Cyber Threat Trends

Summary: 2025/04/29 02:43

First reported date: 2014/05/07
Inquiry period : 2025/04/28 02:43 ~ 2025/04/29 02:43 (1 days), 3 search results

지난 7일 기간대비 67% 높은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Key Report Exploit detection triggered 입니다.
기관 및 기업 Fortinet 도 새롭게 확인됩니다.
기타 Malware Research Blog Threat Introduction 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/28 Navigating Through The Fog

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Key	3	▲ 2 (67%)
2	Report	2	▲ 2 (100%)
3	Malware	1	▲ new
4	Exploit	1	▲ 1 (100%)
5	detection	1	▲ 1 (100%)
6	triggered	1	▲ 1 (100%)
7	incident	1	▲ 1 (100%)
8	real	1	▲ 1 (100%)
9	Research	1	▲ new
10	Blog	1	▲ new
11	Fortinet	1	▲ new
12	Threat	1	▲ new
13	Introduction	1	▲ new
14	Takeaways	1	▲ new
15	MWNEWS	1	▲ new
16	Fog	1	▲ new
17	attack	1	▲ 1 (100%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

No data.

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		1 (100%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Fortinet		1 (100%)

Threat info

Last 5

SNS

(Total : 2)

Total keyword

Fortinet Report Exploit Attacker attack

No	Title	Date
1	Kimberly @StopMalvertisin Fortinet Threat Research Blog \| Key Takeaways from the 2025 Global Threat Landscape Report https://t.co/mfbbBPqhlN	2025.04.28
2	Kaspersky @kaspersky Behind the attacks: breaking down real incident tactics & key detections in 2024 From exploited gaps to the most triggered detection rules, we’re unpacking how attackers operated in 2024—and what your defenses need to stop them. Swipe through ⬇️ #Cybersecurity https://t.co/HAAGQLcmVa	2025.04.28

News

(Total : 1)

Total keyword

Malware Report

No	Title	Date
1	Navigating Through The Fog - Malware.News	2025.04.28

Additional information

No	Title	Date
1	FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023 - Malware.News	2025.04.29
2	US intensifies Salt Typhoon crackdown with public info request - Malware.News	2025.04.29
3	Trump moves threaten US cyber defenses, says former CISA director Easterly - Malware.News	2025.04.29
4	Escalating attacks against Ivanti VPN appliances expected - Malware.News	2025.04.29
5	Critical Planet Technology switch vulnerabilities pose total takeover risk - Malware.News	2025.04.29
View only the last 5

No	Title	Date
1	10 key numbers from the 2024 FBI IC3 report - CyberScoop	2025.04.24
2	Malware and cryptography 41 - encrypt/decrypt payload via TEA. Simple Nim example - Malware.News	2025.04.10
3	The SQL Server Crypto Detour - Malware.News	2025.04.09
4	The SQL Server Crypto Detour - Malware.News	2025.04.09
5	SnakeKeylogger: A Multistage Info Stealer Malware Campaign - Malware.News	2025.03.25
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	bild6.exe RedLine stealer[m] PWS .NET framework RAT Generic Malware Downloader UPX Malicious Library Antivirus Confuser .NET Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP Key	21eab81729333b160786a2de1b1e621d	41093	2023.05.15
2	HalogenSySCheck.exe RedLine stealer[m] RAT PWS .NET framework Generic Malware Downloader UPX Malicious Library Antivirus Confuser .NET Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP Key	ee0da89ff62475fe63a8cd12c7134c5e	41076	2023.05.14

Level	Description
danger	File has been identified by 52 AntiVirus engines on VirusTotal as malicious
warning	Generates some ICMP traffic
watch	Appends a known multi-family ransomware file extension to files that have been encrypted
watch	Attempts to access Bitcoin/ALTCoin wallets
watch	Attempts to create or modify system certificates
watch	Collects information about installed applications
watch	Communicates with host for which no DNS query was performed
watch	Installs itself for autorun at Windows startup
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
notice	A process created a hidden window
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Checks adapter addresses which can be used to detect virtual network interfaces
notice	Checks for the Locally Unique Identifier on the system for a suspicious privilege
notice	Creates a shortcut to an executable file
notice	Creates a suspicious process
notice	Creates executable files on the filesystem
notice	Drops a binary and executes it
notice	Drops an executable to the user AppData folder
notice	HTTP traffic contains suspicious features which may be indicative of malware related traffic
notice	Looks up the external IP address
notice	One or more potentially interesting buffers were extracted
notice	Performs some HTTP requests
notice	Queries for potentially installed applications
notice	Steals private information from local Internet browsers
notice	Uses Windows utilities for basic Windows functionality
notice	Yara rule detected in process memory
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	Collects information to fingerprint the system (MachineGuid
info	Command line console output was observed
info	One or more processes crashed
info	Queries for the computername
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)
info	Tries to locate where the browsers are installed
info	Uses Windows APIs to generate a cryptographic key
Network	ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
Network	ET HUNTING Telegram API Domain in DNS Lookup
Network	ET INFO TLS Handshake Failure
Network	ET POLICY External IP Lookup ip-api.com
Network	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

No data

Beta Service, If you select keyword, you can check detailed information.