diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index b4923fb..7ca7ffc 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -100,6 +100,7 @@
       "value": "Nitro"
     },
     {
+      "description": "Threat actors behind the Operation Dust Storm have been active since at least 2010, the hackers targeted several organizations in Japan, South Korea, the US, Europe, and other Asian countries.",
       "meta": {
         "refs": [
           "https://www.cylance.com/content/dam/cylance/pdfs/reports/Op_Dust_Storm_Report.pdf",
@@ -871,6 +872,7 @@
       "value": "APT27"
     },
     {
+      "description": "menuPass is a threat group that has been active since at least 2006. Individual members of menuPass are known to have acted in association with the Chinese Ministry of State Security's (MSS) Tianjin State Security Bureau and worked for the Huaying Haitai Science and Technology Development Company.",
       "meta": {
         "attribution-confidence": "50",
         "cfr-suspected-state-sponsor": "China",
@@ -921,7 +923,6 @@
           "Menupass Team",
           "happyyongzi",
           "POTASSIUM",
-          "DustStorm",
           "Red Apollo",
           "CVNX",
           "HOGFISH",