fix 2013 part 1

README.md

@@ -1049,18 +1049,20 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
 * Jan 06 - [PlugX: some uncovered points](http://blog.cassidiancybersecurity.com/2014/01/plugx-some-uncovered-points.html)
 
 ## 2013
-* ??? ?? - [THE LITTLE MALWARE THAT COULD: Detecting and Defeating the China Chopper Web Shell](https://www.fireeye.com/content/dam/FireEye-www/global/en/current-threats/pdfs/rpt-china-chopper.pdf) | [:closed_book:](../../blob/master/2013/2013.China_Chopper_Web_Shell)
+* XXX XX - [[KPMG] Energy at Risk: A Study of IT Security in the Energy and Natural Resources Industry]() | [:closed_book:](../../blob/master/2013/2013.00.00.Energy_at_Risk)
+* XXX XX - [[FireEye] THE LITTLE MALWARE THAT COULD: Detecting and Defeating the China Chopper Web Shell](https://www.fireeye.com/content/dam/FireEye-www/global/en/current-threats/pdfs/rpt-china-chopper.pdf) | [:closed_book:](../../blob/master/2013/2013.00.00.China_Chopper_Web_Shell)
 * ??? ?? - [Deep Panda](http://www.crowdstrike.com/sites/default/files/AdversaryIntelligenceReport_DeepPanda_0.pdf) (OFFLINE) | [:closed_book:](../../blob/master//2013/2013.Deep.Panda)
 * ??? ?? - [[Fireeye] OPERATION SAFFRON ROSE](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf) | [:closed_book:](../../blob/master/2013/2013.OPERATION_SAFFRON_ROSE)
-* Dec 20 - [ETSO APT Attacks Analysis](http://image.ahnlab.com/global/upload/download/documents/1401223631603288.pdf) | [:closed_book:](../../blob/master//2013/2013.12.20.ETSO)
+* Dec 20 - [ETSO APT Attacks Analysis](http://image.ahnlab.com/global/upload/download/documents/1401223631603288.pdf) | [:closed_book:](../../blob/master/2013/2013.12.20.ETSO)
+* Dec 12 - [[FireEye] Operation Ke3chang: Targeted Attacks Against Ministries of Foreign Affairs](https://www.fireeye.com/blog/executive-perspective/2013/12/operation-ke3chang-targeted-attacks-against-ministries-of-foreign-affairs.html) | [:closed_book:](../../blob/master/2013/2013.12.12.Operation_Ke3chang)
 * Dec 11 - [Operation "Ke3chang"](http://www.fireeye.com/resources/pdfs/FireEye-operation-ke3chang.pdf)
 * Dec 02 - [njRAT, The Saga Continues](http://www.fidelissecurity.com/files/files/FTA%201010%20-%20njRAT%20The%20Saga%20Continues.pdf)
 * Nov 11 - [[FireEye] Supply Chain Analysis](http://www.fireeye.com/resources/pdfs/FireEye-malware-supply-chain.pdf)
 * Nov 10 - [[FireEye] Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method](http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/operation-ephemeral-hydra-ie-zero-day-linked-to-deputydog-uses-diskless-method.html)
 * Oct 24 - [[FireEye] Terminator RAT](https://www.fireeye.com/blog/threat-research/2013/10/evasive-tactics-terminator-rat.html) or [FakeM RAT](http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf) | [:closed_book:](../../blob/master//2013/2013.10.24)
 * Sep 30 - [[FireEye] World War C: State of affairs in the APT world](https://www.fireeye.com/blog/threat-research/2013/09/new-FireEye-report-world-war-c.html)
-* Sep 25 - [The 'ICEFROG' APT: A Tale of cloak and three daggers](http://www.securelist.com/en/downloads/vlpdfs/icefog.pdf)
-* Sep 17 - [Hidden Lynx - Professional Hackers for Hire](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/hidden_lynx.pdf)
+* Sep 25 - [The 'ICEFROG' APT: A Tale of cloak and three daggers](http://www.securelist.com/en/downloads/vlpdfs/icefog.pdf) | [:closed_book:](../../blob/master//2013/2013.09.25.ICEFROG_APT)
+* Sep 17 - [Hidden Lynx - Professional Hackers for Hire](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/hidden_lynx.pdf) | [:closed_book:](../../blob/master//2013/2013.09.17.Hidden_Lynx)
 * Sep 13 - [Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets](http://www.fireeye.com/blog/technical/cyber-exploits/2013/09/operation-deputydog-zero-day-cve-2013-3893-attack-against-japanese-targets.html)
 * Sep 11 - [The "Kimsuky" Operation](https://securelist.com/analysis/57915/the-kimsuky-operation-a-north-korean-apt/)
 * Sep 06 - [Evasive Tactics: Taidoor](https://www.fireeye.com/blog/threat-research/2013/09/evasive-tactics-taidoor-3.html) | [:closed_book:](../../blob/master//2013/2013.09.06.EvasiveTactics_Taidoor)
@@ -1077,7 +1079,7 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
 * Jul 15 - [PlugX revisited: "Smoaler"](http://sophosnews.files.wordpress.com/2013/07/sophosszappanosplugxrevisitedintroducingsmoaler-rev1.pdf)
 * Jul 09 - [Dark Seoul Cyber Attack: Could it be worse?](http://cisak.perpika.kr/wp-content/uploads/2013/07/2013-08.pdf)
 * Jun 30 - [Targeted Campaign Steals Credentials in Gulf States and Caribbean](https://blogs.mcafee.com/mcafee-labs/targeted-campaign-steals-credentials-in-gulf-states-and-caribbean)
-* Jun 28 - [njRAT Uncovered](http://threatgeek.typepad.com/files/fta-1009---njrat-uncovered-1.pdf)
+* Jun 28 - [njRAT Uncovered](http://threatgeek.typepad.com/files/fta-1009---njrat-uncovered-1.pdf) | [:closed_book:](../../blob/master//2013/2013.06.28.njRAT_Uncovered)
 * Jun 21 - [[Citizen Lab] A Call to Harm: New Malware Attacks Target the Syrian Opposition](https://citizenlab.org/wp-content/uploads/2013/07/19-2013-acalltoharm.pdf) | [:closed_book:](../../blob/master/2013/2013.06.21.Syrian_Attack)
 * Jun 18 - [[FireEye] Trojan.APT.Seinup Hitting ASEAN](http://www.fireeye.com/blog/technical/malware-research/2013/06/trojan-apt-seinup-hitting-asean.html) | [:closed_book:](../../blob/master/2013/2013.06.18.APT_Seinup)
 * Jun 07 - [[Rapid7] KeyBoy, Targeted Attacks against Vietnam and India](https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india) | [:closed_book:](../../blob/master/2013/2013.06.07.KeyBoy_APT)
@@ -1089,6 +1091,7 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
 * May 16 - [[ESET] Targeted information stealing attacks in South Asia use email, signed binaries](https://www.welivesecurity.com/2013/05/16/targeted-threat-pakistan-india/) | [:closed_book:](../../blob/master/2013/2013.05.16.targeted-threat-pakistan-india)
 * Apr 21 - [[Bitdefender] MiniDuke - The Final Cut](http://labs.bitdefender.com/2013/04/miniduke-the-final-cut) | [:closed_book:](../../blob/master/2013/2013.04.21.MiniDuke)
 * Apr 13 - [[Kaspersky] "Winnti" More than just a game](http://www.securelist.com/en/downloads/vlpdfs/winnti-more-than-just-a-game-130410.pdf) | [:closed_book:](../../blob/master/2013/2013.04.13.Winnti) 
+* Apr 07 - [[FireEye] WORLD WAR C](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/fireeye-wwc-report.pdf) | [:closed_book:](../../blob/master/2013/2013.04.07_WORLD_WAR_C)
 * Apr 01 - [[FireEye] Trojan.APT.BaneChant](http://www.fireeye.com/blog/technical/malware-research/2013/04/trojan-apt-banechant-in-memory-trojan-that-observes-for-multiple-mouse-clicks.html) | [:closed_book:](../../blob/master/2013/2013.04.01.APT_BaneChant)
 * Mar 28 - [[Circl] TR-12 - Analysis of a PlugX malware variant used for targeted attacks](http://www.circl.lu/pub/tr-12/) | [:closed_book:](../../blob/master/2013/2013.03.28.TR-12_PlugX_malware)
 * Mar 27 - [[malware.lu] APT1: technical backstage (Terminator/Fakem RAT)](http://www.malware.lu/assets/files/articles/RAP002_APT1_Technical_backstage.1.0.pdf) | [:closed_book:](../../blob/master/2013/2013.03.27.APT1_technical_backstage)
@@ -1105,9 +1108,11 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
 * Feb 12 - [[AIT] Targeted cyber attacks: examples and challenges ahead](http://www.ait.ac.at/uploads/media/Presentation_Targeted-Attacks_EN.pdf) | [:closed_book:](../../blob/master/2013/2013.02.12.Targeted-Attacks)
 * Jan 18 - [[McAfee] Operation Red October](https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/24000/PD24250/en_US/McAfee_Labs_Threat_Advisory_Exploit_Operation_Red_Oct.pdf) | [:closed_book:](../../blob/master/2013/2013.01.18.Operation_Red_Oct)
 * Jan 14 - [[Kaspersky] The Red October Campaign](https://securelist.com/blog/incidents/57647/the-red-october-campaign) | [:closed_book:](../../blob/master/2013/2013.01.14.Red_October_Campaign)
+* Jan 02 - [[FireEye] SUPPLY CHAIN ANALYSIS: From Quartermaster to SunshopFireEye](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-malware-supply-chain.pdf) | [:closed_book:](../../blob/master/2013/2013.01.12.SUPPLY_CHAIN_ANALYSIS)
 
