Update README.md

2022-01-22 16:55:54 +00:00 · 2022-01-22 16:55:54 +00:00 · 457673d644
--- a/README.md
+++ b/README.md
@ -13,3 +13,4 @@ A collection of papers, blogs, and resources that make up the quintessential asp
 | [Freddy M](https://no.linkedin.com/in/fmurre?trk=pulse-article_main-author-card) | The Intelligence Architecture Map is based on interviews of industry experts, former intelligence practitioners, and Freddy's personal views. It represents a logical and meaningful way of how different aspects of producing intelligence should be put together. | [intelligence-architecture-map-freddy-m](https://www.linkedin.com/pulse/intelligence-architecture-map-freddy-m/) |
 | [@Bank_Security](https://twitter.com/Bank_Security) | HUMINT activities during undercover operations are fundamental as a part of Cyber Intelligence activities. This guide shares insights how someone could engage Threat Actors during undercover operations in the cybercriminal underground | [cyber-intelligence-humint-operations](https://bank-security.medium.com/cyber-intelligence-humint-operations-2d3d526e4007) |
 | [Mandiant](https://www.mandiant.com/) | Mandiant's unprecedented report linking APT1 to China's 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's (GSD) 3rd Department (Military Cover Designator 61398). | [mandiant-apt1-report.pdf](https://www.mandiant.com/resources/apt1-exposing-one-of-chinas-cyber-espionage-units)|
+| [Katie Nickels](https://twitter.com/likethecoins)| Analysts have compiled a list of court documents issued by the Department of Justice (DOJ) specifically regarding various threat actor charges and indictments, from APT group members to ransomware operators | [Legal Documents of Interest to CTI Analysts](https://docs.google.com/spreadsheets/d/12iZfDkc-DtVNXV5ZoOiKKZuNGcsb3yQ0V3DNBQIalSo/htmlview#gid=1677585875) |