Threat Reports

This report analyzes the latest trends on the deep web and dark web, along with the associated threat actors in August 2023.

This trend report examines Kimsuky group's threat activities in August 2023, including a notable surge in BabyShark.

This report analyzes the latest ransomware trends, including statistics on new ransomware samples and targets in August 2023.

This report investigates the activities of APT groups, suspected of engaging in state-sponsored cyber espionage during August 2023.

This report describes in detail the way that BlueShell, a type of backdoor developed in Go, has been distributed in South Korea and Thailand.

This report provides statistics on ransomware attack cases confirmed in July 2023, and shares key findings of ransowmare trend analysis.

This analysis report shows the trends of APT groups, as well as details their activities in the month of July 2023.

This trend report explains how the activities of the Kimsuky attack group have changed compared to June of this year, based on statistical data.

This trend report analyzes ransomware issues and attack cases discovered in deep web and dark web in July of this year.

The trend report shares an analysis of the activities of Kimsuky group in June 2023, using statistical graphs to show their changes.

This trend report provides statistics on ransomware status and trends, as well as information on key related issues for June 2023.

This trend report covers the trends and behaviors of APT groups supported by certain countries or organizations for the month of June this year.

This report analyzes the trends of attack groups that distributed ransomware through cyber crime forums and black markets in June 2023.

This trend report details ransomware distributed via deep web and dark web, and related threat actors during the month of May this year.

This analysis report details changes in trends of malicious behavior by Kimsuky hacking group compared to April this year.

This report analyzes nation-led threat groups presumed to conduct cyber espionage or sabotage, referred to as 'APT groups' in May 2023.

This report provides statistical data on the top 10 most mentioned vulnerabilities in May 2023, and details on the characteristics of each of them.

This trend report introduces new ransomware samples, targeted systems and businesses in May 2023, and notable global ransomware issues.

This trend report covers the content related to nation-state threat actors suspected of engaging in cyber espionage with the support of certain national governments in April 2023.

This report examines the type of ransomware distributed via deep web and dark web, and analyzes a few cases affected by these attacks in April 2023.

This trend report details how Kimsuky group's activities have changed compared to March 2023, and explains what attack techniques and malware were used.

This trend report provides statistics on newly collected ransomware samples, affected systems and businesses during the month of April 2023.

This statistical report provides information on the top 10 most mentioned CVE vulnerabilities in April 2023, along with key features of them.

This trend report details the types of ransomware distributed via the deep web and dark web in March of this year, as well as the threat actors involved.

This analysis report details based on statistical data on how the activities of Kimsuky group have changed in comparison to February of this year.

This report provides statistics on the number of newly collected ransomware samples and affected systems during the month of March 2023.

This trend report provides statistics on the trends and patterns of the top 10 most mentioned CVE vulnerabilities.

This analysis report details the overall attack pattern for Shadow Force Group from 2020 to 2022.

This analysis report shows significant change in threat activities of Kimsuky group compared to January through statistical data.

This report analyzes threat activities of Kimsuky group in 2023, focusing on 3 types of malware.

This report analyzes threat activities of Kimsuky group, particularly those utilizing FlowerPower and AppleSeed malware.

This analysis report will discuss the distribution of CHM malware assumed to have been created by North Korean threat actor Kimsuky group.

This analysis report reviews the installation of PlugX malware through Sunlogin and Awesun's remote code execution vulnerability.

This analysis report aims to share the anti-forensic traces and details found in the systems that were infiltrated by the Lazarus group.

This report investigates ransomware trends according to region and examines the different attack methods.

This report will discuss the Dalbit,m00nlight APT attack campaign conducted by Chinese hackers, including the main methods used.

This report analyzes malware distributed via Microsoft OneNote, which is a rapidly increasing trend.

This report investigates NetSupport RAT malware being distributed from a phishing page for a Pokemon card game.

This report examines Linux malware developed with Shc that has been installing a CoinMiner.

In this article, AhnLab looks back at the Top 10 Cyber Threat Trends of 2022 and predicts upcoming trends for 2023.

This article covers ransomware trends over the last two years, including notable characteristics of major ransomware groups.

This report examines the vulerabilities of Active Directory Domain Services and methods to mitigate them.

This report analyzes Lazarus Group’s Rootkit attack method using BYOVD performed on vulnerable driver modules.

This article will discuss the principles behind Infostealer exploiting automatic login features and share ways to minimize damage.

This report analyzes vulnerable Atlassian Confluence servers that can result in OGNL injection attacks.

This report examines LuoYu Group's attack methods and major malware utilized by the group, including WinDealer.

This report will analyze the Follina zero-day vulnerability exploited through the Microsoft Support Diagnostic Tool(MSDT).

This article analyzes recent trends of Dark Web and Deep Web, based on ransomware, black markets, and hacking groups.

This analysis report presents cases of Conti Ransomware attacks, major tooles used, and related issues in detail.

This report introduces Operation Triple Tiang, a cyber attack mission targeting South Korean fields of politics and foreign affairs.

This analysis report examines the malicious activities of Kimsuky Group during the year 2021, including detailed cases and targets.

This analysis report focuses on types of malware recently utilized by the Kimsuky group, including AppleSeed and PebbleDash.

This article takes a closer look at the top 5 cybersecurity threats in 2022 and shares security issues to watch out for in the new year.

This report details the Log4Shell vulnerability executed in the Apache Log4j 2 library.

This article will analyze the characteristics, damage, and attack process of BlackMatter ransomware.

This report describes the malicious activities of the APT Group Mustang Panda and its attack methods.

TeamTnT is a threat actor continuously attacking cloud environments since 2020. This report introduces the group's tactics and procedures.

This report will review the significant security threats of 2020 and share predictions for 2021 based on the relevant data analysis.

This analysis report will examine the top five malicious applications being used for sextortion scams.

This analysis report will examine Operation Shadow Force that had been hidden behind legitimate certificates for the last seven years.

This analysis report will examine the recent malicious activities of Magniber from changes in exploited vulnerability to shellcode.

This analysis report presents the kill-chain, primary functions, and internal proliferation methods of Lemon Duck in full detail.

This report describes the latest attacks by Kimsuky Group including main methods, and changes in their purpose and targets.