Cyber Threat Trends

Summary: 2025/04/19 12:08

First reported date: 2015/07/22
Inquiry period : 2025/04/12 12:08 ~ 2025/04/19 12:08 (7 days), 4 search results

전 기간대비 50% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Co 입니다.
악성코드 유형 Ransomware Akira 도 새롭게 확인됩니다.
기관 및 기업 Apple 도 새롭게 확인됩니다.
기타 Technology Ruinor Blockfi ZeroDay für 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/17 iOS 18.4.1, macOS 15.4.1 & Co: Apple liefert Notfall-Patches für mehrere Systeme

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Co	4	▲ 2 (50%)
2	Technology	2	▲ new
3	Ruinor	2	▲ new
4	Blockfi	2	▲ new
5	ZeroDay	1	▲ new
6	für	1	▲ new
7	liefert	1	▲ new
8	MacOS	1	▲ new
9	Oklahoma	1	▲ new
10	Update	1	▲ new
11	Steel	1	▲ new
12	Victim	1	▲ new
13	Ransomware	1	▲ new
14	Akira	1	▲ new
15	Inc	1	▲ new
16	Wire	1	▲ new
17	Apple	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		1 (50%)
Akira		1 (50%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

No data.

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Apple		1 (100%)

Threat info

Last 5

SNS

(Total : 3)

Total keyword

Akira Ransomware Victim

No	Title	Date
1	MalwareHunterTeam @malwrhunterteam "Blockfi Ruinor Security Technology Co., Ltd." (GlobalSign given cert) signed, only 1 detection on VT "SherenVPN-x64-6-1-6.exe" sample: ae45484a1881d55afae4952224c4a8352e1163a9fb57d095431711e5dccdcd18 https://t.co/0uOncNV37F	2025.04.18
2	MalwareHunterTeam @malwrhunterteam You could see the "Blockfi Ruinor Security Technology Co., Ltd." name before here: https://t.co/DSbRI1UwOw GlobalSign that time too... ????‍♂️	2025.04.18
3	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????????????????????Oklahoma Steel & Wire Co. Inc. and STUMPF MÜLLER Biberach GmbH falls victim to Akira Ransomware https://t.co/GhU4FoY2Nc	2025.04.14

News

(Total : 1)

Total keyword

Apple Update ZeroDay MacOS

No	Title	Date
1	iOS 18.4.1, macOS 15.4.1 & Co: Apple liefert Notfall-Patches für mehrere Systeme - IT Sicherheitsnews	2025.04.17

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	iOS 18.4.1, macOS 15.4.1 & Co: Apple liefert Notfall-Patches für mehrere Systeme - IT Sicherheitsnews	2025.04.17
2	iOS 18.4, macOS 15.4 und Co.: Apple stopft viele Lücken - IT Sicherheitsnews	2025.04.01
3	Schadcode-Sicherheitslücken bedrohen FortiOS, FortiSandbox & Co. - IT Sicherheitsnews	2025.03.13
4	ChatGPT, Claude & Co: Wer bietet die besten Gratis-Features? - IT Sicherheitsnews	2025.03.09
5	Nissan CDS Rises to Highest in Japan, Topping Rakuten, SoftBank - Bloomberg Technolo...	2025.02.18
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	kent.ps1 Client SW User Data Stealer Backdoor RemcosRAT Formbook browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library Confuser .NET Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Co	432719ce1459add67ebe4c01b47310f2	58059	2025.03.13
2	conhost.exe Emotet Generic Malware Suspicious_Script_Bin task schedule Downloader UPX Malicious Library Antivirus Malicious Packer .NET framework(MSIL) Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Co	197cf1b5f5228af677c04341b43b58f0	42893	2023.07.08

Level	Description
danger	The process powershell.exe wrote an executable file to disk which it then attempted to execute
danger	Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger	Executed a process and injected code into it
watch	Allocates execute permission to another process indicative of possible code injection
watch	Code injection by writing an executable or DLL to the memory of another process
watch	Communicates with host for which no DNS query was performed
watch	Drops a binary and executes it
watch	File has been identified by 11 AntiVirus engines on VirusTotal as malicious
watch	One or more non-whitelisted processes were created
watch	Potential code injection by writing to the memory of another process
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
watch	Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice	A process attempted to delay the analysis task.
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Checks adapter addresses which can be used to detect virtual network interfaces
notice	Creates executable files on the filesystem
notice	Drops an executable to the user AppData folder
notice	HTTP traffic contains suspicious features which may be indicative of malware related traffic
notice	One or more potentially interesting buffers were extracted
notice	Performs some HTTP requests
notice	Yara rule detected in process memory
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
Network	ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
Network	ET INFO Executable Download from dotted-quad Host
Network	ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
Network	ET POLICY PE EXE or DLL Windows file download HTTP

No data

Beta Service, If you select keyword, you can check detailed information.