 ## 2012
 * Nov ?? - [[KrebsonSecurity] "Wicked Rose" and the NCPH Hacking Group](https://krebsonsecurity.com/wp-content/uploads/2012/11/WickedRose_andNCPH.pdf) | [:closed_book:](../../blob/master/2012/2012.11.00_Wicked_Rose)
+* Nov 13 - [[FireEye] Poison Ivy Malware Analysis](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf) | [:closed_book:](../../blob/master/2012/2012.11.13.Poison_Ivy)
 * Nov 03 - [[CyberPeace] Systematic cyber attacks against Israeli and Palestinian targets going on for a year](http://cyber-peace.org/wp-content/uploads/2014/01/Cyberattack_against_Israeli_and_Palestinian_targets.pdf) | [:closed_book:](../../blob/master/2012/2012.11.03.Israeli_and_Palestinian_Attack)
 * Nov 01 - [[Fidelis] RECOVERING FROM SHAMOON](http://www.fidelissecurity.com/sites/default/files/FTA%201007%20-%20Shamoon.pdf) | [:closed_book:](../../blob/master/2012/2012.11.01.RECOVERING_FROM_SHAMOON)
 * Oct 31 - [[DEA] CYBER ESPIONAGE Against Georgian Government (Georbot Botnet)](http://dea.gov.ge/uploads/CERT%20DOCS/Cyber%20Espionage.pdf) | [:closed_book:](../../blob/master/2012/2012.10.31.CYBER_ESPIONAGE_Georbot_Botnet)