From 352998a84d01bda26e42f18545b0bebeabd66d5e Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Wed, 17 Aug 2022 07:40:23 +0200
Subject: [PATCH] fix: [threat-actor] add missing refs for APT33 including CFR
 link

---
 clusters/threat-actor.json | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 28c65f75..fb2c9999 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -1967,7 +1967,10 @@
           "https://symantec-blogs.broadcom.com/blogs/threat-intelligence/elfin-apt33-espionage",
           "https://www.secureworks.com/research/threat-profiles/cobalt-trinity",
           "https://attack.mitre.org/groups/G0064/",
-          "https://threatconnect.com/blog/research-roundup-activity-on-previously-identified-apt33-domains/"
+          "https://threatconnect.com/blog/research-roundup-activity-on-previously-identified-apt33-domains/",
+          "https://www.cfr.org/interactive/cyber-operations/apt-33",
+          "https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf",
+          "https://dragos.com/adversaries.html"
         ],
         "synonyms": [
           "APT 33",
@@ -10007,5 +10010,5 @@
       "value": "SLIME29"
     }
   ],
-  "version": 239
+  "version": 240
 }