Live
jordiserrano.meClickFixKAIROSIntelTracker 🌐 Traducir PanelActoresCampanasCompararEstadisticasBreachesRSSAPI
10,488Incidentes
653Actores
169Paises
25 JunActualizado
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
2026-05-27: 5 2026-05-28: 22 2026-05-29: 118 2026-05-30: 16 2026-05-31: 7 2026-06-01: 39 2026-06-02: 20 2026-06-03: 34 2026-06-04: 38 2026-06-05: 200 2026-06-06: 27 2026-06-07: 4 2026-06-08: 76 2026-06-09: 67 2026-06-10: 196 2026-06-11: 99 2026-06-12: 85 2026-06-13: 16 2026-06-14: 27 2026-06-15: 129 2026-06-16: 50 2026-06-17: 36 2026-06-18: 494 2026-06-19: 190 2026-06-20: 518 2026-06-21: 30 2026-06-22: 54 2026-06-23: 38 2026-06-24: 49 2026-06-25: 363
7d: 1,736 posts
641 grupos activos
+592 nuevos
Top: china (6.3%)
china ▲ 109 100% other-actors ▲ 74 100% bushidouk ▲ 55 100% malware---tools ▲ 54 100% unknown---unmapped-actors ▲ 44 100%

Actores mas activos

qilin707thegentlemen461akira324dragonforce264lockbit5260

Paises con mas actividad

United States1792United Kingdom258Germany252China212Canada171

IOCs con relaciones

hash301ip22ip-135-125-160.eu9hash3hash3
15 de 16 incidentesExportar CSV
Spiral
china Reference China
Que es Spiral es un actor APT (Advanced Persistent Threat) asociado al grupo regional de China, conocido por su actividad en redes cibernéticas y brechas de seguridad. Se le conoce con alias como CVE-…
China2 minVer analisis →
Persistency: tipically launching ransomware after operation to destroy evidences,Threat Recon.nshc.net alias=SectorA01,http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf,http://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/,https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf,https://www.alienvault.com/open-threat-exchange/blog/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks,https://www.us-cert.gov/ncas/alerts/TA17-164A,http://www.fsec.or.kr/common/proc/fsec/bbs/21/fileDownLoad/1235.do,https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/,https://www.crowdstrike.com/blog/unprecedented-announcement-fbi-implicates-north-korea-destructive-attacks/,https://www.us-cert.gov/ncas/alerts/TA17-318A,https://www.us-cert.gov/ncas/alerts/TA17-318B,https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf,https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/,https://www.darkreading.com/vulnerabilities---threats/lazarus-group-fancy-bear-most-active-threat-groups-in-2017/d/d-id/1330954?print=yes,https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity, https://securelist.com/operation-applejeus/87553/,https://blogs.microsoft.com/on-the-issues/2017/12/19/microsoft-facebook-disrupt-zinc-malware-attack-protect-customers-internet-ongoing-cyberthreats/,https://www.secureworks.com/about/press/media-alert-secureworks-discovers-north-korean-cyber-threat-group-lazarus-spearphishing,https://threatrecon.nshc.net/2019/01/23/sectora01-custom-proxy-utility-tool-analysis/,https://objective-see.com/blog/blog_0x49.html,https://www.sentinelone.com/blog/lazarus-apt-targets-mac-users-poisoned-word-document/,https://blog.alyac.co.kr/2827,https://www.sentinelone.com/blog/four-distinct-families-of-lazarus-malware-target-apples-macos-platform/,https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/,https://www.welivesecurity.com/2020/06/17/operation-interception-aerospace-military-companies-cyberspies/,https://www.mcafee.com/blogs/other-blogs/mcafee-labs/operation-north-star-a-job-offer-thats-too-good-to-be-true/,https://www.clearskysec.com/operation-dream-job/,https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html,https://medium.com/s2wlab/analysis-of-threatneedle-c-c-communication-feat-google-tag-warning-to-researchers-782aa51cf74,https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/,https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/,https://www.hvs-consulting.de/lazarus-report/,https://blog.chainalysis.com/reports/lazarus-group-kucoin-exchange-hack,https://securelist.com/lazarus-threatneedle/100803/,https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf,https://blog.alyac.co.kr/3814,https://www.cisa.gov/uscert/ncas/alerts/aa22-108a,https://www.sentinelone.com/blog/lazarus-operation-interception-targets-macos-users-dreaming-of-jobs-in-crypto/,https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/,https://securelist.com/dtrack-targeting-europe-latin-america/107798/,https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/,https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/,https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf,https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/,https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/,https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
