popup

Cyber Threat Trends

  1. Day Week

conference CrowdStrike 북한

Summary: 2025/04/17 10:48

First reported date: 2010/05/28
Inquiry period : 2025/03/18 10:48 ~ 2025/04/17 10:48 (1 months), 115 search results

전 기간대비 38% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 CVE Vulnerability Exploit Update Malware 입니다.
공격기술 hijack 도 새롭게 확인됩니다.
기타 program Tomcat Kubernetes CrushFTP Ingress 등 신규 키워드도 확인됩니다.

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures.

CVE(Common Vulnerabilities and Exposure)는 공개적으로 알려진 소프트웨어의 보안취약점을 가리키는 고유 표기

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Save our CVE! Last minute rescue for critical cybersecurity service
    ㆍ 2025/04/17 What's happening with MITRE and the CVE program uncertainty
    ㆍ 2025/04/17 CISA funds CVE program in the 11th hour of contract with MITRE

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1CVE 115 ▲ 44 (38%)
2Vulnerability 114 ▲ 43 (38%)
3Exploit 47 ▲ 14 (30%)
4Update 36 ▲ 17 (47%)
5Malware 35 ▲ 12 (34%)
6Remote Code Execution 25 ▲ 8 (32%)
7CVSS 23 ▲ 4 (17%)
8Report 17 ▲ 7 (41%)
9Critical 16 ▲ 9 (56%)
10CISA 16 ▲ 7 (44%)
11Alert 14 ▲ 6 (43%)
12attack 14 ▼ -5 (-36%)
13Software 14 ▲ 8 (57%)
14rce 11 ▲ 8 (73%)
15Apache 11 ▲ 10 (91%)
16program 10 ▲ new
17ZeroDay 10 ▼ -1 (-10%)
18intelligence 9 ▲ 1 (11%)
19Windows 9 ▼ -1 (-11%)
20Flaw 9 ▲ 8 (89%)
21ThreatProtection 8 ▲ 7 (88%)
22Tomcat 8 ▲ new
23target 8 ▼ -6 (-75%)
24MITRE 8 ▲ 7 (88%)
25Operation 7 ▲ 1 (14%)
26GitHub 7 ▲ 6 (86%)
27Java 7 ▲ 5 (71%)
28NortonLifeLock 7 ▲ 6 (86%)
29Government 7 ▲ 5 (71%)
30Kubernetes 7 ▲ new
31MWNEWS 6 ▲ 3 (50%)
32CrushFTP 6 ▲ new
33Fortinet 6 ▲ 4 (67%)
34wild 6 ▲ 4 (67%)
35access 6 ▲ 3 (50%)
36Ingress 5 ▲ new
37Microsoft 5 ▼ -5 (-100%)
38hacking 5 ▲ 3 (60%)
39PoC 5 ▲ 1 (20%)
40securityaffairs 5 ▲ 4 (80%)
41Google 5 ▲ 2 (40%)
42Advertising 5 - 0 (0%)
43Supply chain 5 ▲ new
44FortiGate 5 ▲ new
45SHODAN 5 ▲ 4 (80%)
46Code 4 ▲ 3 (75%)
47Middleware 4 ▲ new
48amp 3 ▲ 2 (67%)
49Exploitation 3 ▲ 2 (67%)
50Campaign 3 ▼ -1 (-33%)
51Backdoor 3 ▲ 2 (67%)
52Ivanti 3 ▲ 2 (67%)
53contract 3 ▲ new
54DDoS 3 ▲ 1 (33%)
55Cisco 3 ▼ -1 (-33%)
56Nextjs 3 ▲ new
57Backup 3 ▲ 2 (67%)
58NGINX 3 ▲ new
59Password 3 ▲ new
60funding 3 ▲ new
61Remote 3 ▼ -1 (-33%)
62bypass 2 ▲ 1 (50%)
63httpstcopbHM 2 ▲ new
64ingressnginx 2 ▲ new
65camel 2 ▲ 1 (50%)
66Gladinet 2 ▲ new
67Telegram 2 ▲ new
68Chrome 2 ▲ new
69Old 2 ▲ new
70hijack 2 ▲ new
71Unauthenticated 2 ▲ 1 (50%)
72HTTP 2 ▲ new
73WordPress 2 ▲ 1 (50%)
74plugin 2 ▲ new
75cve2025 2 ▲ new
76injection 2 ▲ 1 (50%)
77file 2 ▲ 1 (50%)
78vulnerable 2 - 0 (0%)
79Vite 2 ▲ new
80Arbitrary 2 ▼ -2 (-100%)
81SSRF 2 ▲ new
82Firefox 2 ▲ new
83href 2 ▲ new
84Smart 2 ▲ new
85Authentication 2 - 0 (0%)
86overflow 2 ▲ 1 (50%)
87Replication 2 ▲ 1 (50%)
88session 2 ▲ new
89Zscaler 2 ▲ new
90Veeam 2 ▲ new
91VPN 2 ▲ new
92js 2 ▲ new
93Mandiant 2 ▲ 1 (50%)
94ESET 2 - 0 (0%)
95UNIX 2 ▲ new
96Ransomware 2 ▲ 1 (50%)
97Victim 2 ▼ -2 (-100%)
98WAF 2 ▲ new
99Takedown 2 - 0 (0%)
100Next 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
2 (50%)
MeshAgent
1 (25%)
Trojan
1 (25%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
UNC5221
1 (100%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
47 (46.5%)
Remote Code Execution
25 (24.8%)
rce
11 (10.9%)
hacking
5 (5%)
Campaign
3 (3%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
CISA
16 (33.3%)
Government
7 (14.6%)
Fortinet
6 (12.5%)
Microsoft
5 (10.4%)
Google
5 (10.4%)
Threat info
Last 5

