Summary: 2025/04/17 10:04
Inquiry period : 2025/04/16 10:04 ~ 2025/04/17 10:04 (1 days), 381 search results
지난 7일 기간대비 상승한 Top5 연관 키워드는 Malware MWNEWS Report United States Update 입니다.
기타 sherrodim MITRE Funding MUSTANG PANDA 신규 키워드도 확인됩니다.
* 최근 뉴스기사 Top3:
ㆍ 2025/04/17 Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure
ㆍ 2025/04/17 Enterprise mobile apps riddled with sloppy data security
ㆍ 2025/04/17 LabHost: A defunct but potent phishing service
Trend graph by period
Total number of trend targets
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | Malware | 86 | ▲ 36 (42%) |
| 2 | MWNEWS | 39 | ▲ 26 (67%) |
| 3 | Report | 39 | ▲ 12 (31%) |
| 4 | United States | 38 | ▲ 11 (29%) |
| 5 | Update | 36 | ▲ 6 (17%) |
| 6 | Vulnerability | 33 | ▲ 17 (52%) |
| 7 | target | 31 | ▲ 6 (19%) |
| 8 | Ransomware | 30 | ▲ 8 (27%) |
| 9 | attack | 29 | ▲ 4 (14%) |
| 10 | Campaign | 27 | ▲ 14 (52%) |
| 11 | Microsoft | 24 | ▲ 5 (21%) |
| 12 | Victim | 24 | ▲ 10 (42%) |
| 13 | China | 24 | ▲ 13 (54%) |
| 14 | Software | 23 | ▲ 7 (30%) |
| 15 | intelligence | 22 | ▲ 12 (55%) |
| 16 | Alert | 21 | ▲ 5 (24%) |
| 17 | 21 | ▲ 11 (52%) | |
| 18 | Advertising | 20 | ▲ 12 (60%) |
| 19 | Phishing | 20 | ▲ 9 (45%) |
| 20 | Government | 19 | ▲ 13 (68%) |
| 21 | RCE | 17 | ▲ 5 (29%) |
| 22 | Windows | 17 | ▲ 2 (12%) |
| 23 | Operation | 17 | ▲ 6 (35%) |
| 24 | Exploit | 17 | ▼ -2 (-12%) |
| 25 | South Korea | 16 | ▲ 10 (63%) |
| 26 | Education | 16 | ▲ 4 (25%) |
| 27 | CISA | 15 | ▲ 11 (73%) |
| 28 | CVE | 15 | ▲ 11 (73%) |
| 29 | Threat | 14 | ▲ 5 (36%) |
| 30 | Europe | 14 | ▲ 11 (79%) |
| 31 | Kaspersky | 13 | ▲ 5 (38%) |
| 32 | AI | 12 | ▼ -1 (-8%) |
| 33 | c&c | 11 | ▲ 6 (55%) |
| 34 | Browser | 11 | ▲ 8 (73%) |
| 35 | 10 | ▲ 1 (10%) | |
| 36 | ChatGPT | 10 | ▲ 6 (60%) |
| 37 | Russia | 10 | ▲ 5 (50%) |
| 38 | Android | 9 | ▲ 4 (44%) |
| 39 | program | 8 | ▲ 8 (100%) |
| 40 | Criminal | 8 | ▲ 1 (13%) |
| 41 | Mehrere | 8 | ▲ 4 (50%) |
| 42 | NetWireRC | 8 | ▲ 3 (38%) |
| 43 | 8 | ▲ 4 (50%) | |
| 44 | Trojan | 8 | ▲ 6 (75%) |
| 45 | Schwachstellen | 8 | ▲ 2 (25%) |
| 46 | CRITICAL | 7 | ▲ 5 (71%) |
| 47 | Zusammenfassung | 7 | ▲ 2 (29%) |
| 48 | Sicherheitsnews | 7 | ▲ 2 (29%) |
| 49 | sherrodim | 7 | ▲ new |
| 50 | Backdoor | 7 | ▲ 5 (71%) |
| 51 | Apple | 7 | ▲ 4 (57%) |
| 52 | taegliche | 7 | ▲ 3 (43%) |
| 53 | MITRE | 7 | ▲ new |
| 54 | Chrome | 7 | ▲ 5 (71%) |
| 55 | hijack | 6 | ▲ 4 (67%) |
| 56 | hacking | 6 | ▼ -5 (-83%) |
| 57 | Distribution | 6 | ▲ 3 (50%) |
| 58 | Telegram | 6 | ▲ 3 (50%) |
| 59 | North Korea | 6 | ▲ 1 (17%) |
| 60 | DarkWeb | 6 | ▲ 2 (33%) |
| 61 | US | 6 | - 0 (0%) |
| 62 | United Kingdom | 6 | ▲ 3 (50%) |
| 63 | ZeroDay | 6 | ▲ 1 (17%) |
| 64 | Stealer | 6 | ▲ 2 (33%) |
| 65 | Funding | 6 | ▲ new |
| 66 | httpstco | 6 | ▲ 2 (33%) |
| 67 | Cryptocurrency | 6 | ▲ 3 (50%) |
| 68 | amp | 6 | ▲ 3 (50%) |
| 69 | Cobalt Strike | 6 | ▲ 6 (100%) |
| 70 | Register | 5 | ▲ 2 (40%) |
| 71 | Linux | 5 | ▲ 1 (20%) |
| 72 | njRAT | 5 | ▲ 4 (80%) |
| 73 | conference | 5 | ▲ 3 (60%) |
| 74 | Supply chain | 5 | ▲ 2 (40%) |
| 75 | Oracle | 5 | ▲ 3 (60%) |
| 76 | Dark | 5 | - 0 (0%) |
| 77 | advisory | 5 | ▲ 2 (40%) |
| 78 | Chief | 5 | ▲ 5 (100%) |
| 79 | last | 5 | - 0 (0%) |
| 80 | account | 5 | ▲ 4 (80%) |
| 81 | GitHub | 5 | ▲ 3 (60%) |
| 82 | C2 | 5 | ▲ 3 (60%) |
| 83 | Team | 5 | ▲ 2 (40%) |
| 84 | von | 5 | - 0 (0%) |
| 85 | IoC | 5 | ▲ 1 (20%) |
| 86 | DDoS | 5 | ▼ -3 (-60%) |
| 87 | UK | 4 | ▲ 3 (75%) |
| 88 | RAT | 4 | ▲ 2 (50%) |
| 89 | India | 4 | - 0 (0%) |
| 90 | data | 4 | ▼ -1 (-25%) |
| 91 | Apps | 4 | ▲ 4 (100%) |