north-korea Reference North Korea Gov T1566
Que es Threat Recon.nshc.net alias=SectorA01 es un actor APT del grupo regional de North Korea asociado a operaciones de ransomware. Este grupo ha sido documentado en múltiples fuentes de inteligencia…
North Korea2 minVer analisis →
,Cutting Kitten,,G0003,Cleaver,,,TinyZBot
iran Reference Iran
Que es Cutting Kitten es un actor APT (Advanced Persistent Threat) vinculado al grupo regional de Irán, conocido por su actividad de espionaje y sabotaje en sectores críticos. Este grupo, con alias co…
Iran2 minVer analisis →
Gold lowell
iran Reference Iran 🖥️ Software
Que es Gold lowell es un actor APT (Advanced Persistent Threat) asociado al grupo regional de Iran. Este grupo ha sido identificado con alias como Boss Spider, SamSam, y Criminal, lo que sugiere una a…
Iran2 minVer analisis →
LYCEUM
unknown---unmapped-actors Reference Unknown T1566
Que es LYCEUM es un actor APT (Advanced Persistent Threat) asociado al grupo regional "Unknown / Unmapped Actors". Este grupo ha sido identificado con múltiples alias, incluyendo HEXANE, Siamesekitten…
Unknown2 minVer analisis →
HTran
malware---tools Reference United States
Que es HTran HTran es un actor APT (Advanced Persistent Threat) relacionado con el grupo regional de malware y herramientas. Se conoce también como CTran, ONHAT, Xdoor o Chinese Tunneling Tool. Este t…
United States2 minVer analisis →
Comfoo
malware---tools Reference Unknown
Que es Comfoo es un actor APT (Advanced Persistent Threat) asociado al grupo regional de malware y herramientas. Se conoce como una organización maliciosa relacionada con incidentes cibernéticos notab…
Unknown2 minVer analisis →
DNSChanger
malware---tools Reference Unknown
Que es DNSChanger DNSChanger es un tipo de herramienta maliciosa utilizada por grupos de actores APT (Advanced Persistent Threat) para comprometer sistemas informáticos. Este malware se caracteriza po…
Unknown2 minVer analisis →
URL (with explanations)
naming-taxonomies Reference United States
Que es Naming Taxonomies es un grupo de actores APT (Advanced Persistent Threat) regional que ha sido identificado mediante análisis de datos de seguridad. Este grupo se conoce por sus alias en la red…
United States2 minVer analisis →
APTTrail: AUDITUNNEL indicators and references
auditunnel Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a AUDITUNNEL. Aliases observados: AUDITUNNEL, IHS Back-Connect backdoor. Conteo por tipo: ipv4: 7, url: 5.Indicadores de Compromiso (IO…
Unknown1 minVer analisis →
APTTrail: APT IRONTIGER indicators and references
apt-irontiger Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT IRONTIGER. Aliases observados: APT IRONTIGER. Conteo por tipo: domain: 84.Indicadores de Compromiso (IOCs)TipoValorContextoDomain…
Unknown1 minVer analisis →
APTTrail: apt-31 indicators and references
apt-31 Ioc Unknown 🏛️ Government
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a apt-31. Aliases observados: apt-31, bronze vinewood, zirconium. Conteo por tipo: domain: 24, ipv4: 1.Indicadores de Compromiso (IOCs)…
Unknown1 minVer analisis →
BushidoUK RVM Profile: ProphetSpider
prophetspider Threat-actor United Kingdom
Group Profile: ProphetSpiderPerfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.Prophet Spider's Exploited Vu…
United Kingdom2 minVer analisis →
BushidoUK ToolMatrix GroupProfiles: INC_Ransom
bushidouk Report United States 🛡️ Defense
GroupProfiles: INC_Ransom.mdRecurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.INC Ransom's Tools | Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS …
United States1 minVer analisis →
BushidoUK ToolMatrix GroupProfiles: ProphetSpider
bushidouk Report United States 🛡️ Defense
GroupProfiles: ProphetSpider.mdRecurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.Prophet Spider's Tools | Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | …
United States1 minVer analisis →