SNS

(Total : 71)
  Total keyword

CVE Vulnerability Exploit Update Attacker CVSS Remote Code Execution Windows ZeroDay hacking Malware rce Report CISA SHODAN Fortinet attack PoC target Microsoft Chrome Telegram plugin WordPress SSRF hijack Kubernetes Google WhatsApp Firefox Docker MeshAgent Email ...

No Title Date
1Kimberly @StopMalvertisin
The Register | Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program https://t.co/Rzkjmfyb8O		2025.04.16
2BleepingComputer @BleepinComputer
MITRE warns that funding for critical CVE program expires today - @serghei https://t.co/ouuW5ByIF6 https://t.co/ouuW5ByIF6		2025.04.16
3The Hacker News @TheHackersNews
???????? UPDATE — CISA extends funding to prevent a shutdown of the CVE Program. A new CVE Foundation is also launched to ensure global, independent oversight—just as ENISA rolls out the EU Vulnerability Database. Read: https://t.co/mKfa9BheyH		2025.04.16
4Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
????CISA announces the CVE Program is here to stay. https://t.co/4jn6uxqxyN		2025.04.16
5Unit 42 @Unit42_Intel
We've seen persistence in #CVE202427564 #SSRF probes for vulnerable ChatGPT servers, requesting /etc/passwd and URLs using OAST domains. Increase of probes hitting Education (16.6%) and Manufacturing (8%) since Feb 2025. Details at https://t.co/7LxKncmYiy https://t.co/wZgrL68q9q		2025.04.16

News

(Total : 44)
  Total keyword

Vulnerability CVE Malware Exploit Update Remote Code Execution CVSS Attacker Software Report CISA attack intelligence Government Operation GitHub RCE Java target Advertising Kubernetes Supply chain ZeroDay DDoS Windows Microsoft Password PoC Google Backdoor Fortinet VPN LinkedIn Campaign Cisco Takedown SHODAN UNIX Victim ESET Ransomware YouTube UNC5221 취약점 Dropper Webshell Trojan Mandiant Linux China IoC WinRAR Europe ...

No Title Date
1Save our CVE! Last minute rescue for critical cybersecurity service - Malware.News2025.04.17
2What's happening with MITRE and the CVE program uncertainty - Malware.News2025.04.17
3CISA funds CVE program in the 11th hour of contract with MITRE - Malware.News2025.04.17
4CISA reverses course, extends MITRE CVE contract - CyberScoop2025.04.16
5MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’ - Malware.News2025.04.16

Additional information

Level Description
warning File has been identified by 29 AntiVirus engines on VirusTotal as malicious
watch Communicates with host for which no DNS query was performed
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice Allocates read-write-execute memory (usually to unpack itself)
notice An application raised an exception which may be indicative of an exploit crash
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice Performs some HTTP requests
notice Uses Windows utilities for basic Windows functionality
notice Yara rule detected in process memory
info One or more processes crashed
Network ET INFO TLS Handshake Failure
Network SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
No data
No data
Beta Service, If you select keyword, you can check detailed information.