popup

Cyber Threat Trends

  1. Week Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 01:41

Inquiry period : 2025/04/27 01:41 ~ 2025/04/28 01:41 (1 days), 94 search results


지난 7일 기간대비 상승한 Top5 연관 키워드는 breach Password Rhysida Storm Next 입니다.
공격기술 MalSpam 도 새롭게 확인됩니다.
기타 MDB Bankas late Somebody malspamming 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says
    ㆍ 2025/04/28 Cluely: Wie eine Schummel-KI zwei Studenten erst aus der Uni warf – und dann reich machte
    ㆍ 2025/04/28 Überwachung per KI-Persona: US-Polizei jagt Kriminelle mit virtuellen Lockvögeln

Trend graph by period

Total number of trend targets


Related keyword cloud
Top 100
# Trend Count Comparison
1Alert 15 ▼ -2 (-13%)
2Ransomware 9 ▼ -14 (-156%)
3target 8 ▼ -13 (-163%)
4Victim 8 ▼ -8 (-100%)
5Report 7 ▼ -21 (-300%)
6Software 7 ▼ -10 (-143%)
7breach 5 ▲ 1 (20%)
8Alleged 5 ▼ -3 (-60%)
9Password 4 ▲ 1 (25%)
10data 4 ▼ -1 (-25%)
11hacking 4 ▼ -7 (-175%)
12Exploit 4 ▼ -11 (-275%)
13Microsoft 4 ▼ -9 (-225%)
14Education 4 ▼ -6 (-150%)
15DDoS 4 ▼ -4 (-100%)
16intelligence 4 ▼ -8 (-200%)
17ChatGPT 3 - 0 (0%)
18securityaffairs 3 ▼ -2 (-67%)
19Rhysida 3 ▲ 2 (67%)
20MDB 3 ▲ new
21Operation 3 ▼ -6 (-200%)
22c&c 3 ▼ -2 (-67%)
23United States 3 ▼ -16 (-533%)
24Storm 3 ▲ 1 (33%)
25Email 3 ▼ -5 (-167%)
26Campaign 3 ▼ -13 (-433%)
27Government 3 ▼ -3 (-100%)
28threat 3 ▼ -4 (-133%)
29attack 3 ▼ -25 (-833%)
30Next 3 ▲ 2 (67%)
31Vulnerability 3 ▼ -10 (-333%)
32Cryptocurrency Miner 3 ▲ 2 (67%)
33Malware 3 ▼ -46 (-1533%)
34MTN 2 ▲ 2 (100%)
35Lazarus 2 ▼ -1 (-50%)
36MalSpam 2 ▲ new
37NetWireRC 2 ▼ -3 (-150%)
38last 2 ▼ -2 (-100%)
39name 2 ▲ 2 (100%)
40Bankas 2 ▲ new
41late 2 ▲ new
42Somebody 2 ▲ new
43malspamming 2 ▲ new
44Version 2 ▲ 1 (50%)
45website 2 - 0 (0%)
46Beogradska 2 ▲ new
47India 2 ▼ -2 (-100%)
48Windows 2 ▼ -5 (-250%)
49Italy 2 ▲ 1 (50%)
50taegliche 2 ▼ -2 (-100%)
51Sicherheitsnews 2 ▼ -2 (-100%)
52Actor 2 ▲ 1 (50%)
53Leak 2 ▲ 1 (50%)
54ZeroDay 2 ▼ -2 (-100%)
55RCE 2 ▼ -10 (-500%)
56group 2 ▼ -2 (-100%)
57Zusammenfassung 2 ▼ -2 (-100%)
58NEWSLETTER 2 ▲ 2 (100%)
59ROUND 2 ▲ 2 (100%)
60Project 2 ▲ 2 (100%)
61CVE 2 ▼ -1 (-50%)
62Sale 2 ▼ -2 (-100%)
63image 2 ▲ 1 (50%)
64SAP 2 - 0 (0%)
65Überwachung 2 ▲ new
66OSINT 2 ▲ 2 (100%)
67AI 2 ▼ -8 (-400%)
68Srl 2 ▲ 2 (100%)
69MTrends 2 ▲ 1 (50%)
70Germany 2 ▼ -2 (-100%)
71multiple 2 - 0 (0%)
72VBScript 2 ▲ new
73access 2 ▼ -3 (-150%)
74keymous 2 ▲ 2 (100%)
75Phishing 2 ▼ -8 (-400%)
76Rhysida Ransomware 2 ▲ 2 (100%)
77stage 2 ▲ 1 (50%)
78Kriminelle 1 ▲ new
79Alliance 1 ▼ -1 (-100%)
80Investigations 1 ▲ new
81httpstcoR 1 ▲ 1 (100%)
82AzureChecker 1 ▲ new
83VBS 1 ▲ new
84Intercorp 1 ▲ new
85jagt 1 ▲ new
86Grupo 1 ▲ new
87Hacktivist 1 ▼ -1 (-100%)
88Hits 1 ▲ new
89low 1 - 0 (0%)
90Inteid 1 ▲ new
91httpstcoNnTgzge 1 ▲ new
92httpstcoue 1 ▲ new
93行业凋零 1 ▲ new
94full 1 - 0 (0%)
95von 1 ▼ -3 (-300%)
96Gefahrstofflager 1 ▲ new
97Digitale 1 ▲ 1 (100%)
98Kali 1 ▲ 1 (100%)
99GhostRAT 1 ▲ new
100KIPersona 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
9 (39.1%)
Rhysida
3 (13%)
Cryptocurrency Miner
3 (13%)
NetWireRC
2 (8.7%)
Rhysida Ransomware
2 (8.7%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Lazarus
2 (100%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
hacking
4 (16%)
Exploit
4 (16%)
DDoS
4 (16%)
Campaign
3 (12%)
MalSpam
2 (8%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Microsoft
4 (14.3%)
United States
3 (10.7%)
Government
3 (10.7%)
India
2 (7.1%)
Italy
2 (7.1%)
Malware Type
Top 5

Detailed trend analysis by malware type.

