From f737b7fe0a8a04cd9cdcdaf53d8c1f63df0cc249 Mon Sep 17 00:00:00 2001
From: Deborah Servili <deborah.servili@gmail.com>
Date: Fri, 22 Dec 2017 10:08:54 +0100
Subject: [PATCH] modify SedKit description

---
 clusters/tool.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/clusters/tool.json b/clusters/tool.json
index ea250fe..19fb3a3 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -3230,7 +3230,7 @@
     },
     {
       "value": "Sedkit",
-      "description": "Sedkit was an exploit kit used exclusively by the Sednit group. During its lifetime, Sednit leveraged vulnerabilities in various persistently vulnerable applications, but mostly Adobe Flash and Internet Explorer. When Sedkit was first discovered, potential victims were redirected to its landing page through a watering-hole scheme. Following that campaign, their preferred method consisted of malicious links embedded in emails sent to Sednit’s targets. Sedkit’s workflow is illustrated below.",
+      "description": "Sedkit is the Sednit exploit-kit; it’s used only for targeted attacks, starting with targeted phishing emails with URLs that spoof legitimate URLs. October 2016 is the last time we’re aware that Sedkit was used.",
       "meta": {
         "refs": [
           "https://www.welivesecurity.com/2014/10/08/sednit-espionage-group-now-using-custom-exploit-kit/",