diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 4cb129d..dd2d3ff 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -2811,14 +2811,16 @@
           "https://threatpost.com/fileless-malware-campaigns-tied-to-same-attacker/124369/",
           "https://www.fireeye.com/blog/threat-research/2017/04/fin7-phishing-lnk.html",
           "https://www.fireeye.com/blog/threat-research/2017/05/fin7-shim-databases-persistence.html",
-          "http://blog.morphisec.com/fin7-attacks-restaurant-industry",
+          "https://blog.morphisec.com/fin7-attacks-restaurant-industry",
           "https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/",
-          "http://blog.morphisec.com/fin7-attack-modifications-revealed",
-          "http://blog.morphisec.com/fin7-not-finished-morphisec-spots-new-campaign",
+          "https://blog.morphisec.com/fin7-attack-modifications-revealed",
+          "https://blog.morphisec.com/fin7-not-finished-morphisec-spots-new-campaign",
           "https://securelist.com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/",
           "https://www.fireeye.com/blog/threat-research/2018/08/fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html",
           "https://attack.mitre.org/groups/G0046/",
           "https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
+          "https://threatintel.blog/OPBlueRaven-Part1/",
+          "https://threatintel.blog/OPBlueRaven-Part2/",
           "https://www.secureworks.com/research/threat-profiles/gold-niagara"
         ],
         "synonyms": [
@@ -3077,6 +3079,7 @@
           "https://threatpost.com/banco-de-chile-wiper-attack-just-a-cover-for-10m-swift-heist/132796/",
           "https://www.darkreading.com/attacks-breaches/north-korean-hacking-group-steals-$135-million-from-indian-bank-/d/d-id/1332678",
           "https://www.zdnet.com/article/north-korean-hackers-infiltrate-chiles-atm-network-after-skype-job-interview/",
+          "https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html",
           "https://www.secureworks.com/research/threat-profiles/nickel-gladstone"
         ],
         "synonyms": [
@@ -8336,5 +8339,5 @@
       "value": "GALLIUM"
     }
   ],
-  "version": 174
+  "version": 175
 }