diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index e841a8f..1067ab0 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -7891,11 +7891,12 @@
       "meta": {
         "refs": [
           "https://www.proofpoint.com/us/threat-insight/post/lookback-forges-ahead-continued-targeting-united-states-utilities-sector-reveals",
-          "https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks"
+          "https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks",
+          "https://www.proofpoint.com/us/blog/threat-insight/ta410-group-behind-lookback-attacks-against-us-utilities-sector-returns-new"
         ]
       },
       "uuid": "5cd95926-0098-435e-892d-9c9f61763ad7",
-      "value": "LookBack"
+      "value": "TA410"
     },
     {
       "description": "In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with Chinese-affiliated threat actors, such as APT10.  This multi-wave attacks focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network.",