Cyber Threat Trends

Summary: 2025/04/19 11:29

First reported date: 2019/06/19
Inquiry period : 2025/04/12 11:29 ~ 2025/04/19 11:29 (7 days), 11 search results

전 기간대비 55% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Check Point Check Point Malware Report 입니다.
악성코드 유형 GraphicalNeutrino EnvyScout Clop HyperSSL MedusaLocker Emotet Alureon 도 새롭게 확인됩니다.
공격자 APT29 APT28 도 새롭게 확인됩니다.
공격기술 hijack Hijacking RCE APT MalSpam Deface hooking 도 새롭게 확인됩니다.
기관 및 기업 Europe Russia Kaspersky Ucraina Türkiye Australia VirusTotal Israel Tenable 세이프브리치 도 새롭게 확인됩니다.
기타 target Research attack thread IoC 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/16 CVE-2025-24054, NTLM Exploit in the Wild
    ㆍ 2025/04/15 Renewed APT29 Phishing Campaign Against European Diplomats
    ㆍ 2025/04/15 Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Check Point	11	▲ 6 (55%)
2	Check	7	▲ 4 (57%)
3	Point	7	▲ 4 (57%)
4	Malware	6	▲ 4 (67%)
5	Report	6	▲ 3 (50%)
6	Campaign	6	▲ 5 (83%)
7	Phishing	5	▲ 4 (80%)
8	GraphicalNeutrino	4	▲ new
9	APT29	4	▲ new
10	Europe	4	▲ new
11	Advertising	4	▲ 2 (50%)
12	Windows	4	▲ 3 (75%)
13	target	4	▲ new
14	Microsoft	4	▲ 3 (75%)
15	Email	3	▲ 2 (67%)
16	Research	3	▲ new
17	Russia	3	▲ new
18	Exploit	3	▲ 2 (67%)
19	Update	3	▲ 1 (33%)
20	United States	3	▲ 1 (33%)
21	Victim	3	▲ 2 (67%)
22	Government	3	▲ 2 (67%)
23	Kaspersky	3	▲ new
24	attack	3	▲ new
25	Vulnerability	2	- 0 (0%)
26	thread	2	▲ new
27	hijack	2	▲ new
28	Hijacking	2	▲ new
29	Software	2	▲ 1 (50%)
30	IoC	2	▲ new
31	GitHub	2	▲ 1 (50%)
32	Operation	2	▲ 1 (50%)
33	EDR	2	▲ new
34	RCE	2	▲ new
35	APT	2	▲ new
36	ZeroDay	2	▲ 1 (50%)
37	Ucraina	2	▲ new
38	Ransomware	2	▲ 1 (50%)
39	Ba	1	▲ new
40	MalSpam	1	▲ new
41	IoCs	1	▲ new
42	Education	1	- 0 (0%)
43	c&c	1	▲ new
44	surge	1	▲ new
45	VMware	1	▲ new
46	India	1	- 0 (0%)
47	cybersecurit	1	▲ new
48	Türkiye	1	▲ new
49	Browser	1	▲ new
50	Renewed	1	▲ new
51	Australia	1	▲ new
52	SMB	1	▲ new
53	APT28	1	▲ new
54	EnvyScout	1	▲ new
55	team	1	▲ new
56	Chrome	1	▲ new
57	Microsoft Edge	1	▲ new
58	Safari	1	▲ new
59	VirusTotal	1	▲ new
60	ToddyCat	1	▲ new
61	process	1	▲ new
62	April	1	- 0 (0%)
63	Clop	1	▲ new
64	Android	1	- 0 (0%)
65	United Kingdom	1	- 0 (0%)
66	Israel	1	▲ new
67	HyperSSL	1	▲ new
68	MedusaLocker	1	▲ new
69	hacking	1	- 0 (0%)
70	Deface	1	▲ new
71	Linux	1	▲ new
72	Twitter	1	▲ new
73	WhatsApp	1	▲ new
74	Ex	1	▲ new
75	Threat	1	- 0 (0%)
76	return	1	▲ new
77	Intelligence	1	- 0 (0%)
78	Emotet	1	▲ new
79	Tenable	1	▲ new
80	Alureon	1	▲ new
81	Vawtrak	1	- 0 (0%)
82	세이프브리치	1	▲ new
83	PoC	1	▲ new
84	hooking	1	▲ new
85	Red Team	1	▲ new
86	Black Hat	1	▲ new
87	execution	1	▲ new
88	ltlt	1	▲ new
89	list	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
GraphicalNeutrino		4 (30.8%)
Ransomware		2 (15.4%)
EnvyScout		1 (7.7%)
Clop		1 (7.7%)
HyperSSL		1 (7.7%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
APT29		4 (80%)
APT28		1 (20%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		6 (23.1%)
Phishing		5 (19.2%)
Exploit		3 (11.5%)
hijack		2 (7.7%)
Hijacking		2 (7.7%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Check Point		11 (26.8%)
Europe		4 (9.8%)
Microsoft		4 (9.8%)
Russia		3 (7.3%)
United States		3 (7.3%)

