popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/29 04:45

First reported date: 2024/01/14
Inquiry period : 2025/03/30 04:45 ~ 2025/04/29 04:45 (1 months), 13 search results

전 기간대비 신규 트렌드를 보이고 있습니다.
악성코드 유형 Ransomware NetWireRC Clipbanker XMRig DslogdRAT Trojan Rhysida BlackSuit SectopRAT RATel 도 새롭게 확인됩니다.
공격자 UNC5221 도 새롭게 확인됩니다.
공격기술 Exploit Campaign hacking Backdoor Dropper Webshell RCE Remote Code Execution DDoS 도 새롭게 확인됩니다.
기관 및 기업 China Mandiant Google United States CISA Europe Government Japan Apple Check Point Germany India Cisco 도 새롭게 확인됩니다.
기타 ZeroDay Vulnerability Malware Update Ivanti 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/24 DslogdRAT Malware Installed in Ivanti Connect Secure
    ㆍ 2025/04/17 China-linked BRICKSTORM backdoor involved in Europe-targeted cyberespionage
    ㆍ 2025/04/16 Threat Intelligence Snapshot: Week 15, 2025

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1UNC5221 15 ▲ new
2China 13 ▲ new
3Exploit 9 ▲ new
4ZeroDay 9 ▲ new
5Vulnerability 8 ▲ new
6Malware 7 ▲ new
7Update 6 ▲ new
8Ivanti 6 ▲ new
9Mandiant 6 ▲ new
10Campaign 6 ▲ new
11Google 5 ▲ new
12Report 5 ▲ new
13VPN 5 ▲ new
14target 4 ▲ new
15hacking 4 ▲ new
16group 4 ▲ new
17UNC 3 ▲ new
18악용 3 ▲ new
19CVSS 3 ▲ new
20United States 3 ▲ new
21Ransomware 3 ▲ new
22공격 3 ▲ new
23CISA 3 ▲ new
24취약점 3 ▲ new
25intelligence 3 ▲ new
26Operation 3 ▲ new
27Backdoor 3 ▲ new
28cyberespionage 2 ▲ new
29Android 2 ▲ new
30Windows 2 ▲ new
31Dropper 2 ▲ new
32Connect 2 ▲ new
33Secure 2 ▲ new
34securityaffairs 2 ▲ new
35Webshell 2 ▲ new
36Europe 2 ▲ new
37NetWireRC 2 ▲ new
38Password 2 ▲ new
39Consumer 1 ▲ new
40Snapshot 1 ▲ new
41exploitation 1 ▲ new
42WinRAR 1 ▲ new
43Threat 1 ▲ new
44Clipbanker 1 ▲ new
45Government 1 ▲ new
46c&c 1 ▲ new
47BRICKSTORM 1 ▲ new
48MWNEWS 1 ▲ new
49Europetargeted 1 ▲ new
50XMRig 1 ▲ new
51Japan 1 ▲ new
52Advertising 1 ▲ new
53RCE 1 ▲ new
54attack 1 ▲ new
55DslogdRAT 1 ▲ new
56shell 1 ▲ new
57C2 1 ▲ new
58time 1 ▲ new
59Apple 1 ▲ new
60DarkWeb 1 ▲ new
61Check Point 1 ▲ new
62Linux 1 ▲ new
63CVE 1 ▲ new
64wild 1 ▲ new
65Chinalinked 1 ▲ new
66Chinabacked 1 ▲ new
67espionage 1 ▲ new
68Trojan 1 ▲ new
69Remote Code Execution 1 ▲ new
70Software 1 ▲ new
71Router 1 ▲ new
72DDoS 1 ▲ new
73버전 1 ▲ new
74Rhysida 1 ▲ new
75IoC 1 ▲ new
76ICS 1 ▲ new
77조직 1 ▲ new
78Cobalt Strike 1 ▲ new
79Victim 1 ▲ new
80Germany 1 ▲ new
81India 1 ▲ new
82BlackSuit 1 ▲ new
83SectopRAT 1 ▲ new
84Cisco 1 ▲ new
85RATel 1 ▲ new
86Proxy 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
3 (23.1%)
NetWireRC
2 (15.4%)
Clipbanker
1 (7.7%)
XMRig
1 (7.7%)
DslogdRAT
1 (7.7%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
UNC5221
15 (100%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
9 (31%)
Campaign
6 (20.7%)
hacking
4 (13.8%)
Backdoor
3 (10.3%)
Dropper
2 (6.9%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
China
13 (33.3%)
Mandiant
6 (15.4%)
Google
5 (12.8%)
United States
3 (7.7%)
CISA
3 (7.7%)
Threat info
Last 5

SNS

(Total : 4)
  Total keyword

unc5221 China ZeroDay Exploit hacking Mandiant CVSS Vulnerability Update Malware VPN

No Title Date
1Cyber_OSINT @Cyber_O51NT
Cyber-espionage group UNC5221, linked to China, has been exploiting vulnerabilities in Ivanti Connect Secure VPN appliances since 2023, showcasing their ability to weaponize zero-day exploits effectively. #CyberSecurity #UNC5221 https://t.co/wbslKlCshk		2025.04.18
2The Hacker News @TheHackersNews
???? New Ivanti ZERO-DAY exploited in the wild — China-linked UNC5221 hits Connect Secure (CVE-2025-22457, CVSS 9.0). ???? Exploits spotted mid-March by Mandiant. ????️‍♂️Malware: TRAILBLAZE, BRUSHFIRE, SPAWN. ???? Persistence. Credential theft. Data exfiltration. ⚡ Patch now | See full https://t.		2025.04.04
3Pierluigi Paganini - Security Affairs @securityaffairs
#China-linked group #UNC5221 exploited #Ivanti Connect Secure zero-day since mid-March https://t.co/J9u8W4FYPc #securityaffairs #hacking -		2025.04.04
4Pierluigi Paganini - Security Affairs @securityaffairs
#China-linked group #UNC5221 exploited #Ivanti Connect Secure zero-day since mid-March https://t.co/J9u8W4FYPc #securityaffairs #hacking		2025.04.03

News

(Total : 9)
  Total keyword

China UNC5221 Vulnerability Malware Campaign Google Report Mandiant Update ZeroDay Exploit target VPN Backdoor intelligence 취약점 CISA Operation Ransomware Attacker United States Android CVSS NetWireRC Windows Password Dropper Webshell Europe hacking Clipbanker WinRAR Government Japan c&c XMRig Advertising RCE attack DslogdRAT C2 Apple Check Point Router IoC Linux Remote Code Execution Trojan CVE Software Rhysida DDoS Cobalt Strike Victim Germany India BlackSuit DarkWeb SectopRAT Cisco RATel

No Title Date
1DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News2025.04.24
2China-linked BRICKSTORM backdoor involved in Europe-targeted cyberespionage - Malware.News2025.04.17
3Threat Intelligence Snapshot: Week 15, 2025 - Malware.News2025.04.16
47th April – Threat Intelligence Report - Malware.News2025.04.07
5이반티 방화벽 취약점 악용…중국 연계 해커 조직 ‘UNC5221’ 정교한 공격 감행 - 데일리시큐2025.04.06

Additional information

No Title Date
1DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News2025.04.24
2DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News2025.04.24
3Threat Intelligence Snapshot: Week 15, 2025 - Malware.News2025.04.16
47th April – Threat Intelligence Report - Malware.News2025.04.07
57th April – Threat Intelligence Report - Malware.News2025.04.07
View only the last 5
No data
No data
No data
No data
Beta Service, If you select keyword, you can check detailed information.