CT CYBER DEFENCE Security Operations Centre
SOC OPERATIONAL
ALL SYSTEMS NOMINAL 7 CRITICAL ACTIVE ELASTIC 8.x · LIVE THREAT LEVEL: HIGH
--:--:-- Main Site
Critical Alerts
7
↑ 2 since last hour
Threats Blocked
14,847
↑ last 24 hours
Events/sec
3,421
ingesting now
Avg MTTR
4.2m
↓ 36% vs baseline
Endpoints
312
all agents healthy
Uptime SLA
99.97%
30-day rolling
Live Alert Feed
0 events LIVE
Threat Activity — Last 24 Hours
Updating…
Critical High Medium Low
Global Threat Origins
LIVE
CRIT
HIGH
MED
LOW
0Blocked
0Active Arcs
7SOC Nodes
Analysts:
SM
Sandeep M.
RK
Rahul K.
PS
Priya S.
Queue: 0 unassigned
Tracked Threat Actors
6 TRACKED
APT
APT42 / Charming Kitten
Origin: Iran · Sector: Gov / Finance
Targeting UK/EU financial sector with spear-phishing & credential harvesting
CRITICAL
SS
Scattered Spider
Origin: EN · Sector: Retail / Tech
Social engineering & SIM-swapping targeting MSP supply chains
HIGH
LB
LockBit 3.0 / RaaS
Origin: CN/RU · Sector: All
Ransomware-as-a-Service — intermittent encryption, BYOVD EDR kill
HIGH
Critical CVEs — Active Exposure
14 CRITICAL
9.8
CVE-2025-21204
Windows CLFS Driver Privilege Escalation
Microsoft · Patch Tuesday May 2025
9.6
CVE-2025-29824
CLFS Driver RCE — Ransomware Exploited
Microsoft · Actively exploited in wild
9.1
CVE-2024-55591
Fortinet FortiOS Auth Bypass
Fortinet · VPN Gateway attack surface
9.0
CVE-2025-0282
Ivanti Connect Secure Stack Overflow
Ivanti · Pre-auth RCE, patched Jan 2025
9.8
CVE-2025-30065
Apache Parquet RCE via Schema Parse
Apache · Data pipeline attack vector
Active IOC Feed
48 IOCs
Type Indicator Confidence Source
IP185.220.101.47CriticalAlienVault
DOMupdate-windows-kb.xyzCriticalVirusTotal
HASHe3b0c44298fc1c149a…HighMalwareBazaar
IP45.142.212.100HighAbuseIPDB
URLhxxp://bit.ly/3xR7p2HighURLhaus
DOMsecure-docusign-verify.netHighOSINT
HASHa1b2c3d4e5f6789012…MediumHybrid Analysis
IP91.219.236.51MediumShodan
Refreshed: just now Sources: AlienVault · VirusTotal · Shodan · AbuseIPDB
Endpoint Agent Health
312/312
Windows Workstations
218 agents · Elastic 8.12.2
100%
Linux Servers
68 agents · Auditbeat + Fleet
97%
Cloud (AWS/Azure)
26 agents · CloudTrail + Flow
92%
Mobile Devices (MDM)
0 agents · MDM not enrolled
N/A
Platform: Elastic Agent Fleet Last sync: just now
ISO
27001
ISO 27001
94%
Coverage
CE
Plus
Cyber Essentials+
100%
Compliant
GDPR
UK GDPR
97%
Coverage
MITRE
ATT&CK
MITRE ATT&CK
87%
Technique Coverage
NIST
CSF
NIST CSF 2.0
89%
Function Maturity
© CT Cyber Defence  ·  Main Site  ·  Threat Intel  ·  Security Blog  ·  Contact SOC
Platform operational  ·  Elastic 8.x  ·  sandeep@cybertechnology.in