Cyber Threat Trends

Summary: 2025/04/17 13:15

First reported date: 2012/10/18
Inquiry period : 2025/04/10 13:15 ~ 2025/04/17 13:15 (7 days), 45 search results

전 기간대비 33% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Access Sale Update United States attack 입니다.
악성코드 유형 RAT Trojan njRAT NetWireRC 도 새롭게 확인됩니다.
공격기술 RCE Social Engineering Backdoor 도 새롭게 확인됩니다.
기관 및 기업 Fortinet US United Kingdom Paloalto Palo Alto Networks Russia Kaspersky Ucraina 도 새롭게 확인됩니다.
기타 FortiGate Report CVE IABs Shop 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 “I sent you an email from your email account,” sextortion scam claims
    ㆍ 2025/04/16 User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says
    ㆍ 2025/04/15 Year in Review: The biggest trends in ransomware

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Access	45	▲ 15 (33%)
2	Alleged	15	▼ -1 (-7%)
3	Sale	15	▲ 1 (7%)
4	Update	8	▲ 6 (75%)
5	United States	8	▲ 2 (25%)
6	Fortinet	8	▲ new
7	RCE	7	▲ new
8	attack	7	▲ 5 (71%)
9	Exploit	6	▲ 2 (33%)
10	VPN	5	▲ 2 (40%)
11	FortiGate	5	▲ new
12	Report	4	▲ new
13	Vulnerability	4	▲ 3 (75%)
14	CVE	4	▲ new
15	Malware	4	▲ 1 (25%)
16	RDP	3	▲ 1 (33%)
17	payment	3	▲ 2 (67%)
18	IABs	3	▲ new
19	unidentified	3	▼ -4 (-133%)
20	Shop	3	▲ new
21	Government	3	▲ 1 (33%)
22	target	3	- 0 (0%)
23	US	3	▲ new
24	Initial	3	▲ 2 (67%)
25	Email	2	▲ new
26	FTP	2	▲ new
27	United Kingdom	2	▲ new
28	intelligence	2	▲ 1 (50%)
29	Shell	2	▲ new
30	Criminal	2	▲ 1 (50%)
31	unauthorized	2	▼ -4 (-200%)
32	threat	2	▼ -1 (-50%)
33	Software	2	- 0 (0%)
34	Social Engineering	2	▲ new
35	Control	2	▲ new
36	Password	2	- 0 (0%)
37	AnyDesk	2	▲ new
38	plugin	2	▲ new
39	Phishing	2	▲ 1 (50%)
40	deal	1	▲ new
41	Data Center	1	▲ new
42	Palo Alto	1	▲ new
43	Victim	1	▲ new
44	팔로알토	1	▲ new
45	Paloalto	1	▲ new
46	Zero Trust	1	- 0 (0%)
47	Browser	1	- 0 (0%)
48	Palo Alto Networks	1	▲ new
49	RAT	1	▲ new
50	Trojan	1	▲ new
51	httpstcoyl	1	▲ new
52	address	1	▲ new
53	account	1	- 0 (0%)
54	Cryptocurrency	1	▲ new
55	coding	1	▲ new
56	Lifetime	1	▲ new
57	Canada	1	- 0 (0%)
58	Nets	1	▲ new
59	Small	1	▲ new
60	Backdoor	1	▲ new
61	stealth	1	▲ new
62	plant	1	▲ new
63	Veterinary	1	▲ new
64	webapps	1	▲ new
65	Incorrect	1	▲ new
66	DLP	1	▲ new
67	njRAT	1	▲ new
68	NetWireRC	1	▲ new
69	Argentina	1	▲ new
70	sensitive	1	▲ new
71	Advertising	1	▲ new
72	ltpgt	1	▲ new
73	ltpgtThe	1	▲ new
74	Russia	1	▲ new
75	Media	1	▲ new
76	Kaspersky	1	▲ new
77	Review	1	▲ new
78	Ransomware	1	- 0 (0%)
79	Router	1	▲ new
80	Ucraina	1	▲ new
81	Revenue	1	- 0 (0%)
82	WebMethods	1	▲ new
83	Operation	1	▼ -1 (-100%)
84	Integration	1	▲ new
85	Server	1	▲ new
86	Improper	1	▲ new
87	limitless	1	▲ new
88	Sorry	1	▲ new
89	Retail	1	▲ new
90	ZoomInfo	1	▲ new
91	h4rmsw4yX	1	▲ new
92	much	1	▲ new
93	federal	1	▲ new
94	Prisma	1	▲ new
95	DOGE	1	▲ new
96	OpenPanel	1	▲ new
97	vulnerable	1	▲ new
98	MikroTik	1	▲ new
99	realworld	1	▲ new
100	GeoVision	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
RAT		1 (20%)
Trojan		1 (20%)
njRAT		1 (20%)
NetWireRC		1 (20%)
Ransomware		1 (20%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
RCE		7 (38.9%)
Exploit		6 (33.3%)
Social Engineering		2 (11.1%)
Phishing		2 (11.1%)
Backdoor		1 (5.6%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		8 (21.1%)
Fortinet		8 (21.1%)
Government		3 (7.9%)
US		3 (7.9%)
United Kingdom		2 (5.3%)

