Cyber Threat Trends

Summary: 2025/04/29 00:28

First reported date: 2014/10/28
Inquiry period : 2025/04/22 00:28 ~ 2025/04/29 00:28 (7 days), 21 search results

전 기간대비 52% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 MFA Malware Phishing Microsoft attack 입니다.
악성코드 유형 CACTUS CoreDN Crytox Cryptocurrency Miner Vawtrak Phobos Black Basta DYEPACK FormBook 도 새롭게 확인됩니다.
공격자 Storm-1977 도 새롭게 확인됩니다.
공격기술 Stealer 도 새롭게 확인됩니다.
기관 및 기업 Mandiant Russia Kaspersky CyberArk Zscaler 도 새롭게 확인됩니다.
기타 ZeroDay breach NHIs Cryptocurrency Office 등 신규 키워드도 확인됩니다.

웹사이트, 애플리케이션 또는 리소스에 대한 액세스 권한을 부여받기 위해 사용자가 적어도 두 가지 이상의 확인 요소를 제공해야 하는 인증 방법

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 Zero Trust Best Practices for Enterprises and Small Businesses
    ㆍ 2025/04/28 IR Trends Q1 2025: Phishing soars as identity-based attacks persist
    ㆍ 2025/04/26 Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	MFA	21	▲ 11 (52%)
2	Malware	10	▲ 4 (40%)
3	Phishing	10	▲ 8 (80%)
4	Microsoft	9	▲ 7 (78%)
5	attack	9	▲ 6 (67%)
6	Campaign	8	▲ 4 (50%)
7	Report	7	▲ 4 (57%)
8	Exploit	7	▲ 3 (43%)
9	Update	5	▲ 1 (20%)
10	Browser	5	▲ 2 (40%)
11	Victim	5	▲ 2 (40%)
12	target	5	▲ 2 (40%)
13	Education	5	▲ 2 (40%)
14	Vulnerability	5	▲ 2 (40%)
15	Email	5	▲ 3 (60%)
16	Google	4	▲ 2 (50%)
17	Advertising	4	▲ 1 (25%)
18	RCE	4	▼ -2 (-50%)
19	Ransomware	4	▲ 3 (75%)
20	United States	4	▼ -2 (-50%)
21	Password	4	▲ 3 (75%)
22	Windows	4	▲ 1 (25%)
23	intelligence	3	▲ 1 (33%)
24	Zero Trust	3	▲ 2 (67%)
25	Social Engineering	3	▲ 2 (67%)
26	Operation	3	▲ 2 (67%)
27	hijack	3	▲ 2 (67%)
28	IoC	3	▲ 1 (33%)
29	ZeroDay	3	▲ new
30	powershell	2	▲ 1 (50%)
31	CACTUS	2	▲ new
32	Cisco	2	- 0 (0%)
33	RATel	2	▲ 1 (50%)
34	breach	2	▲ new
35	NHIs	2	▲ new
36	Mandiant	2	▲ new
37	Cryptocurrency	2	▲ new
38	Office	2	▲ new
39	SessionShark	2	▲ new
40	EDR	2	▲ 1 (50%)
41	Government	2	▲ 1 (50%)
42	access	2	▲ 1 (50%)
43	China	2	▼ -1 (-50%)
44	time	2	▲ new
45	c&c	2	- 0 (0%)
46	Review	2	▲ new
47	Russia	2	▲ new
48	Stealer	2	▲ new
49	Attacks	2	▲ new
50	Software	2	▲ 1 (50%)
51	Threat	2	- 0 (0%)
52	Kaspersky	2	▲ new
53	Takedown	2	▲ new
54	THD	1	▲ new
55	kit	1	▲ new
56	der	1	▲ new
57	Java	1	- 0 (0%)
58	Storm-1977	1	▲ new
59	Backdoor	1	- 0 (0%)
60	Zero	1	- 0 (0%)
61	LinkedIn	1	▲ new
62	Linux	1	- 0 (0%)
63	Twitter	1	▲ new
64	die	1	▲ new
65	CyberArk	1	▲ new
66	CoreDN	1	▲ new
67	Crytox	1	▲ new
68	Sicherheitsmanagement	1	▲ new
69	Cryptocurrency Miner	1	▲ new
70	DDoS	1	▼ -1 (-100%)
71	sicher	1	▲ new
72	Malicious Traffic	1	▲ new
73	Vawtrak	1	▲ new
74	Zscaler	1	▲ new
75	cloud	1	▲ new
76	httpstcoMfa	1	▲ new
77	fake	1	▲ new
78	WooCommerce	1	▲ new
79	Phobos	1	▲ new
80	SMB	1	▲ new
81	MWNEWS	1	▲ new
82	WMI	1	▲ new
83	Fix	1	▲ new
84	Black Basta	1	▲ new
85	Criminal	1	- 0 (0%)
86	Blind	1	▲ new
87	Dangerous	1	▲ new
88	MimiKatz	1	- 0 (0%)
89	Are	1	▲ new
90	AIpowered	1	▲ new
91	AI	1	▲ new
92	payment	1	▲ new
93	DYEPACK	1	▲ new
94	DLP	1	▲ new
95	control	1	▲ new
96	Ch	1	▲ new
97	MTrends	1	▲ new
98	PDB	1	▲ new
99	FormBook	1	▲ new
100	PushSecurity	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		4 (21.1%)
CACTUS		2 (10.5%)
RATel		2 (10.5%)
CoreDN		1 (5.3%)
Crytox		1 (5.3%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Storm-1977		1 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Phishing		10 (25.6%)
Campaign		8 (20.5%)
Exploit		7 (17.9%)
RCE		4 (10.3%)
Social Engineering		3 (7.7%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Microsoft		9 (27.3%)
Google		4 (12.1%)
United States		4 (12.1%)
Cisco		2 (6.1%)
Mandiant		2 (6.1%)

