diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index f76a0092..a00fe336 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -4751,14 +4751,16 @@ "https://www.microsoft.com/security/blog/2022/08/15/disrupting-seaborgiums-ongoing-phishing-operations", "https://blog.sekoia.io/calisto-continues-its-credential-harvesting-campaign", "https://services.google.com/fh/files/blogs/google_fog_of_war_research_report.pdf", - "https://www.darkreading.com/attacks-breaches/russian-apt-bluecharlie-swaps-infrastructure-to-evade-detection" + "https://www.darkreading.com/attacks-breaches/russian-apt-bluecharlie-swaps-infrastructure-to-evade-detection", + "https://www.microsoft.com/en-us/security/blog/2023/12/07/star-blizzard-increases-sophistication-and-evasion-in-ongoing-attacks/" ], "synonyms": [ "COLDRIVER", "SEABORGIUM", "TA446", "GOSSAMER BEAR", - "BlueCharlie" + "BlueCharlie", + "Star Blizzard" ], "targeted-sector": [ "Government, Administration",