Threat info

Last 5

SNS

(Total : 35)

Total keyword

United States Fortinet Update RCE attack Exploit VPN US Attacker Vulnerability CVE Report plugin target AnyDesk United Kingdom payment Indonesia Backdoor Social Engineering Router Ucraina Canada Spain Phishing Trend Micro Italy Africa Banking GitHub UK Supply chain Android India ...

No	Title	Date
1	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???????????? Alleged Access Sale – Argentinian Media Firm ($100M Revenue) A threat actor is allegedly selling AnyDesk access to a media company in Argentina with reported revenue over $100 million. ???? Country: Argentina ???? Industry: Media ???? Revenue: +$100M ???? Access type: AnyDesk ???? htt	2025.04.16
2	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???????????? Alleged RDP Access for Dutch Retail Firm – $5M+ ZoomInfo A cybercriminal is allegedly auctioning RDP access to a Netherlands-based retail company with over $5M in revenue and domain user privileges. ???? Country: Netherlands ???? Industry: Retail ???? Revenue: $5M+ (ZoomInfo) ???? htt	2025.04.16
3	BleepingComputer @BleepinComputer Lifetime access to 15 coding courses is down to $40 in this deal https://t.co/yl3OaMm5GE https://t.co/yl3OaMm5GE	2025.04.15
4	MalwareHunterTeam @malwrhunterteam @h4rmsw4yX Sorry, I not have much access (nor think I ever will as it would be too damaging for some it seems... ????‍♂️) to do limitless testings, so can't really tell. Maybe just start from all .hta files seen from Ukraine and if that gives too much FPs, try to filter more based on what easily	2025.04.15
5	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???? Alleged MikroTik Router Access for Sale (VPN / SOCKS5) A threat actor is allegedly selling access to MikroTik RouterOS v6.49.17 devices, enabling VPN tunneling and SOCKS5 proxies. ???? Supported protocols: PPTP, SSTP, L2TP, OVPN, IPsec, SOCKS5 ???? Pricing: $75–$100 per access https://t.co/kS	2025.04.14

News

(Total : 10)

Total keyword

Malware Update attack Software intelligence Government Password Email Exploit RCE Advertising Report Russia Kaspersky target Victim payment Trojan RAT Browser Cryptocurrency Phishing NetWireRC njRAT Ransomware Data Center Fortinet Social Engineering Criminal Vulnerability Attacker Operation CVE Palo Alto Networks Zero Trust Paloalto VPN DLP

No	Title	Date
1	“I sent you an email from your email account,” sextortion scam claims - Malware.News	2025.04.17
2	[remote] WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page - Exploit-DB.com	2025.04.16
3	User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says - Malware.News	2025.04.16
4	Year in Review: The biggest trends in ransomware - Malware.News	2025.04.15
5	Modernizing Federal Security with Prisma Access - Malware.News	2025.04.15

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says - Malware.News	2025.04.16
2	Modernizing Federal Security with Prisma Access - Malware.News	2025.04.15
3	Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit - The Hacker News	2025.04.12
4	An Operator’s Guide to Device-Joined Hosts and the PRT Cookie - Malware.News	2025.04.08
5	An Operator’s Guide to Device-Joined Hosts and the PRT Cookie - Malware.News	2025.04.08
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.