Threat info
Last 5

SNS

(Total : 68)
  Total keyword

Ransomware Victim target Report Exploit DDoS hacking c&c Rhysida Password Email MalSpam Operation Germany OSINT attack Vulnerability CVE Education Cryptocurrency Miner Microsoft NetWireRC Government Italy Software Campaign Rhysida Ransomware Phishing Cobalt Strike MUSTANG PANDA TONESHELL Malware hijack njRAT C2 ...United States CISA Lazarus Advertising Spear Phishing RCE CVSS ZeroDay APT France lummastealer Lumma Stealer Africa opendir United Kingdom DarkWeb ThreatMon intelligence VBScript Open Directory Twitter Windows India

1Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
eXch has been removed from the DWI platform and DarkWatchCTI repository. Reason: Shut down. https://exch.cx http://hszyoqwrcp7cxlxnqmovp6vjvmnwj33g4wviuxqzq47emieaxjaperyd.onion https://t.co/u0nRCsY3I0		2025.04.27
2SarlackLab @SarlackLab
#njrat #C2 server 94.26.90.81:6666 confirmed 2025-04-26		2025.04.27
3FalconFeeds.io @FalconFeedsio
???? Data Breach Alert: Albert Heijn ???????? ???? A threat actor claims to be selling a database from Albert Heijn (https://t.co/JGPPauhkDQ), exposing 135,000 customer records. The leaked data includes names, addresses, emails, phone numbers, dates of birth, and bank account numbers https://t.co/w		2025.04.27
4FalconFeeds.io @FalconFeedsio
???? RALord Ransomware Alert ???? Diallog Telecommunications Corp ???????? ???? Diallog Telecommunications (https://t.co/WssYKmHKnh), a Canadian telecom company offering residential and business solutions, has fallen victim to RALord ransomware. ???? Key Details: ???? Threat Actor: RALord https		2025.04.27
5FalconFeeds.io @FalconFeedsio
???? DDoS Alert???? Mr Hamza claims to have targeted the website of French Ministry of the Interior's platforms ???????? - The French Ministry of the Interior's security, fire, and rescue service platform. - The electronic platform of the General Directorate of Civil Security and https://t.co/la		2025.04.27

News

(Total : 26)
  Total keyword

Software ChatGPT intelligence Microsoft Education Malware United States iPhone Apple India Linux Saudi Arabia VBS 윈도우 Report China VBScript Windows Government Kali 업무 협약 취약점 RCE ZeroDay Update Vulnerability ...Password attack Cryptocurrency Miner hacking Lazarus Kaspersky Campaign North Korea South Korea Operation 한국

1Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology2025.04.28
2Überwachung per KI-Persona: US-Polizei jagt Kriminelle mit virtuellen Lockvögeln - IT Sicherheitsnews2025.04.28
3Cluely: Wie eine Schummel-KI zwei Studenten erst aus der Uni warf – und dann reich machte - IT Sicherheitsnews2025.04.28
4윈도우 11 보안 기능 VBS Enclaves가 일부 시스템에서 더 이상 사용되지 않음 - Malware.News2025.04.28
5VESC Mods Made Via Vibe Coding - Hackaday2025.04.27

Additional information

No Title Date
1Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology2025.04.28
2Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News2025.04.26
3Threat Hunting: For what, when, and how? - Malware.News2025.04.26
4Detection Engineering Fundamentals: What makes a good alert? - Malware.News2025.04.26
5What is the xBOM? - Malware.News2025.04.26
View only the last 5
Level Description
watch File has been identified by 11 AntiVirus engines on VirusTotal as malicious
notice Allocates read-write-execute memory (usually to unpack itself)
notice Checks for the Locally Unique Identifier on the system for a suspicious privilege
notice Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation
info Checks amount of memory in system
info Checks if process is being debugged by a debugger
info Queries for the computername
No Category URL CC ASN Co Date
1malicioushttps://u1.pridefulamaretto.digital/US US2025.04.26
2malicioushttps://u1.putdownpopcorn.digital/US USCLOUDFLARENET2025.04.24
3c2https://yiug.outfit.dianamercer.com/orderReviewUS USPONYNET2025.04.24
4malicioushttps://s1.flammablegrunt.site/hpkekeyconfig.txtUS US2025.04.24
5malicioushttps://roaminghere.fly.storage.tigris.dev/passinggateforward.htmlCA CACOGENT-1742025.04.24
View only the last 5
No URL CC ASN Co Reporter Date
1http://219.157.16.230:36250/bin.sh
32-bit elf mips Mozi 		CN CNCHINA UNICOM China169 Backbonegeenensp2025.04.28
2http://117.235.123.37:41007/bin.sh
32-bit elf mips Mozi 		IN INNational Internet Backbonegeenensp2025.04.28
3http://59.97.178.146:59753/i
32-bit elf mips Mozi 		IN INNational Internet Backbonegeenensp2025.04.28
4http://117.196.160.171:37542/bin.sh
32-bit elf mips Mozi 		IN INNational Internet Backbonegeenensp2025.04.28
5http://221.15.196.124:52993/bin.sh
32-bit elf mips Mozi 		CN CNCHINA UNICOM China169 Backbonegeenensp2025.04.28
View only the last 5
Beta Service, If you select keyword, you can check detailed information.