popup

Cyber Threat Trends

  1. Day Week

conference CrowdStrike 북한

Summary: 2025/04/19 14:06

First reported date: 2011/03/29
Inquiry period : 2025/03/20 14:06 ~ 2025/04/19 14:06 (1 months), 39 search results

전 기간대비 62% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Server Windows Microsoft Update Malware 입니다.
악성코드 유형 BlackSuit Trojan TONESHELL 도 새롭게 확인됩니다.
공격기술 Remote Code Execution RCE hijack Backdoor 도 새롭게 확인됩니다.
기관 및 기업 Government Europe China Zscaler Amazon Australia 도 새롭게 확인됩니다.
기타 target QRadar Security Suite IBM Alert Advertising 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1
    ㆍ 2025/04/15 Windows Server 2025: Domain-Controller sind nach Neustart nicht mehr erreichbar
    ㆍ 2025/04/15 [webapps] IBMi Navigator 7.5 - Server Side Request Forgery (SSRF)

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Server 39 ▲ 24 (62%)
2Windows 11 ▲ 8 (73%)
3Microsoft 8 ▲ 6 (75%)
4Update 8 ▲ 2 (25%)
5target 7 ▲ new
6Malware 7 ▲ 5 (71%)
7QRadar Security Suite 6 ▲ new
8DDoS 5 ▲ 4 (80%)
9IBM 5 ▲ new
10Alert 5 ▲ new
11Schwachstellen 5 ▲ 3 (60%)
12Remote Code Execution 4 ▲ new
13attack 4 ▲ 3 (75%)
14Advertising 4 ▲ new
15KILLERS 3 ▲ new
16Request 3 ▲ new
17Operation 3 ▲ new
18Side 3 ▲ new
19SSRF 3 ▲ new
20Remote 3 ▲ new
21httpstco 3 ▲ new
22Report 3 ▲ new
23Vulnerability 3 ▲ 1 (33%)
24Mehrere 3 ▲ 2 (67%)
25Information 3 ▲ new
26c&c 3 ▲ new
27InfoSphere 3 ▲ new
28Recent 2 ▲ new
29Schwachstelle 2 ▲ new
30Government 2 ▲ new
31Kosovo 2 ▲ new
32IoC 2 ▲ new
33RCE 2 ▲ new
34Liberty 2 ▲ new
35Application 2 ▲ 1 (50%)
36WebSphere 2 ▲ new
37Log 2 ▲ new
38Nagios 2 ▲ new
39Exploit 2 ▼ -1 (-50%)
40intelligence 2 ▲ 1 (50%)
41Forgery 2 ▲ new
42File 2 ▲ new
43C2 2 ▲ new
44SharePoint 2 ▲ new
45Exchange 2 ▲ new
46key 2 ▲ new
47web 1 - 0 (0%)
48nach 1 ▲ new
49sind 1 ▲ new
50DomainController 1 ▲ new
51Honeynet 1 - 0 (0%)
52Plane 1 ▲ new
53break 1 ▲ new
54BlackSuit 1 ▲ new
55API 1 ▲ new
56Umgehen 1 ▲ new
57von 1 - 0 (0%)
58NATS 1 ▲ new
59protection 1 ▲ new
60AMSI 1 ▲ new
61MWNEWS 1 - 0 (0%)
62Artikel 1 ▲ new
63Twelve 1 ▲ new
64EDR 1 ▲ new
65Threat 1 ▲ new
66emergency 1 ▲ new
67httpstcoay 1 ▲ new
68StarProxy 1 ▲ new
69keylogger 1 ▲ new
70Europe 1 ▲ new
71Trojan 1 ▲ new
72hijack 1 ▲ new
73Backdoor 1 ▲ new
74GitHub 1 ▲ new
75UNIX 1 ▲ new
76TONESHELL 1 ▲ new
77China 1 ▲ new
78traffic 1 ▼ -1 (-100%)
79Victim 1 ▲ new
80Zscaler 1 ▲ new
81MUSTANG PANDA 1 ▲ new
82Cobalt Strike 1 ▲ new
83Access 1 ▲ new
84Improper 1 ▲ new
85Integration 1 ▲ new
86WebMethods 1 ▲ new
87Navigator 1 ▲ new
88IBMi 1 ▲ new
89database 1 ▲ new
90Mattermost 1 ▲ new
91SQL 1 ▲ new
92Code 1 ▲ new
93Password 1 ▲ new
94Mirai 1 ▲ new
95platform 1 ▲ new
96fintech 1 ▲ new
97Misconfigured 1 ▲ new
98Australian 1 ▲ new
99Amazon 1 ▲ new
100Australia 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
BlackSuit
1 (25%)
Trojan
1 (25%)
TONESHELL
1 (25%)
Botnet
1 (25%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
DDoS
5 (33.3%)
Remote Code Execution
4 (26.7%)
RCE
2 (13.3%)
Exploit
2 (13.3%)
hijack
1 (6.7%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Microsoft
8 (50%)
Government
2 (12.5%)
Europe
1 (6.3%)
China
1 (6.3%)
Zscaler
1 (6.3%)
Threat info
Last 5

