From aa5a6eb062bc033220e4e5257b6600cabec53aed Mon Sep 17 00:00:00 2001
From: jstnk9 <joselsm94@gmail.com>
Date: Thu, 19 Oct 2023 12:39:37 +0200
Subject: [PATCH] threat actor updated

---
 clusters/threat-actor.json | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index e271473..f02dd15 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -6190,7 +6190,8 @@
           "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi",
           "https://decoded.avast.io/threatintel/outbreak-of-follina-in-australia",
           "https://www.proofpoint.com/us/blog/threat-insight/chasing-currents-espionage-south-china-sea",
-          "https://www.accenture.com/_acnmedia/pdf-96/accenture-security-mudcarp.pdf"
+          "https://www.accenture.com/_acnmedia/pdf-96/accenture-security-mudcarp.pdf",
+          "https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/"
         ],
         "synonyms": [
           "TEMP.Periscope",
@@ -6204,7 +6205,8 @@
           "TA423",
           "Red Ladon",
           "ITG09",
-          "MUDCARP"
+          "MUDCARP",
+          "ISLANDDREAMS"
         ]
       },
       "related": [