| 92 | scam | 4 | ▲ 4 (100%) |
| 93 | Schwachstelle | 4 | - 0 (0%) |
| 94 | Chinese | 4 | ▲ 3 (75%) |
| 95 | EDR | 4 | ▲ 3 (75%) |
| 96 | RATel | 4 | ▲ 3 (75%) |
| 97 | Password | 4 | ▲ 1 (25%) |
| 98 | MUSTANG PANDA | 4 | ▲ new |
| 99 | Code | 4 | - 0 (0%) |
| 100 | arrest | 4 | ▲ 2 (50%) |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Ransomware |
|
30 (33%) |
| NetWireRC |
|
8 (8.8%) |
| Trojan |
|
8 (8.8%) |
| njRAT |
|
5 (5.5%) |
| RAT |
|
4 (4.4%) |
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|---|---|
| Kimsuky |
|
2 (11.1%) |
| Lazarus |
|
2 (11.1%) |
| Anonymous |
|
2 (11.1%) |
| APT29 |
|
2 (11.1%) |
| TraderTraitor |
|
1 (5.6%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| United States |
|
38 (11.8%) |
| Microsoft |
|
24 (7.4%) |
| China |
|
24 (7.4%) |
|
|
21 (6.5%) | |
| Government |
|
19 (5.9%) |
Malware Type
Top 5
Detailed trend analysis by malware type.
Threat info
Last 5SNS
(Total : 163)Ransomware Microsoft Victim Malware target Campaign Update United States attack Report Vulnerability Windows Phishing Kaspersky DarkWeb CISA CVE WhatsApp Advertising China Government Google Exploit Europe Russia Education Recorded Future Distribution Backdoor India Operation LockBit hacking c&c NetWireRC C2 Email APT intelligence njRAT Cloudflare Zscaler Proofpoint Android conference Telegram Lazarus Browser Attacker Trojan ...Cobalt Strike MUSTANG PANDA US GitHub dprk Software ChatGPT APT29 Check Point GraphicalNeutrino North Korea DDoS Singapore Open Directory Spear Phishing Akira keylogger Ucraina Tor EDR plugin CrowdStrike TONESHELL Taiwan Oracle SSRF Germany opendir ZeroDay iPhone targeted Apple MacOS AnyDesk schtasks Password Rapid7 ClickFix DDNS Malvertising Vawtrak catch RCE RAT Italy Zero Trust Israel CVEs Supply chain sectora01 Virus 보고서 AhnLab SECUI Konni Kimsuky Chinese Canada Stealer Linux Hijacking Red Team payment hijack Criminal
News
(Total : 216)Malware Report United States Update Vulnerability Software target attack intelligence China Google Campaign RCE South Korea Government Advertising Attacker Operation Phishing Education Exploit Windows Victim Europe Microsoft CVE CISA Browser Ransomware c&c Kaspersky ChatGPT Criminal Russia Android Chrome Email Cryptocurrency Apple United Kingdom Trojan Stealer IoC hijack ZeroDay NetWireRC Linux UK North Korea Oracle US RATel Backdoor Cobalt Strike arrest Telegram Supply chain Firefox GitHub LinkedIn YouTube hacking DDoS TikTok conference EDR WhatsApp GameoverP2P RAT OpenAI ...Distribution Chinese Ucraina Password Takedown Australia Taiwan Anonymous payment Social Engineering C2 MFA Germany Deloitte Vawtrak 한국 Java The Shadow Brokers Canada Dropper Ads XSS keylogger TONESHELL Egypt Smishing schtasks Zscaler MUSTANG PANDA njRAT 세미나 Japan Police KISA powershell SectopRAT Attacks Remcos Grandoreiro Banking ThreatMon FBI Xloader TraderTraitor Clipbanker ClickFix WinRAR UNC5221 Cisco SentinelOne Kubernetes Hijacking 러시아 어나니머스 APT28 SMB Türkiye Check Point MalSpam Twitter plugin Spain CVSS WordPress DPRK Equation Group Cobalt Hacking Team Volt Typhoon MgBot Sliver ZXShell NIST Tick Safari PlugX Router Kimsuky 북한 Okta UNIX CyberArk S2W 보고서 IBM 일본 QRadar Security Suite dailysecu Monitorapp 컨퍼런스 KSign SANDS Lab German 중국 체포 VBScript Malicious Traffic WMI DarkWeb NSHC Italy AhnLab KISIA Africa Zero Trust Accenture Gmail Cyber Kill Chain AsyncRAT MuddyWater Iran Lumma XWorm India Data Center Watchdog Facebook NSA Black Basta CrowdStrike Palo Alto Networks MDR Workshop QakBot Recorded Future DYEPACK Trend Micro Hong Kong
