Reduce diff with old version

2022-07-26 23:53:22 -07:00 · 2022-07-26 23:53:22 -07:00 · 51aacd6b03
parent acc6ada575
commit 51aacd6b03
1 changed files with 34 additions and 34 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -1782,6 +1782,40 @@
      "uuid": "ba724df5-9aa0-45ca-8e0e-7101c208ae48",
      "value": "Flying Kitten"
    },
+    {
+      "description": "One of the threat actors responsible for the denial of service attacks against U.S in 2012–2013. Three individuals associated with the group—believed to be have been working on behalf of Iran’s Islamic Revolutionary Guard Corps—were indicted by the Justice Department in 2016.",
+      "meta": {
+        "attribution-confidence": "50",
+        "cfr-suspected-state-sponsor": "Iran (Islamic Republic of)",
+        "cfr-suspected-victims": [
+          "United States",
+          "Bank of America",
+          "US Bancorp",
+          "Fifth Third Bank",
+          "Citigroup",
+          "PNC",
+          "BB&T",
+          "Wells Fargo",
+          "Capital One",
+          "HSBC",
+          "AT&T",
+          "NYSE"
+        ],
+        "cfr-type-of-incident": [
+          "Denial of service"
+        ],
+        "country": "IR",
+        "refs": [
+          "https://www.cfr.org/interactive/cyber-operations/itsecteam",
+          "https://www.justice.gov/usao-sdny/file/835061/download"
+        ],
+        "synonyms": [
+          "ITsecTeam"
+        ]
+      },
+      "uuid": "11e17436-6ede-4733-8547-4ce0254ea19e",
+      "value": "Cutting Kitten"
+    },
    {
      "description": "Charming Kitten (aka Parastoo, aka Newscaster) is an group with a suspected nexus to Iran that targets organizations involved in government, defense technology, military, and diplomacy sectors.",
      "meta": {
@ -9555,40 +9589,6 @@
      "uuid": "091a0b69-74de-44b6-bb12-16b7a8fd078b",
      "value": "ToddyCat"
    },
-    {
-      "description": "One of the threat actors responsible for the denial of service attacks against U.S in 2012–2013. Three individuals associated with the group—believed to be have been working on behalf of Iran’s Islamic Revolutionary Guard Corps—were indicted by the Justice Department in 2016.",
-      "meta": {
-        "attribution-confidence": "50",
-        "cfr-suspected-state-sponsor": "Iran (Islamic Republic of)",
-        "cfr-suspected-victims": [
-          "United States",
-          "Bank of America",
-          "US Bancorp",
-          "Fifth Third Bank",
-          "Citigroup",
-          "PNC",
-          "BB&T",
-          "Wells Fargo",
-          "Capital One",
-          "HSBC",
-          "AT&T",
-          "NYSE"
-        ],
-        "cfr-type-of-incident": [
-          "Denial of service"
-        ],
-        "country": "IR",
-        "refs": [
-          "https://www.cfr.org/interactive/cyber-operations/itsecteam",
-          "https://www.justice.gov/usao-sdny/file/835061/download"
-        ],
-        "synonyms": [
-          "ITsecTeam"
-        ]
-      },
-      "uuid": "7a3f505b-10e9-4177-a96f-d476b55fd3dd",
-      "value": "CUTTING KITTEN"
-    },
    {
      "description": "Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.",
      "meta": {