From bfceda0029c538f0f9bb964eb5841c2f4fd3b85a Mon Sep 17 00:00:00 2001
From: Rony <49360849+r0ny123@users.noreply.github.com>
Date: Thu, 11 Apr 2024 04:15:38 +0000
Subject: [PATCH] chg: [threat-actors] add `Storm-0558` references

---
 clusters/threat-actor.json | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index cb873e7..ac21e2f 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -12601,7 +12601,11 @@
           "https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/",
           "https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr",
           "https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/",
-          "https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html"
+          "https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html",
+          "https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/",
+          "https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/",
+          "https://www.youtube.com/watch?v=khywfhJv4H8",
+          "https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf"
         ]
       },
       "uuid": "5b30bcb8-4923-45cc-bc89-29651ca5d54e",