diff --git a/clusters/branded_vulnerability.json b/clusters/branded_vulnerability.json
index 99dd9f1..2742777 100644
--- a/clusters/branded_vulnerability.json
+++ b/clusters/branded_vulnerability.json
@@ -184,5 +184,5 @@
       "value": "BlueKeep"
     }
   ],
-  "version": 3
+  "version": 4
 }
diff --git a/clusters/ransomware.json b/clusters/ransomware.json
index 1eae530..144fcaf 100644
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@@ -13449,7 +13449,30 @@
       },
       "uuid": "24bd9a4b-2b66-428b-8e1c-6b280b056c00",
       "value": "Sodinokibi"
+    },
+    {
+      "description": "Phobos exploits open or poorly secured RDP ports to sneak inside networks and execute a ransomware attack, encrypting files and demanding a ransom be paid in bitcoin for returning the files, which in this case are locked with a .phobos extension.",
+      "meta": {
+        "payment-method": "Bitcoin",
+        "refs": [
+          "https://www.zdnet.com/article/new-phobos-ransomware-exploits-weak-security-to-hit-targets-around-the-world/"
+        ]
+      },
+      "uuid": "6cfa554a-1e1b-327a-605f-025d761570b1",
+      "value": "Phobos"
+    },
+    {
+      "description": "A new ransomware is in the dark market which encrypts all the files on the device and redirects victims to the RIG exploit kit.",
+      "meta": {
+        "payment-method": "Bitcoin",
+        "price": "300 $",
+        "refs": [
+          "https://www.ehackingnews.com/2019/05/getcrypt-ransomware-modus-operandi-and.html"
+        ]
+      },
+      "uuid": "6cfa553a-1e1b-115a-401f-015d681470b1",
+      "value": "GetCrypt"
     }
   ],
-  "version": 62
+  "version": 64
 }