Cyber Threat Trends

Summary: 2025/04/17 13:02

First reported date: 2014/05/13
Inquiry period : 2025/04/10 13:02 ~ 2025/04/17 13:02 (7 days), 5 search results

전 기간대비 60% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 HTTP 입니다.
기타 Navigator VT AV FUD emacsbin 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/15 [webapps] IBMi Navigator 7.5 - HTTP Security Token Bypass

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	HTTP	5	▲ 3 (60%)
2	Navigator	1	▲ new
3	VT	1	▲ new
4	AV	1	▲ new
5	FUD	1	▲ new
6	emacsbin	1	▲ new
7	stage	1	▼ -1 (-100%)
8	Next	1	▼ -1 (-100%)
9	crond	1	▲ new
10	Token	1	▲ new
11	IBMi	1	▲ new
12	Status	1	▲ new
13	QRadar Security Suite	1	▲ new
14	target	1	▲ new
15	Vulnerability	1	▲ new
16	Request	1	▲ new
17	Vite	1	▲ new
18	CVE	1	▲ new
19	Alert	1	▲ new
20	Codes	1	▲ new
21	thorscanner	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

No data.

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

No data.

Country & Company

This is a country or company that is an issue.

No data.

Threat info

Last 5

SNS

(Total : 4)

Total keyword

target Vulnerability CVE

No	Title	Date
1	MalwareHunterTeam @malwrhunterteam "2.bat": 3d6683feef58cffa20cd20011edae2f246349716c78ab695dda49ee9467ac13b From: http://46.101.106.166/makina/2.bat FUD by the AV engines on VT, but there are 5 @thor_scanner comments... ???? ????‍♂️ https://t.co/P7nwIQ6x1m	2025.04.16
2	MalwareHunterTeam @malwrhunterteam Next stage samples: "emacs-bin": 6166cb1efea2c4e6695e59eccc9e4722759405f5d175732d6f7569c40a07ccce From: http://165.232.114.63/emacs-bin "crond-98": ae66a9a04166eeb0df5a6ccf6f4208e10a522c5576243b5d726f63b8b81969d5 From: http://165.22.251.224/crond-98	2025.04.16
3	Hunter @HunterMapping ????Alert???? CVE-2025-32395: Vite HTTP Request Target Denial of Service ????PoC：https://t.co/bzUltBnylZ ????286K+ Services are found on the https://t.co/ysWb28Crld yearly. ????Hunter Link:https://t.co/qafv4mcEr6 ????Query HUNTER : https://t.co/q9rtuGgxk7="Vite" FOFA : body="/@vite/client" https://t	2025.04.11
4	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????HTTP Status Codes https://t.co/LeXgnj9aSX	2025.04.10

News

(Total : 1)

Total keyword

QRadar Security Suite

No	Title	Date
1	[webapps] IBMi Navigator 7.5 - HTTP Security Token Bypass - Exploit-DB.com	2025.04.15

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	HTTP/3 is everywhere but nowhere - Malware.News	2025.03.13
2	HTTP/3 is everywhere but nowhere - Malware.News	2025.03.13
3	HTTP/3 is everywhere but nowhere - Malware.News	2025.03.13
4	HTTP/3 is everywhere but nowhere - Malware.News	2025.03.13
5	HTTP/3 is everywhere but nowhere - Malware.News	2025.03.13
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	layout.bin Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File	72c582ab7db10af86a90608f98e5e614	59058	2025.04.17
2	os.dat Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File	af1d8d9435cb10fe2f4b4215eaf6bec4	59059	2025.04.17
3	setup.bmp Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM BMP Format MSOffice File	f1874e4041a511771e01e079227ca8ca	59060	2025.04.17
4	SETUP.INI Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File	ac9d9386a57420db9299eb1be1fa82de	59062	2025.04.17
5	setup.ins Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Hijack Network Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM MSOffice File	89ab96b20f7b472b91e8a0660054394c	59063	2025.04.17
View only the last 5

Level	Description
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice	Potentially malicious URLs were found in the process memory dump
notice	Uses Windows utilities for basic Windows functionality
notice	Yara rule detected in process memory
Network	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

No data

Beta Service, If you select keyword, you can check detailed information.

Cyber Threat Trends

Summary: 2025/04/17 13:02

Trend graph by period

Related keyword cloud

Special keyword group

Malware Type

Attacker & Actors

Technique

Country & Company

Threat info

SNS

News

Additional information

Top10 search keywords

Submissions

Report

Company