diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index faa989b..fcb4e4e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -4875,7 +4875,12 @@
           "https://www.justice.gov/opa/pr/justice-department-disrupts-russian-intelligence-spear-phishing-efforts",
           "https://www.justice.gov/opa/pr/two-russian-nationals-working-russias-federal-security-service-charged-global-computer",
           "https://www.justice.gov/opa/media/1327601/dl?inline",
-          "https://www.noticeofpleadings.com/starblizzard/"
+          "https://www.noticeofpleadings.com/starblizzard/",
+          "https://edeca.net/post/2024-06-26-an-interesting-callisto-yara-rule",
+          "https://blog.sekoia.io/calisto-continues-its-credential-harvesting-campaign",
+          "https://blog.sekoia.io/calisto-show-interests-into-entities-involved-in-ukraine-war-support",
+          "https://blog.sekoia.io/one-year-after-the-cyber-implications-of-the-russo-ukrainian-war/",
+          "https://blog.sekoia.io/calisto-doxxing-sekoia-io-findings-concurs-to-reuters-investigation-on-fsb-related-andrey-korinets/"
         ],
         "synonyms": [
           "COLDRIVER",
@@ -4890,7 +4895,7 @@
           "Blue Callisto"
         ],
         "targeted-sector": [
-          "Government, Administration",
+          "Government Administration",
           "Military",
           "Think Tanks",
           "Journalist"