popup

Cyber Threat Trends

  1. Day Month

conference CrowdStrike 북한

Summary: 2025/04/17 13:07

First reported date: 2012/01/05
Inquiry period : 2025/04/10 13:07 ~ 2025/04/17 13:07 (7 days), 69 search results

전 기간대비 -10% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 United States Update Victim Exploit Advertising 입니다.
악성코드 유형 Vawtrak GraphicalNeutrino njRAT 도 새롭게 확인됩니다.
공격자 Tick APT29 도 새롭게 확인됩니다.
공격기술 RCE Smishing 도 새롭게 확인됩니다.
기관 및 기업 Check Point Amazon VirusTotal CISA 도 새롭게 확인됩니다.
기타 AI Zero Trust Facebook account RSA Conference 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure
    ㆍ 2025/04/17 Hi, robot: Half of all internet traffic now automated
    ㆍ 2025/04/17 Exploiting SMS: Threat Actors Use Social Engineering to Target Companies

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Email 69 ▼ -7 (-10%)
2Malware 32 ▼ -1 (-3%)
3Report 25 - 0 (0%)
4Phishing 23 ▼ -3 (-13%)
5United States 23 ▲ 11 (48%)
6Update 19 ▲ 7 (37%)
7attack 18 ▼ -1 (-6%)
8target 18 - 0 (0%)
9Campaign 17 ▼ -7 (-41%)
10Victim 15 ▲ 2 (13%)
11Exploit 14 ▲ 3 (21%)
12Advertising 13 ▲ 1 (8%)
13Vulnerability 11 ▲ 6 (55%)
14RCE 11 ▲ new
15intelligence 10 ▼ -1 (-10%)
16Microsoft 9 ▼ -3 (-33%)
17Software 9 ▲ 4 (44%)
18Government 9 ▲ 4 (44%)
19Windows 9 ▲ 3 (33%)
20threat 8 ▲ 3 (38%)
21Education 8 ▲ 3 (38%)
22Browser 8 ▲ 4 (50%)
23Password 7 ▼ -1 (-14%)
24Alleged 7 ▼ -3 (-43%)
25Criminal 7 ▼ -3 (-43%)
26Operation 7 - 0 (0%)
27Kaspersky 7 ▲ 4 (57%)
28Google 6 ▲ 3 (50%)
29Russia 6 ▲ 4 (67%)
30IoC 6 ▼ -1 (-17%)
31US 5 ▲ 4 (80%)
32Sale 5 ▲ 1 (20%)
33GameoverP2P 5 ▲ 3 (60%)
34Cryptocurrency 5 ▲ 1 (20%)
35Breach 5 ▼ -1 (-20%)
36Data 5 ▼ -6 (-120%)
37NetWireRC 5 ▲ 3 (60%)
38Ransomware 5 ▼ -3 (-60%)
39ZeroDay 5 ▲ 3 (60%)
40GitHub 5 ▲ 1 (20%)
41c&c 5 - 0 (0%)
42Linux 4 ▲ 2 (50%)
43RAT 4 ▲ 2 (50%)
44MFA 4 ▲ 2 (50%)
45Takedown 4 ▲ 3 (75%)
46AI 4 ▲ new
47hacking 4 ▼ -1 (-25%)
48payment 4 ▲ 3 (75%)
49Android 4 ▲ 2 (50%)
50Social Engineering 4 - 0 (0%)
51United Kingdom 4 ▲ 3 (75%)
52actor 4 ▲ 2 (50%)
53Vawtrak 4 ▲ new
54Check Point 4 ▲ new
55LinkedIn 4 - 0 (0%)
56Zero Trust 3 ▲ new
57Smishing 3 ▲ new
58Trojan 3 ▲ 1 (33%)
59Facebook 3 ▲ new
60VPN 3 - 0 (0%)
61EDR 3 ▲ 1 (33%)
62account 3 ▲ new
63Leak 3 ▼ -1 (-33%)
64Europe 3 ▲ 2 (67%)
65Tick 3 ▲ new
66powershell 3 ▼ -1 (-33%)
67Telegram 3 ▲ 2 (67%)
68Cisco 3 ▲ 1 (33%)
69MWNEWS 3 ▲ 2 (67%)
70China 3 ▼ -1 (-33%)
71Amazon 3 ▲ new
72VirusTotal 2 ▲ new
73RSA Conference 2 ▲ new
74Australia 2 ▲ 1 (50%)
75CISA 2 ▲ new
76Cryptocurrency Miner 2 ▲ 1 (50%)
77GraphicalNeutrino 2 ▲ new
78scam 2 ▲ new
79access 2 ▲ new
80Chrome 2 - 0 (0%)
81Stealer 2 ▼ -5 (-250%)
82WhatsApp 2 ▲ new
83Multiple 2 ▲ new
84ltpgt 2 ▲ new
85RealTime 2 ▲ new
86njRAT 2 ▲ new
87CrowdStrike 2 ▲ 1 (50%)
88APT29 2 ▲ new
89ChatGPT 2 ▼ -1 (-50%)
90address 2 ▲ new
91privacy 2 ▲ new
92Figure 2 ▲ new
93Model 2 ▲ new
94team 2 ▲ new
95Crypto 2 ▲ 1 (50%)
96bombing 2 ▲ new
97arrest 2 ▲ 1 (50%)
98Gmail 2 - 0 (0%)
99HighValue 2 ▲ new
100network 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
GameoverP2P
5 (15.2%)
NetWireRC
5 (15.2%)
Ransomware
5 (15.2%)
RAT
4 (12.1%)
Vawtrak
4 (12.1%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Tick
3 (60%)
APT29
2 (40%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Phishing
23 (28.8%)
Campaign
17 (21.3%)
Exploit
14 (17.5%)
RCE
11 (13.8%)
hacking
4 (5%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
23 (24.2%)
Microsoft
9 (9.5%)
Government
9 (9.5%)
Kaspersky
7 (7.4%)
Google
6 (6.3%)
Threat info
Last 5

