Live
jordiserrano.meClickFixKAIROSIntelTracker 🌐 Traducir PanelActoresCampanasCompararEstadisticasBreachesRSSAPI
10,488Incidentes
653Actores
169Paises
25 JunActualizado
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
2026-05-27: 5 2026-05-28: 22 2026-05-29: 118 2026-05-30: 16 2026-05-31: 7 2026-06-01: 39 2026-06-02: 20 2026-06-03: 34 2026-06-04: 38 2026-06-05: 200 2026-06-06: 27 2026-06-07: 4 2026-06-08: 76 2026-06-09: 67 2026-06-10: 196 2026-06-11: 99 2026-06-12: 85 2026-06-13: 16 2026-06-14: 27 2026-06-15: 129 2026-06-16: 50 2026-06-17: 36 2026-06-18: 494 2026-06-19: 190 2026-06-20: 518 2026-06-21: 30 2026-06-22: 54 2026-06-23: 38 2026-06-24: 49 2026-06-25: 362
7d: 1,735 posts
641 grupos activos
+592 nuevos
Top: china (6.3%)
china ▲ 109 100% other-actors ▲ 74 100% bushidouk ▲ 55 100% malware---tools ▲ 54 100% unknown---unmapped-actors ▲ 44 100%

Actores mas activos

qilin707thegentlemen461akira324dragonforce264lockbit5260

Paises con mas actividad

United States1792United Kingdom258Germany252China212Canada171

IOCs con relaciones

hash300ip22ip-135-125-160.eu9hash3hash3
15 de 19 incidentesExportar CSV
Persistency: tipically launching ransomware after operation to destroy evidences,Threat Recon.nshc.net alias=SectorA01,http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf,http://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/,https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf,https://www.alienvault.com/open-threat-exchange/blog/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks,https://www.us-cert.gov/ncas/alerts/TA17-164A,http://www.fsec.or.kr/common/proc/fsec/bbs/21/fileDownLoad/1235.do,https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/,https://www.crowdstrike.com/blog/unprecedented-announcement-fbi-implicates-north-korea-destructive-attacks/,https://www.us-cert.gov/ncas/alerts/TA17-318A,https://www.us-cert.gov/ncas/alerts/TA17-318B,https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf,https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/,https://www.darkreading.com/vulnerabilities---threats/lazarus-group-fancy-bear-most-active-threat-groups-in-2017/d/d-id/1330954?print=yes,https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity, https://securelist.com/operation-applejeus/87553/,https://blogs.microsoft.com/on-the-issues/2017/12/19/microsoft-facebook-disrupt-zinc-malware-attack-protect-customers-internet-ongoing-cyberthreats/,https://www.secureworks.com/about/press/media-alert-secureworks-discovers-north-korean-cyber-threat-group-lazarus-spearphishing,https://threatrecon.nshc.net/2019/01/23/sectora01-custom-proxy-utility-tool-analysis/,https://objective-see.com/blog/blog_0x49.html,https://www.sentinelone.com/blog/lazarus-apt-targets-mac-users-poisoned-word-document/,https://blog.alyac.co.kr/2827,https://www.sentinelone.com/blog/four-distinct-families-of-lazarus-malware-target-apples-macos-platform/,https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/,https://www.welivesecurity.com/2020/06/17/operation-interception-aerospace-military-companies-cyberspies/,https://www.mcafee.com/blogs/other-blogs/mcafee-labs/operation-north-star-a-job-offer-thats-too-good-to-be-true/,https://www.clearskysec.com/operation-dream-job/,https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html,https://medium.com/s2wlab/analysis-of-threatneedle-c-c-communication-feat-google-tag-warning-to-researchers-782aa51cf74,https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/,https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/,https://www.hvs-consulting.de/lazarus-report/,https://blog.chainalysis.com/reports/lazarus-group-kucoin-exchange-hack,https://securelist.com/lazarus-threatneedle/100803/,https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf,https://blog.alyac.co.kr/3814,https://www.cisa.gov/uscert/ncas/alerts/aa22-108a,https://www.sentinelone.com/blog/lazarus-operation-interception-targets-macos-users-dreaming-of-jobs-in-crypto/,https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/,https://securelist.com/dtrack-targeting-europe-latin-america/107798/,https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/,https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/,https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf,https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/,https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/,https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
