Summary: 2025/04/28 20:38
First reported date: 2014/11/27
Inquiry period : 2025/04/27 20:38 ~ 2025/04/28 20:38 (1 days), 1 search results
지난 7일 기간대비 100% 높은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 MimiKatz Ransomware 입니다.
악성코드 유형 Phobos Crytox DYEPACK Black Basta CACTUS 도 새롭게 확인됩니다.
공격기술 Exploit Campaign Phishing Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 Cisco Microsoft United States 도 새롭게 확인됩니다.
기타 WMI Education Java Windows EDR 등 신규 키워드도 확인됩니다.
Varonis summarizes Mimikatz as an open-source application that allows users to view and save authentication credentials like Kerberos tickets. Benjamin Delpy continues to lead Mimikatz developments, so the toolset works with the current release of Windows and includes the most up-to-date attacks.
Attackers commonly use Mimikatz to steal credentials and escalate privileges: in most cases, endpoint protection software and anti-virus systems will detect and delete it. Conversely, pentesters use Mimikatz to detect and exploit vulnerabilities in your networks so you can fix them. Ref.
* 최근 뉴스기사 Top3:
ㆍ 2025/04/28 IR Trends Q1 2025: Phishing soars as identity-based attacks persist
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | Phobos | 1 | ▲ new |
| 2 | WMI | 1 | ▲ new |
| 3 | Education | 1 | ▲ new |
| 4 | Java | 1 | ▲ new |
| 5 | Exploit | 1 | ▲ new |
| 6 | Windows | 1 | ▲ new |
| 7 | Crytox | 1 | ▲ new |
| 8 | DYEPACK | 1 | ▲ new |
| 9 | Cisco | 1 | ▲ new |
| 10 | MimiKatz | 1 | ▲ 1 (100%) |
| 11 | EDR | 1 | ▲ new |
| 12 | MFA | 1 | ▲ new |
| 13 | Ransomware | 1 | ▲ 1 (100%) |
| 14 | Black Basta | 1 | ▲ new |
| 15 | CACTUS | 1 | ▲ new |
| 16 | Vulnerability | 1 | ▲ new |
| 17 | Microsoft | 1 | ▲ new |
| 18 | SMB | 1 | ▲ new |
| 19 | powershell | 1 | ▲ new |
| 20 | Victim | 1 | ▲ new |
| 21 | c&c | 1 | ▲ new |
| 22 | IoC | 1 | ▲ new |
| 23 | United States | 1 | ▲ new |
| 24 | Campaign | 1 | ▲ new |
| 25 | Report | 1 | ▲ new |
| 26 | Phishing | 1 | ▲ new |
| 27 | Social Engineering | 1 | ▲ new |
| 28 | Malware | 1 | ▲ new |
| 29 | Advertising | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Phobos |
|
1 (16.7%) |
| Crytox |
|
1 (16.7%) |
| DYEPACK |
|
1 (16.7%) |
| Ransomware |
|
1 (16.7%) |
| Black Basta |
|
1 (16.7%) |
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Exploit |
|
1 (25%) |
| Campaign |
|
1 (25%) |
| Phishing |
|
1 (25%) |
| Social Engineering |
|
1 (25%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| Cisco |
|
1 (33.3%) |
| Microsoft |
|
1 (33.3%) |
| United States |
|
1 (33.3%) |
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 1)Phobos WMI Education Java Exploit Windows Crytox DYEPACK Cisco MimiKatz EDR MFA Ransomware Black Basta CACTUS Vulnerability Microsoft SMB powershell Attacker Victim c&c IoC United States Campaign Report Phishing Social Engineering Malware Advertising
| No | Title | Date |
|---|---|---|
| 1 | IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News | 2025.04.28 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | 2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types - Malware.News | 2025.04.28 |
| 2 | Intel CEO Targets Change in Corporate Culture to Shape Up - Bloomberg Technology | 2025.04.28 |
| 3 | IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News | 2025.04.28 |
| 4 | Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News | 2025.04.28 |
| 5 | 28th April – Threat Intelligence Report - Malware.News | 2025.04.28 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News | 2025.04.28 |
| 2 | IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News | 2025.04.28 |
| 3 | Dark Web Profile: Flax Typhoon - Malware.News | 2025.04.18 |
| 4 | Dark Web Profile: Flax Typhoon - Malware.News | 2025.04.18 |
| 5 | Tomorrow, and tomorrow, and tomorrow: Information security and the Baseball Hall of Fame - Malware.News | 2025.03.21 |
| View only the last 5 | ||
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | http://rundl.0000o.xyz:88/mimi.dat ascii base64-loader Encoded mimikatz | DE  | NDA0E | 2025.04.25 | |
| 2 | http://176.65.138.20:88/mimi.dat ascii base64-loader Encoded mimikatz | DE | NDA0E | 2025.04.25 | |
| 3 | http://rundl.l0o01.com:88/mimi.dat ascii base64-loader Encoded mimikatz | DE | NDA0E | 2025.04.25 | |
| 4 | http://t.0000o.xyz:88/mimi.dat ascii base64-loader Encoded mimikatz | DE | NDA0E | 2025.04.25 | |
| 5 | https://gitlab.com/kalilinux/packages/mimikatz/-/raw/kali/master/x64/mimikatz.exe mimikatz | US  | CLOUDFLARENET | JAMESWT_WT | 2025.04.11 |
| View only the last 5 | |||||