Update README.md

2023-11-21 22:43:18 +00:00 · 2023-11-21 22:43:18 +00:00 · 402662d0e6
--- a/README.md
+++ b/README.md
@ -26,6 +26,7 @@ A collection of essential resources related to cyber threat intelligence theory.
 | [Joe Slowik](https://twitter.com/jfslowik) | Analyzing Network Infrastructure as Composite Objects: While network infrastructure indicators and observables are typically viewed as atomic objects, seeing these items as composites enables powerful analysis able to keep pace with adversary evolution | [domaintools.com](https://www.domaintools.com/resources/blog/analyzing-network-infrastructure-as-composite-objects/) |
 | US Government | Analytic Tradecraft Primer on Structured Analytic Techniques | [stat.berkeley.edu](https://www.stat.berkeley.edu/~aldous/157/Papers/Tradecraft%20Primer-apr09.pdf) |
 | [Juan Andrés Guerrero-Saade](https://twitter.com/juanandres_gs) | The ethics and perils of APT research: An unpected transition into intelligence brokerage. In the face of investigations with geopolitical weight and consequences, whose final attributions entail unmasking nation-state operations, even the most capable security researcher among us will need drastic preparations, not only to excel but to survive. | [Guerrero-Saade-VB2015.pdf](https://media.kaspersky.com/pdf/Guerrero-Saade-VB2015.pdf) |
+| [Juan Andrés Guerrero-Saade](https://twitter.com/juanandres_gs) | Expanding our descriptive palette for cyber threat actors | [VB2018-Guerrero-Saade.pdf](https://www.virusbulletin.com/uploads/pdf/magazine/2018/VB2018-Guerrero-Saade.pdf) |
 | [Matt Richard](https://medium.com/@mrichard91/about) | Common Cyber Threat Intel Biases: how to convey biases, blind spots, and systematic weaknesses in how teams evaluate and write about threat intelligence | [medium.com/@mrichard91](https://medium.com/@mrichard91/common-cyber-threat-intel-biases-9d6f410f5829) |

 ### `CTI Frameworks`