diff --git a/2017/2017.07.27.chessmaster-cyber-espionage-campaign/chessmaster-cyber-espionage-campaign.pdf b/2017/2017.07.27.chessmaster-cyber-espionage-campaign/chessmaster-cyber-espionage-campaign.pdf
new file mode 100644
index 0000000..5fcaf3e
Binary files /dev/null and b/2017/2017.07.27.chessmaster-cyber-espionage-campaign/chessmaster-cyber-espionage-campaign.pdf differ
diff --git a/README.md b/README.md
index 126d4c7..861a886 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
 * [targetedthreats](https://github.com/botherder/targetedthreats/wiki/Reports)
 
 ## 
+* Jul 27 - [ChessMaster Makes its Move: A Look into the Campaign’s Cyberespionage Arsenal](http://blog.trendmicro.com/trendlabs-security-intelligence/chessmaster-cyber-espionage-campaign/) | [Local](../../blob/master/2017/2017.07.27.chessmaster-cyber-espionage-campaign) 
 * Jul 27 - [OilRig Uses ISMDoor Variant; Possibly Linked to Greenbug Threat Group](https://researchcenter.paloaltonetworks.com/2017/07/unit42-oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group/) | [Local](../../blob/master/2017/2017.07.27.oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group) 
 * Jul 27 - [Operation Wilted Tulip](http://www.clearskysec.com/wp-content/uploads/2017/07/Operation_Wilted_Tulip.pdf) | [Local](../../blob/master/2017/2017.07.27.Operation_Wilted_Tulip) 
 * Jul 24 - [“Tick” Group Continues Attacks](https://researchcenter.paloaltonetworks.com/2017/07/unit42-tick-group-continues-attacks/) | [Local](../../blob/master/2017/2017.07.24.Tick_group)