From 14a3b648bc9faa0d6a9108a9059ead4d9daa82c1 Mon Sep 17 00:00:00 2001
From: BushidoToken <59974887+BushidoUK@users.noreply.github.com>
Date: Mon, 11 Jul 2022 12:24:15 +0100
Subject: [PATCH] Update July.md

---
 Threat Reports/July.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Threat Reports/July.md b/Threat Reports/July.md
index 695e61e..e17af57 100644
--- a/Threat Reports/July.md	
+++ b/Threat Reports/July.md	
@@ -1,4 +1,5 @@
 #### `July Threat Reports`
 | Date | Source | Threat(s) | URL |
 | --- | --- | --- | --- |
+| 7 July | IBM Security X-Force | IBM has uncovered evidence indicating that the Russia-based cybercriminal “Trickbot group” has launched attacks on Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine (as RU eCrime usually avoids CIS countries) | [securityintelligence.com](https://securityintelligence.com/posts/trickbot-group-systematically-attacking-ukraine/) |
 | 8 July | Google TAG | The Turla APT group created a fake Android app (APK) designed to look like a DDoS hacktivist tool developed by the Ukrainian Azov Regiment. The APKs we have seen were hosted on a Turla controlled domain with links disseminated through 3rd party messaging services. They were not hosted on the Play Store. | [twitter.com/billyleonard](https://twitter.com/billyleonard/status/1545461166377508865) |