Summary: 2025/04/17 15:46
First reported date: 2009/08/05
Inquiry period : 2025/03/18 15:46 ~ 2025/04/17 15:46 (1 months), 116 search results
전 기간대비 28% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Browser Malware Update Chrome Google 입니다.
악성코드 유형 Black Basta 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기타 sophisticated SMB Kritische enterprise unknown 등 신규 키워드도 확인됩니다.
* 최근 뉴스기사 Top3:
ㆍ 2025/04/17 Hi, robot: Half of all internet traffic now automated
ㆍ 2025/04/17 Exploiting SMS: Threat Actors Use Social Engineering to Target Companies
ㆍ 2025/04/17 Advanced KQL Deep Dive: User State Change Tracking
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | Browser | 116 | ▲ 32 (28%) |
| 2 | Malware | 59 | ▲ 9 (15%) |
| 3 | Update | 43 | ▲ 13 (30%) |
| 4 | Chrome | 37 | ▲ 23 (62%) |
| 5 | 36 | ▲ 14 (39%) | |
| 6 | Windows | 35 | ▲ 16 (46%) |
| 7 | attack | 34 | ▲ 10 (29%) |
| 8 | target | 32 | ▲ 11 (34%) |
| 9 | Campaign | 30 | ▲ 3 (10%) |
| 10 | Report | 28 | ▼ -1 (-4%) |
| 11 | Exploit | 25 | ▲ 4 (16%) |
| 12 | Microsoft | 24 | ▲ 8 (33%) |
| 13 | Advertising | 23 | ▲ 2 (9%) |
| 14 | Phishing | 23 | ▲ 3 (13%) |
| 15 | 22 | ▲ 3 (14%) | |
| 16 | Software | 22 | ▲ 3 (14%) |
| 17 | Victim | 21 | ▲ 3 (14%) |
| 18 | Stealer | 20 | ▲ 3 (15%) |
| 19 | Vulnerability | 18 | ▲ 4 (22%) |
| 20 | Criminal | 18 | ▼ -1 (-6%) |
| 21 | United States | 15 | ▼ -5 (-33%) |
| 22 | Remote Code Execution | 14 | ▼ -5 (-36%) |
| 23 | Operation | 14 | ▲ 6 (43%) |
| 24 | Password | 14 | ▲ 7 (50%) |
| 25 | ZeroDay | 13 | ▲ 11 (85%) |
| 26 | powershell | 12 | ▲ 6 (50%) |
| 27 | Trojan | 12 | ▲ 4 (33%) |
| 28 | IoC | 12 | ▼ -2 (-17%) |
| 29 | Distribution | 12 | ▲ 6 (50%) |
| 30 | Firefox | 12 | ▼ -3 (-25%) |
| 31 | Kaspersky | 11 | - 0 (0%) |
| 32 | threat | 11 | ▲ 7 (64%) |
| 33 | c&c | 10 | ▼ -2 (-20%) |
| 34 | intelligence | 10 | ▼ -1 (-10%) |
| 35 | Microsoft Edge | 9 | ▲ 3 (33%) |
| 36 | Russia | 9 | ▼ -2 (-22%) |
| 37 | Android | 8 | ▼ -3 (-38%) |
| 38 | Java | 8 | ▲ 1 (13%) |
| 39 | Edge | 8 | ▲ 7 (88%) |
| 40 | Ransomware | 7 | - 0 (0%) |
| 41 | Linux | 7 | ▲ 1 (14%) |
| 42 | Cryptocurrency | 7 | ▼ -3 (-43%) |
| 43 | ChatGPT | 7 | ▲ 5 (71%) |
| 44 | Apple | 6 | ▼ -4 (-67%) |
| 45 | Government | 6 | ▼ -8 (-133%) |
| 46 | Tor | 6 | ▲ 5 (83%) |
| 47 | GameoverP2P | 6 | - 0 (0%) |
| 48 | hijack | 6 | ▲ 3 (50%) |
| 49 | GitHub | 6 | - 0 (0%) |
| 50 | MFA | 6 | ▼ -3 (-50%) |
| 51 | RCE | 6 | ▲ new |
| 52 | payment | 6 | ▲ 2 (33%) |
| 53 | Social Engineering | 6 | ▼ -1 (-17%) |
| 54 | NetWireRC | 6 | ▼ -5 (-83%) |
| 55 | RAT | 6 | - 0 (0%) |
| 56 | 5 | ▲ 3 (60%) | |
| 57 | VPN | 5 | ▼ -2 (-40%) |
| 58 | MWNEWS | 5 | ▲ 4 (80%) |
| 59 | 5 | ▼ -4 (-80%) | |
| 60 | Takedown | 5 | ▲ 1 (20%) |
| 61 | 5 | ▼ -1 (-20%) | |
| 62 | Lumma | 5 | ▼ -2 (-40%) |
| 63 | China | 5 | ▼ -1 (-20%) |
| 64 | DarkWeb | 4 | ▲ 2 (50%) |
| 65 | Tick | 4 | ▲ 2 (50%) |
| 66 | fake | 4 | ▲ 2 (50%) |
| 67 | RATel | 4 | ▲ 3 (75%) |
| 68 | Telegram | 4 | ▼ -1 (-25%) |
| 69 | VBScript | 4 | ▲ 2 (50%) |
| 70 | Banking | 4 | ▼ -3 (-75%) |
| 71 | mozilla | 4 | ▲ 1 (25%) |
| 72 | sophisticated | 4 | ▲ new |
| 73 | Education | 4 | ▼ -6 (-150%) |
| 74 | account | 4 | ▲ 3 (75%) |
| 75 | SMB | 4 | ▲ new |
| 76 | Cloudflare | 4 | ▲ 2 (50%) |
| 77 | taegliche | 3 | - 0 (0%) |
| 78 | ThreatProtection | 3 | - 0 (0%) |
| 79 | web | 3 | ▼ -2 (-67%) |
| 80 | Endpoint | 3 | ▲ 1 (33%) |
| 81 | NortonLifeLock | 3 | - 0 (0%) |
| 82 | Black Basta | 3 | ▲ new |
| 83 | Sicherheitsnews | 3 | - 0 (0%) |
| 84 | AI | 3 | ▲ 2 (67%) |
| 85 | Code | 3 | ▲ 1 (33%) |
| 86 | Vawtrak | 3 | ▲ 2 (67%) |
| 87 | IPS | 3 | ▲ 1 (33%) |
| 88 | fingerprint | 3 | ▲ 2 (67%) |
| 89 | last | 3 | ▲ 1 (33%) |
| 90 | DYEPACK | 3 | - 0 (0%) |
| 91 | amp | 3 | ▲ 1 (33%) |
| 92 | Symantec | 3 | ▲ 1 (33%) |
| 93 | malicious | 3 | ▼ -1 (-33%) |
| 94 | Kritische | 3 | ▲ new |
| 95 | Zusammenfassung | 3 | - 0 (0%) |
| 96 | enterprise | 3 | ▲ new |
| 97 | protection | 3 | ▲ 1 (33%) |
| 98 | unknown | 3 | ▲ new |
| 99 | googlechrome | 3 | ▲ new |
| 100 | YouTube | 3 | - 0 (0%) |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Trojan |
|
12 (20%) |
| Ransomware |
|
7 (11.7%) |
| GameoverP2P |
|