Threat info

Last 5

SNS

(Total : 8)

Total keyword

MFA attack Phishing Browser Microsoft hijack Email Report China RCE target ZeroDay Exploit Software Attacks Windows Varonis Stealer Attacker Password Update

No	Title	Date
1	BleepingComputer @BleepinComputer WooCommerce admins targeted by fake security patches that hijack sites - @billtoulas https://t.co/Mfa5hWpjij https://t.co/Mfa5hWpjij	2025.04.26
2	The Hacker News @TheHackersNews ???? Machines are talking. And they hold the keys. 70% of leaked secrets still work. NHIs outnumber humans 100:1 — no MFA, no alerts, no control. Most teams don’t know where these secrets are, or who’s using them. ???? Time to find the risks. Fix them. Before it’s too late. See https://t.co/fuXX	2025.04.25
3	Cyber_OSINT @Cyber_O51NT Experts report that the new SessionShark phishing kit can bypass Office 365 MFA by stealing session tokens, leading to real-time attacks through fake interfaces. #CyberSecurity #Phishing https://t.co/TVZ8SluhHT	2025.04.24
4	The Hacker News @TheHackersNews ???? Phishing isn't just an email problem anymore! 2025's #1 breach method? Identity attacks — phishing + stolen creds now top software exploits. MFA? Often bypassed. Detection? Too slow. Real-time browser-based defense is the future. Stop attacks before passwords are stolen. https://t.co/UvXnWzPF	2025.04.23
5	BleepingComputer @BleepinComputer ⚠️ Phishing attacks now evade email filters and MFA — making attacks almost feel like a zero-day. This article from @PushSecurity breaks down why detection is failing and how in-browser analysis can turn the tide. ???? Read more: https://t.co/HIMSIqgoCS #cybersecurity #sponsored	2025.04.23

News

(Total : 13)

Total keyword

MFA Malware Attacker Campaign Microsoft Exploit Phishing Report Education Victim attack Vulnerability target United States Update Advertising Google Ransomware RCE Password Operation Social Engineering IoC Email intelligence Zero Trust Windows EDR RATel Browser Government ZeroDay Cryptocurrency Mandiant Cisco Kaspersky CACTUS powershell c&c Takedown Russia LinkedIn Twitter Linux DYEPACK Crytox CyberArk Java Software CoreDN MimiKatz Malicious Traffic Cryptocurrency Miner DDoS Backdoor Zscaler hijack Phobos Black Basta SMB WMI payment DLP Vawtrak Criminal Storm-1977 Recorded Future Forensics QRadar Security Suite Vidar FormBook RMS schtasks PDB Watchdog AgentTesla Cobalt Strike Attacks ...

No	Title	Date
1	Zero Trust Best Practices for Enterprises and Small Businesses - Malware.News	2025.04.28
2	IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News	2025.04.28
3	Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit - Malware.News	2025.04.26
4	Why NHIs Are Security's Most Dangerous Blind Spot - The Hacker News	2025.04.25
5	Beyond the Inbox: ThreatLabz 2025 Phishing Report Reveals How Phishing Is Evolving in the Age of GenAI - Malware.News	2025.04.25

Additional information

No	Title	Date
1	Employee monitoring app exposes users, leaks 21+ million screenshots - Malware.News	2025.04.28
2	Introducing XSIAM 3.0 - Malware.News	2025.04.28
3	Deploy Bravely with Prisma AIRS - Malware.News	2025.04.28
4	2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types - Malware.News	2025.04.28
5	Intel CEO Targets Change in Corporate Culture to Shape Up - Bloomberg Technology	2025.04.28
View only the last 5

No	Title	Date
1	IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News	2025.04.28
2	IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News	2025.04.28
3	Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit - Malware.News	2025.04.26
4	Beyond the Inbox: ThreatLabz 2025 Phishing Report Reveals How Phishing Is Evolving in the Age of GenAI - Malware.News	2025.04.25
5	Beyond the Inbox: ThreatLabz 2025 Phishing Report Reveals How Phishing Is Evolving in the Age of GenAI - Malware.News	2025.04.25
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.