Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 12:10:26 UTC

Threat Intelligence

1,904
Active IOCs
19
Geo-Blocked Origins
3
Dark Web Findings
1
DecoyPulse Triggers

Live Threat Feed

Critical Emotet botnet infrastructure detected — 4 C2 IPs blocked 1h ago
High New phishing campaign targeting UK financial services 1h ago
High Microsoft Exchange CVE-2026-21413 — patch available 2m ago
Medium RansomHub group claiming 3 new UK victims this week 1h ago
High Dark web: 2 credential sets matching monitored domains found 1h ago
Medium Cloudflare reports DDoS spike targeting .co.uk domains 1h ago
High NCSC advisory: increased targeting of UK SMBs by APT29 44m ago
Low SSL certificate for mail.company.co.uk expires in 14 days 1h ago
Informational New IOCs added to threat feed — 847 indicators 26m ago
Medium Anomalous BGP route change affecting UK ISP backbone 1h ago

MITRE ATT&CK Heatmap

Initial Access 22
Execution 70
Persistence 51
Privilege Escalation 42
Defence Evasion 18
Credential Access 30
Discovery 70
Lateral Movement 39
Collection 12
Command and Control 76
Exfiltration 67
Impact 49

Top Attack Origins

CountryEvents
CN China 443
FR France 347
DE Germany 309
IR Iran 292
NG Nigeria 287
BR Brazil 261
RO Romania 234
RU Russia 185
US United States 181
NL Netherlands 177

Indicators of Compromise (IOCs)

Type Value Source Status First Seen Last Seen Hits
URL https://84.190.68.227/payload.exe MISP Community Active 2026-03-24 2026-04-10 9
Domain hack-420.cn NCSC Feed Under Review 2026-03-27 2026-04-12 14
Hash (SHA256) 8278a23a972a6f85d82bb0594ba22977 AbuseIPDB Active 2026-04-11 2026-04-09 12
Hash (SHA256) 9af1c348b0534e60352db892af6400f0 MISP Community Expired 2026-03-15 2026-04-10 43
Email info@threat-553.com AlienVault OTX Expired 2026-03-30 2026-04-10 12
URL https://49.199.247.123/payload.exe Cyber-Defence Intel Active 2026-03-20 2026-04-09 15
URL https://19.175.77.145/payload.exe VirusTotal Active 2026-03-21 2026-04-11 6
IPv4 194.2.62.65 AbuseIPDB Under Review 2026-04-07 2026-04-12 33
URL https://50.171.1.197/payload.exe MISP Community Active 2026-04-06 2026-04-11 21
IPv4 103.90.216.19 AbuseIPDB Active 2026-03-19 2026-04-10 15
IPv4 103.49.216.247 AbuseIPDB Active 2026-03-31 2026-04-11 11
Domain exfil-452.ru MISP Community Active 2026-03-27 2026-04-12 12
Email support@threat-279.com NCSC Feed Active 2026-03-31 2026-04-10 16
IPv4 194.103.62.167 VirusTotal Active 2026-04-06 2026-04-12 28
Domain evil-605.top Cyber-Defence Intel Under Review 2026-03-20 2026-04-11 7
Email support@threat-904.com AbuseIPDB Active 2026-03-21 2026-04-10 36
IPv4 45.152.148.239 Cyber-Defence Intel Under Review 2026-04-05 2026-04-10 35
Email support@threat-872.com VirusTotal Active 2026-03-30 2026-04-10 34
Email alert@threat-672.com MISP Community Active 2026-03-29 2026-04-10 34
Domain drop-964.tk Cyber-Defence Intel Expired 2026-03-25 2026-04-11 20
IPv4 194.201.62.130 VirusTotal Active 2026-03-21 2026-04-12 36
Email admin@threat-465.com Cyber-Defence Intel Active 2026-03-21 2026-04-12 42
URL https://30.118.18.175/payload.exe MISP Community Under Review 2026-03-23 2026-04-09 6
Email alert@threat-342.com NCSC Feed Active 2026-03-24 2026-04-09 23
Domain drop-215.ru Cyber-Defence Intel Active 2026-04-10 2026-04-09 3
Domain drop-207.tk VirusTotal Active 2026-03-29 2026-04-09 19
Hash (SHA256) 86d168a38fa5446e9c205f6fe070c59f VirusTotal Active 2026-03-28 2026-04-10 42
IPv4 103.163.216.23 Cyber-Defence Intel Active 2026-03-27 2026-04-10 4
Email security@threat-219.com MISP Community Active 2026-04-03 2026-04-10 24
URL https://79.124.13.180/payload.exe Cyber-Defence Intel Active 2026-04-03 2026-04-11 34