diff --git a/2018/2018.11.The_Hunt_for_3ve/3ve_google_whiteops_whitepaper_final_nov_2018.pdf b/2018/2018.11.The_Hunt_for_3ve/3ve_google_whiteops_whitepaper_final_nov_2018.pdf
new file mode 100644
index 0000000..65ff187
Binary files /dev/null and b/2018/2018.11.The_Hunt_for_3ve/3ve_google_whiteops_whitepaper_final_nov_2018.pdf differ
diff --git a/README.md b/README.md
index 9028d4e..a2c4001 100644
--- a/README.md
+++ b/README.md
@@ -18,6 +18,7 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
 * [APT Map](https://aptmap.netlify.com/)
 
 ## 2018
+* Nov ?? - [[Google] The Hunt for 3ve](https://services.google.com/fh/files/blogs/3ve_google_whiteops_whitepaper_final_nov_2018.pdf) | [Local](../../blob/master/2018/2018.11.The_Hunt_for_3ve)
 * Nov 30 - [[TrendMicro] New PowerShell-based Backdoor Found in Turkey, Strikingly Similar to MuddyWater Tools](https://blog.trendmicro.com/trendlabs-security-intelligence/new-powershell-based-backdoor-found-in-turkey-strikingly-similar-to-muddywater-tools/) | [Local](../../blob/master/2018/2018.11.30.MuddyWater_Turkey)
 * Nov 29 - [[360] Analysis Of Targeted Attack Against Pakistan By Exploiting InPage Vulnerability And Related APT Groups](https://ti.360.net/blog/articles/analysis-of-targeted-attack-against-pakistan-by-exploiting-inpage-vulnerability-and-related-apt-groups-english/) | [Local](../../blob/master/2018/2018.11.29.Attack_Pakistan_By_Exploiting_InPage)
 * Nov 28 - [[Microsoft] Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks](https://cloudblogs.microsoft.com/microsoftsecure/2018/11/28/windows-defender-atp-device-risk-score-exposes-new-cyberattack-drives-conditional-access-to-protect-networks/) | [Local](../../blob/master/2018/2018.11.28.Tropic_Trooper_microsoft)