From 21d4292faf1e0269dbd83efe5224ed918e3771bf Mon Sep 17 00:00:00 2001 From: Mathieu Beligon Date: Wed, 2 Nov 2022 23:31:31 -0700 Subject: [PATCH] [threat-actors] Remove DustStorm alias from APT10 --- clusters/threat-actor.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index b4923fb4..7ca7ffcc 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -100,6 +100,7 @@ "value": "Nitro" }, { + "description": "Threat actors behind the Operation Dust Storm have been active since at least 2010, the hackers targeted several organizations in Japan, South Korea, the US, Europe, and other Asian countries.", "meta": { "refs": [ "https://www.cylance.com/content/dam/cylance/pdfs/reports/Op_Dust_Storm_Report.pdf", @@ -871,6 +872,7 @@ "value": "APT27" }, { + "description": "menuPass is a threat group that has been active since at least 2006. Individual members of menuPass are known to have acted in association with the Chinese Ministry of State Security's (MSS) Tianjin State Security Bureau and worked for the Huaying Haitai Science and Technology Development Company.", "meta": { "attribution-confidence": "50", "cfr-suspected-state-sponsor": "China", @@ -921,7 +923,6 @@ "Menupass Team", "happyyongzi", "POTASSIUM", - "DustStorm", "Red Apollo", "CVNX", "HOGFISH",