Merge pull request #683 from Delta-Sierra/main

add TA2541
2022-02-18 12:07:07 +01:00 · 2022-02-18 12:07:07 +01:00 · 089cb39891
parent dc4a7d06de c909a35d65
commit 089cb39891
1 changed files with 10 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -8941,6 +8941,16 @@
      },
      "uuid": "8482f350-867c-11ec-a8a3-0242ac120002",
      "value": "Antlion"
+    },
+    {
+      "description": "Persistent cybercrime threat actor targeting aviation, aerospace, transportation, manufacturing, and defense industries for years. This threat actor consistently uses remote access trojans (RATs) that can be used to remotely control compromised machines. This threat actor uses consistent themes related to aviation, transportation, and travel. The threat actor has used similar themes and targeting since 2017.",
+      "meta": {
+        "refs": [
+          "https://www.proofpoint.com/us/blog/threat-insight/charting-ta2541s-flight"
+        ]
+      },
+      "uuid": "a57e5bf5-d7f4-43a1-9c15-8a44cdb95079",
+      "value": "TA2541"
    }
  ],
  "version": 212