      "uuid": "29cfe970-5446-4cfc-a2da-00e9f49e02ba",
       "description": "Resecurity’s research indicates that the attack on Parliament is a part of a multi-year cyberespionage campaign orchestrated by a nation-state actor whom we are calling IRIDIUM. This actor targets sensitive government, diplomatic, and military resources in the countries comprising the Five Eyes intelligence alliance (which includes Australia, Canada, New Zealand, the United Kingdom and the United States)",
       "meta": {
+        "country": "IR",
         "refs": [
           "https://resecurity.com/blog/parliament_races/",
           "https://www.nbcnews.com/politics/national-security/iranian-backed-hackers-stole-data-major-u-s-government-contractor-n980986"
-        ],
-        "country": "IR"
-      }
+        ]
+      },
+      "uuid": "29cfe970-5446-4cfc-a2da-00e9f49e02ba",
+      "value": "IRIDIUM"
     }
   ],
   "version": 95