| 1 | 한국장학진흥원, 방역관리사 1급 자격증 무료 수강 이벤트 상시 진행 - 데일리시큐 | 2025.04.17 |
| 2 | 어나니머스, 러시아 해킹.. 국가 DB '전체 분량' 털렸다 - 시큐리티팩트 | 2025.04.17 |
| 3 | Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure - Malware.News | 2025.04.17 |
| 4 | Ex-Cyber Chief Targeted by Trump Vows to Fight Administration - Bloomberg Technology | 2025.04.17 |
| 5 | Enterprise mobile apps riddled with sloppy data security - Malware.News | 2025.04.17 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Hi, robot: Half of all internet traffic now automated - Malware.News | 2025.04.17 |
| 2 | Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology | 2025.04.17 |
| 3 | Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News | 2025.04.17 |
| 4 | DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology | 2025.04.17 |
| 5 | 6,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin - Malware.News | 2025.04.17 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure - Malware.News | 2025.04.17 |
| 2 | Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure - Malware.News | 2025.04.17 |
| 3 | Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure - Malware.News | 2025.04.17 |
| 4 | IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 - IT Sicherheitsnews | 2025.04.17 |
| 5 | Perplexity in Talks to Integrate Assistant Into Samsung, Motorola Phones - Bloomberg Technolo... | 2025.04.17 |
| View only the last 5 | ||
| Level | Description |
|---|---|
| danger | Executed a process and injected code into it |
| warning | File has been identified by 28 AntiVirus engines on VirusTotal as malicious |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Code injection by writing an executable or DLL to the memory of another process |
| watch | Communicates with host for which no DNS query was performed |
| watch | Deletes executed files from disk |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Potential code injection by writing to the memory of another process |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Uses Windows APIs to generate a cryptographic key |
| Network | ET DROP Spamhaus DROP Listed Traffic Inbound group 13 |
| Network | ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response |
| Network | ET INFO Executable Download from dotted-quad Host |
| Network | ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download |
| Network | ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile |
| Network | ET POLICY PE EXE or DLL Windows file download HTTP |
| No | Category | URL | CC | ASN Co | Date |
|---|---|---|---|---|---|
| 1 | malicious | https://u1.bufferfacelift.shop/ | US  | CLOUDFLARENET | 2025.04.17 |
| 2 | malicious | https://u1.establishhertz.shop/ | US | CLOUDFLARENET | 2025.04.17 |
| 3 | c2 | http://adminus4.ddns.net:8090/Vre | 2025.04.16 | ||
| 4 | c2 | http://103.149.98.247/vs/tt/d.php | 2025.04.16 | ||
| 5 | malicious | https://www.xoebty.com/cloudflare.msi | US | 2025.04.16 | |
| View only the last 5 | |||||
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | http://117.254.176.17:39356/i 32-bit elf mips Mozi | IN  | National Internet Backbone | geenensp | 2025.04.17 |
| 2 | http://221.214.154.94:50612/i 32-bit elf mips Mozi | CN  | CHINA UNICOM China169 Backbone | geenensp | 2025.04.17 |
| 3 | http://42.224.170.22:38295/bin.sh 32-bit elf mips Mozi | CN | CHINA UNICOM China169 Backbone | geenensp | 2025.04.17 |
| 4 | http://120.84.212.239:46091/i 32-bit elf mips Mozi | CN | ... | geenensp | 2025.04.17 |
| 5 | http://59.88.6.99:51333/bin.sh 32-bit elf mips Mozi | IN | National Internet Backbone | geenensp | 2025.04.17 |
| View only the last 5 | |||||