Summary: 2025/04/29 00:11
First reported date: 2014/10/24
Inquiry period : 2025/03/30 00:11 ~ 2025/04/29 00:11 (1 months), 3 search results
전 기간대비 33% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 APT28 Malware Phishing Report Campaign 입니다.
악성코드 유형 LockBit Black Basta 도 새롭게 확인됩니다.
공격자 Sandworm LOTUS PANDA Lazarus OilRig 도 새롭게 확인됩니다.
공격기술 Exploit MalSpam RCE 도 새롭게 확인됩니다.
기관 및 기업 Government Ucraina United States Europe Australia Türkiye Check Point 도 새롭게 확인됩니다.
기타 Operation Update Vulnerability Windows attack 등 신규 키워드도 확인됩니다.
The Sofacy Group (also known as APT28, Pawn Storm, Fancy Bear and Sednit) is a cyber espionage group believed to have ties to the Russian government. Likely operating since 2007, the group is known to target government, military, and security organization
* 최근 뉴스기사 Top3:
ㆍ 2025/04/23 ATT&CK v17: New Platform (ESXi), Collection Optimization, & More Countermeasures
ㆍ 2025/04/19 Phishing campaigns abuse Windows NTLM hash leak bug
ㆍ 2025/04/16 CVE-2025-24054, NTLM Exploit in the Wild
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | APT28 | 3 | ▲ 1 (33%) |
| 2 | Malware | 3 | ▲ 2 (67%) |
| 3 | Phishing | 3 | ▲ 2 (67%) |
| 4 | Report | 3 | ▲ 2 (67%) |
| 5 | Campaign | 3 | ▲ 2 (67%) |
| 6 | Operation | 2 | ▲ new |
| 7 | Exploit | 2 | ▲ new |
| 8 | Update | 2 | ▲ new |
| 9 | Vulnerability | 2 | ▲ new |
| 10 | Windows | 2 | ▲ new |
| 11 | attack | 2 | ▲ new |
| 12 | Government | 2 | ▲ new |
| 13 | Victim | 2 | ▲ 1 (50%) |
| 14 | Russia | 2 | ▲ 1 (50%) |
| 15 | Ucraina | 2 | ▲ new |
| 16 | Kaspersky | 2 | ▲ 1 (50%) |
| 17 | Sandworm | 1 | ▲ new |
| 18 | RedEcho | 1 | ▲ new |
| 19 | Kimsuky | 1 | - 0 (0%) |
| 20 | LOTUS PANDA | 1 | ▲ new |
| 21 | APT41 | 1 | ▲ new |
| 22 | Android | 1 | ▲ new |
| 23 | Sea Turtle | 1 | ▲ new |
| 24 | Lazarus | 1 | ▲ new |
| 25 | LockBit | 1 | ▲ new |
| 26 | Social Engineering | 1 | - 0 (0%) |
| 27 | NetWireRC | 1 | - 0 (0%) |
| 28 | United States | 1 | ▲ new |
| 29 | powershell | 1 | - 0 (0%) |
| 30 | Distribution | 1 | ▲ new |
| 31 | VMware | 1 | ▲ new |
| 32 | Black Basta | 1 | ▲ new |
| 33 | OilRig | 1 | ▲ new |
| 34 | Europe | 1 | ▲ new |
| 35 | Cobalt Strike | 1 | ▲ new |
| 36 | Browser | 1 | ▲ new |
| 37 | SMB | 1 | ▲ new |
| 38 | Microsoft | 1 | - 0 (0%) |
| 39 | Australia | 1 | ▲ new |
| 40 | Türkiye | 1 | ▲ new |
| 41 | Check Point | 1 | ▲ new |
| 42 | GitHub | 1 | ▲ new |
| 43 | ZeroDay | 1 | ▲ new |
| 44 | MalSpam | 1 | ▲ new |
| 45 | Mar | 1 | ▲ new |
| 46 | Advertising | 1 | ▲ new |
| 47 | 1 | ▲ new | |
| 48 | RCE | 1 | ▲ new |
| 49 | target | 1 | ▲ new |
| 50 | NTLM | 1 | ▲ new |
| 51 | hash | 1 | ▲ new |
| 52 | leak | 1 | ▲ new |
| 53 | North K | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| LockBit |
|
1 (33.3%) |
| NetWireRC |
|
1 (33.3%) |
| Black Basta |
|
1 (33.3%) |
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|---|---|
| APT28 |
|
3 (37.5%) |
| Sandworm |
|
1 (12.5%) |
| Kimsuky |
|
1 (12.5%) |
| LOTUS PANDA |
|
1 (12.5%) |
| Lazarus |
|
1 (12.5%) |
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Phishing |
|
3 (27.3%) |
| Campaign |
|
3 (27.3%) |
| Exploit |
|
2 (18.2%) |
| Social Engineering |
|
1 (9.1%) |
| MalSpam |
|
1 (9.1%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| Government |
|
2 (14.3%) |
| Russia |
|
2 (14.3%) |
| Ucraina |
|
2 (14.3%) |
| Kaspersky |
|
2 (14.3%) |
| United States |
|
1 (7.1%) |
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 3)APT28 Malware Phishing Report Campaign Operation Exploit Update Vulnerability Windows attack Government Attacker Victim Russia Ucraina Kaspersky Sandworm RedEcho Kimsuky LOTUS PANDA APT41 Android Sea Turtle Lazarus LockBit Social Engineering NetWireRC United States powershell Distribution VMware Black Basta OilRig Europe Cobalt Strike Browser SMB Microsoft Australia Türkiye Check Point GitHub ZeroDay MalSpam Advertising Email RCE target
| No | Title | Date |
|---|---|---|
| 1 | ATT&CK v17: New Platform (ESXi), Collection Optimization, & More Countermeasures - Malware.News | 2025.04.23 |
| 2 | Phishing campaigns abuse Windows NTLM hash leak bug - Malware.News | 2025.04.19 |
| 3 | CVE-2025-24054, NTLM Exploit in the Wild - Malware.News | 2025.04.16 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Employee monitoring app exposes users, leaks 21+ million screenshots - Malware.News | 2025.04.28 |
| 2 | Introducing XSIAM 3.0 - Malware.News | 2025.04.28 |
| 3 | Deploy Bravely with Prisma AIRS - Malware.News | 2025.04.28 |
| 4 | 2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types - Malware.News | 2025.04.28 |
| 5 | Intel CEO Targets Change in Corporate Culture to Shape Up - Bloomberg Technology | 2025.04.28 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Phishing campaigns abuse Windows NTLM hash leak bug - Malware.News | 2025.04.19 |
| 2 | CVE-2025-24054, NTLM Exploit in the Wild - Malware.News | 2025.04.16 |
| 3 | CVE-2025-24054, NTLM Exploit in the Wild - Malware.News | 2025.04.16 |
| 4 | CVE-2025-24054, NTLM Exploit in the Wild - Malware.News | 2025.04.16 |
| 5 | ClickFix: Another Deceptive Social Engineering Technique - Malware.News | 2025.03.28 |
| View only the last 5 | ||