{
    "type": "bundle",
    "id": "bundle--33892287-a008-406f-931d-dd769314037b",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--3856ce54-f40d-4787-b610-cceb7f9d4b2f",
            "created": "2024-11-13T13:00:30.707688Z",
            "modified": "2024-11-13T13:01:19.839942Z",
            "name": "Levelblue",
            "identity_class": "organization"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--e7af91a9-5f3b-4774-a003-04ae218301a7",
            "value": "142.214.202.2"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--531bc6c6-36dc-4901-897d-79ab76433a46",
            "value": "155.94.199.59"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--55bd3b95-06e5-4450-afc0-eaf3c66070b8",
            "created_by_ref": "identity--3856ce54-f40d-4787-b610-cceb7f9d4b2f",
            "created": "2026-06-24T22:43:38.603894Z",
            "modified": "2026-06-24T22:43:38.603894Z",
            "name": "How LevelBlue OTX and Cybereason XDR Detected a North Korea-Linked Remote IT Worker",
            "published": "2026-03-17T00:00:00Z",
            "object_refs": [
                "identity--3856ce54-f40d-4787-b610-cceb7f9d4b2f",
                "ipv4-addr--e7af91a9-5f3b-4774-a003-04ae218301a7",
                "ipv4-addr--531bc6c6-36dc-4901-897d-79ab76433a46"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://www.levelblue.com/blogs/spiderlabs-blog/how-levelblue-otx-and-cybereason-xdr-detected-a-north-korea-linked-remote-it-worker"
                }
            ]
        }
    ]
}