Threat info

Last 5

SNS

(Total : 7)

Total keyword

Check Point APT29 Phishing Europe GraphicalNeutrino Campaign Report APT Malware target Email IoCs Education attack Ransomware Government Software Intelligence EDR hijack Advertising Hijacking IoC

No	Title	Date
1	MalwareHunterTeam @malwrhunterteam If you look at the IoCs list of that Check Point article (published 15th this month), you can see these mentioned files. The "wine\.zip", one "ppcore.dll" and one "AppvIsvSubsystems64.dll" with their hashes were mentioned here (tweeted on March 13): https://t.co/pJUuAbrYTT. The https://t.co/fti6DEAo	2025.04.18
2	Cyber_OSINT @Cyber_O51NT Check Point Software reported a 47% surge in cyber attacks globally in Q1 2025, with ransomware up 126%, particularly affecting education, government, and telecommunications sectors, and North America responsible for 62% of these incidents. #CyberSecurit… https://t.co/sfJ7dPVgKe	2025.04.17
3	Cyber_OSINT @Cyber_O51NT Check Point Research reports that APT29 has launched a renewed phishing campaign targeting European diplomats by impersonating a foreign affairs ministry with fake wine-tasting invitations, deploying the GRAPELOADER malware. #CyberSecurity https://t.co/wBarrfcbUa	2025.04.16
4	Virus Bulletin @virusbtn The Check Point Research team analyse a renewed APT29 phishing campaign targeting diplomatic entities across Europe. The campaign employs a new loader, called GRAPELOADER, which is downloaded via a link in the phishing email. https://t.co/Pkb5PsOrgj https://t.co/3NczqtgFHb	2025.04.16
5	Cyber_OSINT @Cyber_O51NT Check Point Research revealed "Waiting Thread Hijacking," a stealthier process injection technique that cleverly utilizes waiting threads to execute code without triggering EDR alerts, evolving classic thread execution methods. #Cybersecurity #Malware https://t.co/x4eLkdBdve	2025.04.15

News

(Total : 4)

Total keyword

Windows Malware Check Point Microsoft Attacker United States Exploit Update Victim Advertising Campaign Kaspersky Report Russia attack target RCE Vulnerability Phishing GitHub ZeroDay Operation Ucraina Email Government Safari Browser Türkiye Australia APT29 VirusTotal SMB APT28 MalSpam IoC c&c VMware India GraphicalNeutrino Chrome Microsoft Edge EnvyScout ToddyCat Black Hat WhatsApp Clop Android United Kingdom Israel Ransomware HyperSSL MedusaLocker hacking Deface Linux Twitter Red Team Emotet EDR Tenable Alureon Vawtrak 세이프브리치 PoC hijack hooking Hijacking Software Europe

No	Title	Date
1	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
2	Renewed APT29 Phishing Campaign Against European Diplomats - Malware.News	2025.04.15
3	Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking - Malware.News	2025.04.15
4	14th April – Threat Intelligence Report - Malware.News	2025.04.14

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
2	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
3	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
4	Renewed APT29 Phishing Campaign Against European Diplomats - Malware.News	2025.04.15
5	Renewed APT29 Phishing Campaign Against European Diplomats - Malware.News	2025.04.15
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.