From c820b450f6720271932b99978707ee9e00f8aa23 Mon Sep 17 00:00:00 2001
From: Rony <49360849+r0ny123@users.noreply.github.com>
Date: Sun, 26 Jan 2025 23:25:54 +0530
Subject: [PATCH] chg: [threat-actor] update `UNC4841` with more references and
 add `SLIME57` as an alias

---
 clusters/threat-actor.json | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index c0800441..b94961cd 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13788,9 +13788,24 @@
       "meta": {
         "country": "CN",
         "refs": [
-          "https://blog.polyswarm.io/unc4841-targeting-government-entities-with-barracuda-esg-0day-cve-2023-2868",
-          "https://www.mandiant.com/resources/blog/unc4841-post-barracuda-zero-day-remediation",
-          "https://www.mandiant.com/resources/blog/barracuda-esg-exploited-globally"
+          "https://cloud.google.com/blog/topics/threat-intelligence/unc4841-post-barracuda-zero-day-remediation/",
+          "https://cloud.google.com/blog/topics/threat-intelligence/barracuda-esg-exploited-globally/",
+          "https://i.blackhat.com/Asia-24/Presentations/Asia-24-Chen-Chinese-APT.pdf",
+          "https://www.youtube.com/watch?v=PSaix1C-UMI",
+          "https://www.youtube.com/watch?v=4zaStuUdvrE",
+          "https://sansorg.egnyte.com/dd/8ekLJCPHPj/",
+          "https://www.cisa.gov/sites/default/files/2023-07/MAR-10454006.r3.v1.CLEAR_.pdf",
+          "https://www.cisa.gov/sites/default/files/2023-07/MAR-10454006.r2.v1.CLEAR_.pdf",
+          "https://www.cisa.gov/sites/default/files/2023-07/MAR-10454006.r1.v2.CLEAR_.pdf",
+          "https://www.cisa.gov/sites/default/files/2023-08/MAR-10459736.r1.v1.CLEAR_.pdf",
+          "https://www.cisa.gov/sites/default/files/2023-08/MAR-10454006.r4.v2.CLEAR_.pdf",
+          "https://www.cisa.gov/sites/default/files/2023-09/MAR-10454006.r5.v1.CLEAR__0.pdf",
+          "https://www.barracuda.com/company/legal/esg-vulnerability",
+          "https://mandiant.widen.net/s/qwlxddwdg6/barracuda-cve-2023-2868-hardening",
+          "https://jsac.jpcert.or.jp/archive/2025/pdf/JSAC2025_1_5_leon-chang_theo-chen_en.pdf"
+        ],
+        "synonyms": [
+          "SLIME57"
         ]
       },
       "uuid": "8959fbb4-95f0-485d-bba2-db9140b95386",