From 3c9f09edfcb7ca06243cc4a2036c3830927ee95d Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Fri, 17 Nov 2023 02:59:56 -0800
Subject: [PATCH] [threat-actors] Add WeedSec

---
 clusters/threat-actor.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 1c65bf6..b088671 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13171,6 +13171,16 @@
       },
       "uuid": "8dfac62e-395e-4e47-b6b6-8ab817ac25c1",
       "value": "TEMP_Heretic"
+    },
+    {
+      "description": "WeedSec is a threat actor group that recently targeted the online learning and course management platform Moodle. They posted sample databases of Moodle on their Telegram channel, which is widely used by educational institutions and workplaces.",
+      "meta": {
+        "refs": [
+          "https://socradar.io/cyber-awakeness-month-takedown-of-trigona-hive-ransomware-resurges-ransomedforum-and-new-raas-qbit/"
+        ]
+      },
+      "uuid": "000a2535-8fbf-459d-a067-d10528496a92",
+      "value": "WeedSec"
     }
   ],
   "version": 294