6 (10%) |
| NetWireRC |
|
6 (10%) |
| RAT |
|
6 (10%) |
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|---|---|
| Tick |
|
4 (100%) |
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Campaign |
|
30 (22.1%) |
| Exploit |
|
25 (18.4%) |
| Phishing |
|
23 (16.9%) |
| Stealer |
|
20 (14.7%) |
| Remote Code Execution |
|
14 (10.3%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
|
|
36 (26.3%) | |
| Microsoft |
|
24 (17.5%) |
| United States |
|
15 (10.9%) |
| Kaspersky |
|
11 (8%) |
| Russia |
|
9 (6.6%) |
Threat info
Last 5SNS
(Total : 31)Browser Chrome target Google attack Update Windows Malware Stealer Takedown Tor Symantec Campaign Apple Exploit Vulnerability ZeroDay Firefox Password MacOS IoC Email RAT Phishing Safari WhatsApp Report Cloudflare Fortinet plugin hijack powershell India Police GitHub Government VPN Advertising NetWireRC ...
News
(Total : 85)Browser Malware Update Windows Google attack Chrome Report Attacker Campaign target Microsoft Exploit Advertising Phishing Software Victim Email Criminal Stealer Vulnerability United States Remote Code Execution Operation Password Trojan Distribution Kaspersky powershell c&c IoC ZeroDay Firefox intelligence Russia Microsoft Edge Java Android ChatGPT Cryptocurrency Linux Ransomware MFA payment Social Engineering RCE GameoverP2P China Government hijack GitHub NetWireRC Lumma Twitter LinkedIn VBScript WhatsApp RATel VPN Education SMB Banking RAT DarkWeb Telegram Tick YouTube Black Basta Opera Apple Tor Vawtrak Cloudflare DYEPACK Backdoor Europe Malvertising Africa Supply chain Akira South Korea Stealc Naver hacking Check Point ...
| No | Title | Date |
|---|---|---|
| 1 | Hi, robot: Half of all internet traffic now automated - Malware.News | 2025.04.17 |
| 2 | IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews | 2025.04.17 |
| 3 | Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News | 2025.04.17 |
| 4 | Advanced KQL Deep Dive: User State Change Tracking - Malware.News | 2025.04.17 |
| 5 | Webbrowser: Kritische Sicherheitslücke in Chrome abgedichtet - IT Sicherheitsnews | 2025.04.17 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | 엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트 | 2025.04.17 |
| 2 | Hi, robot: Half of all internet traffic now automated - Malware.News | 2025.04.17 |
| 3 | Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology | 2025.04.17 |
| 4 | Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News | 2025.04.17 |
| 5 | DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology | 2025.04.17 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews | 2025.04.17 |
| 2 | Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News | 2025.04.17 |
| 3 | Advanced KQL Deep Dive: User State Change Tracking - Malware.News | 2025.04.17 |
| 4 | Advanced KQL Deep Dive: User State Change Tracking - Malware.News | 2025.04.17 |
| 5 | Webbrowser: Kritische Sicherheitslücke in Chrome abgedichtet - IT Sicherheitsnews | 2025.04.17 |
| View only the last 5 | ||
| Level | Description |
|---|---|
| danger | File has been identified by 66 AntiVirus engines on VirusTotal as malicious |
| danger | The process wscript.exe wrote an executable file to disk which it then attempted to execute |
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| danger | Executed a process and injected code into it |
| warning | Disables Windows Security features |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| watch | One or more non-whitelisted processes were created |
| watch | Potential code injection by writing to the memory of another process |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | A process attempted to delay the analysis task. |
| notice | A process created a hidden window |
| notice | Checks whether any human activity is being performed by constantly checking whether the foreground window changed |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Drops a binary and executes it |
| notice | Drops an executable to the user AppData folder |
| notice | One or more potentially interesting buffers were extracted |
| notice | Terminates another process |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |