popup

Cyber Threat Trends

  1. Day Month

conference CrowdStrike 북한

Summary: 2025/04/19 11:18

First reported date: 2014/05/24
Inquiry period : 2025/04/12 11:18 ~ 2025/04/19 11:18 (7 days), 14 search results

전 기간대비 29% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 File Vulnerability Malware RCE Update 입니다.
악성코드 유형 TONESHELL NetWireRC RAT 도 새롭게 확인됩니다.
공격기술 Backdoor 도 새롭게 확인됩니다.
기관 및 기업 China Government Zscaler Europe Fortinet Cisco 도 새롭게 확인됩니다.
기타 case FUD plugin intelligence ZeroDay 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia
    ㆍ 2025/04/17 6,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin
    ㆍ 2025/04/17 Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1File 14 ▲ 4 (29%)
2Vulnerability 6 ▲ 5 (83%)
3Malware 5 ▲ 1 (20%)
4RCE 5 ▲ 4 (80%)
5Update 5 ▲ 1 (20%)
6target 4 ▲ 2 (50%)
7Report 4 ▲ 2 (50%)
8Exploit 4 ▲ 2 (50%)
9Victim 3 ▲ 1 (33%)
10Advertising 3 ▲ 1 (33%)
11Arbitrary 3 ▲ 1 (33%)
12Windows 3 ▲ 1 (33%)
13Backdoor 2 ▲ new
14case 2 ▲ new
15China 2 ▲ new
16FUD 2 ▲ new
17United States 2 ▲ 1 (50%)
18IoC 2 - 0 (0%)
19c&c 2 - 0 (0%)
20plugin 2 ▲ new
21Government 2 ▲ new
22intelligence 2 ▲ new
23ZeroDay 2 ▲ new
24Operation 2 ▲ 1 (50%)
25CVE 2 ▲ new
26link 2 ▲ new
27Microsoft 2 ▼ -1 (-50%)
28WordPress 1 ▲ new
29Zscaler 1 ▲ new
30comment 1 ▲ new
31attack 1 ▼ -2 (-200%)
32Grabber 1 ▲ new
33Tool 1 - 0 (0%)
34BruteForce 1 ▲ new
35SSH 1 ▲ new
36MysterySnail 1 ▲ new
37version 1 ▲ new
38Cobalt Strike 1 ▲ new
39MUSTANG PANDA 1 ▲ new
40TONESHELL 1 ▲ new
41EDR 1 - 0 (0%)
42CVSS 1 ▲ new
43UNIX 1 ▲ new
44GitHub 1 - 0 (0%)
45WooCommerce 1 ▲ new
46hijack 1 ▼ -1 (-100%)
47Trojan 1 ▼ -2 (-200%)
48Europe 1 ▲ new
49keylogger 1 ▲ new
50C2 1 - 0 (0%)
51StarProxy 1 ▲ new
52server 1 ▲ new
53Wordfence 1 ▲ new
54OpenPanel 1 ▲ new
55NetWireRC 1 ▲ new
56RAT 1 ▲ new
57NortonLifeLock 1 ▲ new
58View 1 ▲ new
59Manager 1 ▲ new
60Fortinet 1 ▲ new
61FortiGate 1 ▲ new
62infected 1 ▲ new
63httpsanalytiwavecomapigetUrl 1 ▲ new
64folder 1 ▲ new
65TinyMCE 1 ▲ new
66CKEditor 1 ▲ new
67ThreatProtection 1 ▲ new
68Vite 1 ▲ new
69Download 1 - 0 (0%)
70Cisco 1 ▲ new
71Triggered 1 ▲ new
72Embedded 1 ▲ new
73Frames 1 ▲ new
74VT 1 ▲ new
75thorscanner 1 ▲ new
76NagVis 1 ▲ new
77Read 1 ▲ new
78webapps 1 - 0 (0%)
79Copy 1 ▲ new
80Kaspersky 1 ▼ -1 (-100%)
81Russia 1 - 0 (0%)
82Campaign 1 ▼ -5 (-500%)
83NetServicebat 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
TONESHELL
1 (25%)
Trojan
1 (25%)
NetWireRC
1 (25%)
RAT
1 (25%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
RCE
5 (38.5%)
Exploit
4 (30.8%)
Backdoor
2 (15.4%)
hijack
1 (7.7%)
Campaign
1 (7.7%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
China
2 (14.3%)
United States
2 (14.3%)
Government
2 (14.3%)
Microsoft
2 (14.3%)
Zscaler
1 (7.1%)
Threat info
Last 5

SNS

(Total : 6)
  Total keyword

Vulnerability RCE CVE ZeroDay Exploit

No Title Date
1Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???? SSH Brute-Force Tool with File Grabber & Host Enumeration Released A threat actor has published a Python-based SSH bruteforce/sprayer script that includes optional host enumeration and file-exfiltration functionality. ???? Language: Python 3.7+ ???? Modules used: asyncssh, https://t.co/7		2025.04.18
2MalwareHunterTeam @malwrhunterteam
"NetService.bat": 30658f37382d13571c5378aab6917ed640b2cf4eba8724472ce652c84aae07c2 Another case when the file is FUD on VT for the vendors, but there is @thor_scanner comment... and not only 1 comment, but 5 comments. ????‍♂️ https://t.co/D8WpUItVF6		2025.04.18
3MalwareHunterTeam @malwrhunterteam
"js-extracted-1.js": 41e2dc90681700bd5d4196f1d0ab0a3324e40cad95c4f9d2d66b9f2a666433cc Another case when there the file is FUD on VT for the vendors, but there is a @thor_scanner comment... ????‍♂️ Anyway, possible interesting find, @h4rmsw4yX... https://t.co/5Z8xJb5GWC https://t.co/p2BmyEJtps		2025.04.16
4Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???? Alleged 0day Exploit: Arbitrary File Upload in TinyMCE / CKEditor 5 A threat actor is allegedly offering a zero-day arbitrary file upload to RCE vulnerability affecting TinyMCE and CKEditor 5. ???? Not tied to any known CVE ???? Proof-of-Concept only available via escrow ???? https://t.co/Lzy		2025.04.15
5Threat Intelligence @threatintel
#ThreatProtection #CVE-2025-30208 - #Vite Arbitrary File Read #vulnerability, read more about Symantec's protection: https://t.co/thXYs1iOlO		2025.04.15

News

(Total : 8)
  Total keyword

Update Malware target Attacker Vulnerability Report Exploit Victim RCE Advertising Windows c&c intelligence China Operation IoC United States Backdoor Microsoft plugin Government Zscaler attack Cobalt Strike MUSTANG PANDA EDR TONESHELL UNIX GitHub hijack Trojan Europe C2 CVSS WordPress keylogger Campaign RAT Fortinet CVE ZeroDay NetWireRC Kaspersky Russia Cisco

No Title Date
1IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia - Malware.News2025.04.17
26,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin - Malware.News2025.04.17
3Latest Mustang Panda Arsenal: ToneShell and StarProxy | P1 - Malware.News2025.04.17
4[webapps] phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames - Exploit-DB.com2025.04.16
5[webapps] NagVis 1.9.33 - Arbitrary File Read - Exploit-DB.com2025.04.16

Additional information

No data
No data
No data
No data
Beta Service, If you select keyword, you can check detailed information.