SNS

(Total : 29)
  Total keyword

Email Phishing attack United States target Report US Attacker Cryptocurrency Campaign Vulnerability Kaspersky Victim Advertising Exploit Operation MFA EDR Education PoC XSS CVE MacOS APT29 Europe Check Point GraphicalNeutrino Browser Government Police Password hacking RCE Telegram ...

No Title Date
1Virus Bulletin @virusbtn
The Check Point Research team analyse a renewed APT29 phishing campaign targeting diplomatic entities across Europe. The campaign employs a new loader, called GRAPELOADER, which is downloaded via a link in the phishing email. https://t.co/Pkb5PsOrgj https://t.co/3NczqtgFHb		2025.04.16
2Malwarebytes @Malwarebytes
@Harryik0329 Hi Harry. Could you send us a private message with your email address? We'll have our support team reach out to you. Thank you!		2025.04.16
3Microsoft Threat Intelligence @MsftSecIntel
@sherrod_im In the case of the Russian threat actor Star Blizzard, while their campaigns have always been focused on email credential theft, the actor has persistently introduced new techniques to avoid detection, and either modified or abandoned them once they become publicly known.		2025.04.16
4Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???????????? Alleged Sale of 180,000 Portugal Leads – $3,000 A threat actor is allegedly selling 180K personal records from Portugal, reportedly extracted from online store databases in SQL format. ???? Record count: 180,000 ???? Data format: Email, Name, Phone ???? Source: Online store SQL https:		2025.04.16
5Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???????????? Alleged Leak: https://t.co/4gsdFFiRYo (Switzerland) A threat actor has allegedly leaked data from Zytglogge Verlag, a longstanding Swiss publishing house active in literature, dialect, historical and non-fiction works. ???? 4,464 user records ???? Includes: emails, plaintext https://t		2025.04.15

News

(Total : 40)
  Total keyword

Email Malware Report Update United States Phishing Campaign target Victim attack Exploit Advertising RCE intelligence Attacker Vulnerability Windows Microsoft Software Government Education Browser Criminal Operation Google Password NetWireRC GitHub Russia ZeroDay Kaspersky GameoverP2P IoC Ransomware c&c Vawtrak United Kingdom Social Engineering LinkedIn Takedown payment Android RAT Linux Smishing hacking Cisco Cryptocurrency MFA Zero Trust Check Point China Amazon Trojan VPN powershell Tick CISA Australia Telegram CrowdStrike WhatsApp Stealer EDR ChatGPT Facebook Chrome Europe Cryptocurrency Miner RSA Conference VirusTotal njRAT Java SMB Distribution VBScript US arrest DarkWeb WMI hijack Microsoft Edge Binance IcedID ...

No Title Date
1Former cyber official Chris Krebs to leave SentinelOne in bid to fight Trump pressure - Malware.News2025.04.17
2Hi, robot: Half of all internet traffic now automated - Malware.News2025.04.17
3Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News2025.04.17
4“I sent you an email from your email account,” sextortion scam claims - Malware.News2025.04.17
5“I sent you an email from your email account,” sextortion scam claims - Malwarebytes Labs2025.04.16

Additional information

Level Description
danger File has been identified by 59 AntiVirus engines on VirusTotal as malicious
danger Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger Executed a process and injected code into it
watch Allocates execute permission to another process indicative of possible code injection
watch Attempts to remove evidence of file being downloaded from the Internet
watch Communicates with host for which no DNS query was performed
watch Potential code injection by writing to the memory of another process
watch Resumed a suspended thread in a remote process potentially indicative of process injection
watch Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice Allocates read-write-execute memory (usually to unpack itself)
notice One or more potentially interesting buffers were extracted
notice Potentially malicious URLs were found in the process memory dump
notice The binary likely contains encrypted or compressed data indicative of a packer
notice Yara rule detected in process memory
info Checks amount of memory in system
info Checks if process is being debugged by a debugger
info This executable has a PDB path
No data
No data
Beta Service, If you select keyword, you can check detailed information.