Threat Reports

This analysis report details the overall attack pattern for Shadow Force Group from 2020 to 2022.

This analysis report shows significant change in threat activities of Kimsuky group compared to January through statistical data.

This report analyzes threat activities of Kimsuky group in 2023, focusing on 3 types of malware.

This report analyzes threat activities of Kimsuky group, particularly those utilizing FlowerPower and AppleSeed malware.

This analysis report will discuss the distribution of CHM malware assumed to have been created by North Korean threat actor Kimsuky group.

This analysis report reviews the installation of PlugX malware through Sunlogin and Awesun's remote code execution vulnerability.

This analysis report aims to share the anti-forensic traces and details found in the systems that were infiltrated by the Lazarus group.

This report investigates ransomware trends according to region and examines the different attack methods.

This report will discuss the Dalbit,m00nlight APT attack campaign conducted by Chinese hackers, including the main methods used.

This report analyzes malware distributed via Microsoft OneNote, which is a rapidly increasing trend.

This report investigates NetSupport RAT malware being distributed from a phishing page for a Pokemon card game.

This report examines Linux malware developed with Shc that has been installing a CoinMiner.

In this article, AhnLab looks back at the Top 10 Cyber Threat Trends of 2022 and predicts upcoming trends for 2023.

This article covers ransomware trends over the last two years, including notable characteristics of major ransomware groups.

This report examines the vulerabilities of Active Directory Domain Services and methods to mitigate them.

This report analyzes Lazarus Group’s Rootkit attack method using BYOVD performed on vulnerable driver modules.

This article will discuss the principles behind Infostealer exploiting automatic login features and share ways to minimize damage.

This report analyzes vulnerable Atlassian Confluence servers that can result in OGNL injection attacks.

This report examines LuoYu Group's attack methods and major malware utilized by the group, including WinDealer.

This report will analyze the Follina zero-day vulnerability exploited through the Microsoft Support Diagnostic Tool(MSDT).

This article analyzes recent trends of Dark Web and Deep Web, based on ransomware, black markets, and hacking groups.

This analysis report presents cases of Conti Ransomware attacks, major tooles used, and related issues in detail.

This report introduces Operation Triple Tiang, a cyber attack mission targeting South Korean fields of politics and foreign affairs.

This analysis report examines the malicious activities of Kimsuky Group during the year 2021, including detailed cases and targets.

This analysis report focuses on types of malware recently utilized by the Kimsuky group, including AppleSeed and PebbleDash.

This article takes a closer look at the top 5 cybersecurity threats in 2022 and shares security issues to watch out for in the new year.

This report details the Log4Shell vulnerability executed in the Apache Log4j 2 library.

This article will analyze the characteristics, damage, and attack process of BlackMatter ransomware.

This report describes the malicious activities of the APT Group Mustang Panda and its attack methods.

TeamTnT is a threat actor continuously attacking cloud environments since 2020. This report introduces the group's tactics and procedures.

This report will review the significant security threats of 2020 and share predictions for 2021 based on the relevant data analysis.

This analysis report will examine the top five malicious applications being used for sextortion scams.

This analysis report will examine Operation Shadow Force that had been hidden behind legitimate certificates for the last seven years.

This analysis report will examine the recent malicious activities of Magniber from changes in exploited vulnerability to shellcode.

This analysis report presents the kill-chain, primary functions, and internal proliferation methods of Lemon Duck in full detail.

This report describes the latest attacks by Kimsuky Group including main methods, and changes in their purpose and targets.