SNS

(Total : 11)
  Total keyword

target Windows DDoS Microsoft Update Exploit RCE BlackSuit Government Vulnerability CVE attack

No Title Date
1Microsoft Threat Intelligence @MsftSecIntel
Threat actors have consistently exploited critical vulnerabilities in Exchange Server and SharePoint Server that enable them to gain a persistent foothold inside the target. Such attacks have been observed to lead to remote code execution, lateral movement, and exfiltration of		2025.04.18
2BleepingComputer @BleepinComputer
New Windows Server emergency updates fix container launch issue - @serghei https://t.co/ay9lKdtcy4 https://t.co/ay9lKdtcy4		2025.04.17
3BleepingComputer @BleepinComputer
Microsoft: Windows Server 2025 restarts break connectivity on some DCs - @serghei https://t.co/2Y4p2xXG1I https://t.co/2Y4p2xXG1I		2025.04.14
4FalconFeeds.io @FalconFeedsio
???? DDoS Alert ???? SERVER KILLERS claims to have targeted multiple website in Kosovo. • Kosovo Chamber of Mediators • Spitali Royal Medical • American Hospital Kosova • National Institute of Public Health of Kosovo • Independent Oversight Council for the Kosovo Civil Service https://t.co/OmxI7Nj		2025.04.13
5FalconFeeds.io @FalconFeedsio
???? DDoS Alert: SERVER KILLERS claims to have targeted multiple websites in Kosovo. - ​KosovaPress - Official Gazette of the Republic of Kosovo - Kosova Sot - InfoKosova - ZERI NEWSAPAPER - RKS News - The Pristina Post https://t.co/SvKV9aZXzw		2025.04.11

News

(Total : 28)
  Total keyword

Windows Malware QRadar Security Suite Microsoft Update IBM Remote Code Execution Advertising attack target SSRF c&c Operation Report Vulnerability Attacker C2 intelligence DDoS IoC TONESHELL keylogger Europe Trojan hijack Backdoor Government GitHub UNIX EDR China Victim Zscaler MUSTANG PANDA Cobalt Strike Google Password Amazon Australia Honeynet Botnet Kubernetes Exploit ZeroDay Education ...

No Title Date
1Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1 - Malware.News2025.04.17
2[remote] WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page - Exploit-DB.com2025.04.16
3[UPDATE] [mittel] Mattermost Server: Mehrere Schwachstellen - IT Sicherheitsnews2025.04.15
4Windows Server 2025: Domain-Controller sind nach Neustart nicht mehr erreichbar - IT Sicherheitsnews2025.04.15
5[webapps] Plane 0.23.1 - Server side request forgery (SSRF) - Exploit-DB.com2025.04.15

Additional information

No data
No data
No data
No data
Beta Service, If you select keyword, you can check detailed information.