north-korea Reference North Korea Gov T1566
Que es Threat Recon.nshc.net alias=SectorA01 es un actor APT del grupo regional de North Korea asociado a operaciones de ransomware. Este grupo ha sido documentado en múltiples fuentes de inteligencia…
North Korea2 minVer analisis →
Nemesis Kitten
iran Reference Iran 🏛️ Government
Que es Nemesis Kitten es un actor APT (Advanced Persistent Threat) asociado al grupo regional de Irán, con alias como Charming Kitten, DireFate, FRP, Plink, Bitlocker, Shredder (wiper), y otros. Este …
Iran2 minVer analisis →
HomeLand Justice
iran Reference Iran Gov
Que es HomeLand Justice es un actor APT (Advanced Persistent Threat) asociado al grupo regional de Iran. Este grupo ha sido identificado como una amenaza cibernética con actividades de tipo Estado, co…
Iran2 minVer analisis →
Magic Kitten appears to be among the oldest and most elaborate threat actors originating in Iran. It is also distinct from other groups because of its apparent relationship with the Iranian Ministry of Intelligence rather than the IRGC. However
iran Reference Iran Gov
Que es Magic Kitten es un actor APT (Advanced Persistent Threat) asociado al grupo regional de Iran, con una historia que se remonta a 2007. Este ciberamenazas ha sido identificado como uno de los más…
Iran2 minVer analisis →
APTTrail: apt19 indicators and references
apt19 Ioc United States 💻 Tech
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a apt19. Aliases observados: apt19, c0d0so0, codoso, codoso team, deep panda, sunshop group. Conteo por tipo: domain: 57, file_path: 1,…
United States1 minVer analisis →
APTTrail: Karakurt Lair indicators and references
karakurt-lair Ioc Unknown 💻 Tech
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a Karakurt Lair. Aliases observados: Karakurt Lair, Karakurt Team. Conteo por tipo: domain: 11, ipv4: 4.Indicadores de Compromiso (IOCs…
Unknown1 minVer analisis →
BushidoUK RVM Profile: Akira
akira Threat-actor United Kingdom
Group Profile: AkiraPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.Akira's Exploited Vulnerabilities > […
United Kingdom2 minVer analisis →
BushidoUK RVM Profile: BlackBasta
blackbasta Threat-actor United Kingdom
Group Profile: BlackBastaPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.BlackBasta's Exploited Vulnerabi…
United Kingdom1 minVer analisis →
BushidoUK RVM Profile: Clop
clop Threat-actor United Kingdom 🖥️ Software
Group Profile: ClopPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.Clop's Exploited Vulnerabilities > [!N…
United Kingdom2 minVer analisis →
BushidoUK RVM Profile: LockBit
lockbit Threat-actor United Kingdom ⚖️ Law
Group Profile: LockBitPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.LockBit's Exploited Vulnerabilities…
United Kingdom2 minVer analisis →
BushidoUK RVM Profile: PioneerKitten
pioneerkitten Threat-actor United Kingdom
Group Profile: PioneerKittenPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.Pioneer Kitten's Exploited Vu…
United Kingdom2 minVer analisis →
BushidoUK RVM Profile: RansomHub
ransomhub Threat-actor United Kingdom
Group Profile: RansomHubPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.RansomHub's Exploited Vulnerabili…
United Kingdom2 minVer analisis →
BushidoUK ToolMatrix GroupProfiles: Akira
bushidouk Report United States 🛡️ Defense
GroupProfiles: Akira.mdRecurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.Akira's Tools | Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltra…
United States1 minVer analisis →
BushidoUK ToolMatrix GroupProfiles: BianLian
bushidouk Report United States 🛡️ Defense
GroupProfiles: BianLian.mdRecurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.BianLian's Tools | Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Ex…
United States1 minVer analisis →
BushidoUK ToolMatrix GroupProfiles: BlackBasta
bushidouk Report United States 🛡️ Defense
GroupProfiles: BlackBasta.mdRecurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.Black Basta's Tools | Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS…
United States1 minVer analisis →