2022.12.02.Cobalt_Strike_Out_of_the_Water

README.md

@@ -28,7 +28,8 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
 :small_blue_diamond: [vx-underground](https://vx-underground.org/apts.html) <br>
 
 ## 2022
-* Oct 4 - [[Trend Micro] The Rise of Earth Aughisky](https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/connecting-taidoors-dots-earth-aughisky-over-the-last-10-years) | [:closed_book:](../../blob/master/2022/2022.10.04.Rise_Earth_Aughisky)
+* Dec 02 - [[Palo Alto Networks] Blowing Cobalt Strike Out of the Water With Memory Analysis](https://unit42.paloaltonetworks.com/cobalt-strike-memory-analysis/) | [:closed_book:](../../blob/master/2022/2022.12.02.Cobalt_Strike_Out_of_the_Water)
+* Oct 04 - [[Trend Micro] The Rise of Earth Aughisky](https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/connecting-taidoors-dots-earth-aughisky-over-the-last-10-years) | [:closed_book:](../../blob/master/2022/2022.10.04.Rise_Earth_Aughisky)
 * Sep 28 - [[Recorded Future] The Chinese Communist Party’s Strategy for Targeted Propaganda](https://go.recordedfuture.com/hubfs/reports/ta-2022-0928.pdf) | [:closed_book:](../../blob/master/2022/2022.09.28.Chinese_Communist_Party)
 * Aug 12 - [[SEKOIA.IO] LuckyMouse uses a backdoored Electron app to target MacOS](https://blog.sekoia.io/luckymouse-uses-a-backdoored-electron-app-to-target-macos/) | [:closed_book:](../../blob/master/2022/2022.08.12.LuckyMouse)
 * Aug 12 - [[Trend Micro] Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users](https://www.trendmicro.com/en_us/research/22/h/irontiger-compromises-chat-app-Mimi-targets-windows-mac-linux-users.html) | [:closed_book:](../../blob/master/2022/2022.08.12.Iron_Tiger_Mimi)