Cyber Threat Trends

Summary: 2025/05/07 15:58

First reported date: 2011/08/29
Inquiry period : 2025/04/07 15:58 ~ 2025/05/07 15:58 (1 months), 17 search results

전 기간대비 88% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 rdp Access Unidentified Windows 입니다.
공격자 Kimsuky 도 새롭게 확인됩니다.
공격기술 Campaign Exploit APT hacking Phishing 도 새롭게 확인됩니다.
기관 및 기업 Japan South Korea Europe Australia United Kingdom United States SECUI AhnLab UK Microsoft Government Russia Kaspersky US 도 새롭게 확인됩니다.
기타 Alleged Attack Sale BlueKeep securityaffairs 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/05/02 Windows-Log-in über RDP mit widerrufenen Passwörten möglich

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	rdp	17	▲ 15 (88%)
2	Alleged	9	▲ new
3	Access	9	▲ 8 (89%)
4	Campaign	5	▲ new
5	Attack	5	▲ new
6	Sale	5	▲ new
7	Japan	4	▲ new
8	South Korea	4	▲ new
9	BlueKeep	4	▲ new
10	Exploit	4	▲ new
11	APT	4	▲ new
12	hacking	4	▲ new
13	securityaffairs	4	▲ new
14	Kimsuky	4	▲ new
15	flaw	3	▲ new
16	Europe	2	▲ new
17	Unidentified	2	▲ 1 (50%)
18	Australia	2	▲ new
19	Windows	2	▲ 1 (50%)
20	Retail	2	▲ new
21	Domain	2	▲ new
22	United Kingdom	2	▲ new
23	United States	2	▲ new
24	Phishing	1	▲ new
25	AhnLabSecuInfo	1	▲ new
26	SECUI	1	▲ new
27	AhnLab	1	▲ new
28	Australian	1	▲ new
29	UK	1	▲ new
30	Corporate	1	▲ new
31	Microsoft	1	▲ new
32	mit	1	▲ new
33	widerrufenen	1	▲ new
34	WindowsLogin	1	▲ new
35	VPN	1	▲ new
36	Criminal	1	▲ new
37	Industry	1	▲ new
38	Dunkin	1	▲ new
39	GTIG	1	▲ new
40	novel	1	▲ new
41	Government	1	▲ new
42	Russia	1	▲ new
43	Kaspersky	1	▲ new
44	target	1	▲ new
45	Deep	1	▲ new
46	User	1	▲ new
47	Dive	1	▲ new
48	Techniques	1	▲ new
49	US	1	▲ new
50	Veterinary	1	▲ new
51	ZoomInfo	1	▲ new
52	espionage	1	▲ new
53	Multiple	1	▲ new
54	über	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

No data.

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Kimsuky		4 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		5 (27.8%)
Exploit		4 (22.2%)
APT		4 (22.2%)
hacking		4 (22.2%)
Phishing		1 (5.6%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Japan		4 (16.7%)
South Korea		4 (16.7%)
Europe		2 (8.3%)
Australia		2 (8.3%)
United Kingdom		2 (8.3%)

Threat info

Last 5

SNS

(Total : 16)

Total keyword

Attack Campaign Japan Exploit hacking BlueKeep APT Kimsuky South Korea United Kingdom United States Australia Europe SECUI AhnLab VPN UK Windows Phishing Government Russia Kaspersky target US Criminal

No	Title	Date
1	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????????????Alleged RDP Access for Sale to an Unidentified Swedish Law Firm https://t.co/digagWmXGG	2025.04.25
2	Pierluigi Paganini - Security Affairs @securityaffairs Kimsuky #APT exploited #BlueKeep #RDP flaw in attacks against South Korea and Japan https://t.co/haoPGoJHvf #securityaffairs #hacking	2025.04.23
3	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???????????? Alleged RDP Access – UK Corporate Targets A new auction listing advertises multiple RDP access offers across industrial and manufacturing sectors in the United Kingdom, featuring domain and local admin rights. ???? [UK – Industrial Machinery & Equipment] ???? Revenue: https:	2025.04.22
4	Pierluigi Paganini - Security Affairs @securityaffairs #Kimsuky #APT exploited #BlueKeep #RDP flaw in attacks against South Korea and Japan https://t.co/haoPGoJHvf #securityaffairs #hacking	2025.04.22
5	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????????????Alleged VPN + RDP Access for Sale of a Australian Business Services Firm A threat actor is auctioning off access to an Australian organization via VPN and RDP. The listing includes full domain access and over 150 connected endpoints. ???? [Australia – VPN + RDP, Domain User] https://t.	2025.04.21

News

(Total : 1)

Total keyword

Microsoft Windows

No	Title	Date
1	Windows-Log-in über RDP mit widerrufenen Passwörten möglich - IT Sicherheitsnews	2025.05.02

Additional information

No	Title	Date
1	GDPR vs. DPDP: A Guide for Businesses Navigating Global Data Privacy - Malware.News	2025.05.07
2	RSAC 2025 executive interview: BeyondTrust's Morey Haber - Malware.News	2025.05.07
3	Detection Response by tracing File Lineage with KQL Queries - Malware.News	2025.05.07
4	Recently Disclosed SureTriggers Critical Privilege Escalation Vulnerability Under Active Exploitation - Malware.News	2025.05.07
5	CSA: Cloud missteps fuel real-world breaches - Malware.News	2025.05.06
View only the last 5

No	Title	Date
1	Windows-Log-in über RDP mit widerrufenen Passwörten möglich - IT Sicherheitsnews	2025.05.02
2	RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable - The Hacker News	2025.02.28
3	Persistent Threats from the Kimsuky Group Using RDP Wrapper - Malware.News	2025.02.06
4	Persistent Threats from the Kimsuky Group Using RDP Wrapper - ASEC BLOG	2025.02.04
5	APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP - The Hacker News	2024.12.18
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://codeload.github.com/mr-r3b00t/RDP_Backdoor/zip/refs/heads/main backdoor powershell rdp	US	MICROSOFT-CORP-MSN-AS-BLOCK	JAMESWT_MHT	2021.08.22
2	https://github.com/mr-r3b00t/RDP_Backdoor/archive/refs/heads/main.zip backdoor powershell rdp	US	MICROSOFT-CORP-MSN-AS-BLOCK	JAMESWT_MHT	2021.08.22

Beta Service, If you select keyword, you can check detailed information.