CVE Trend Report – April 2023 Vulnerability Statistics and Major Issues Posted By ahnlabti , June 9, 2023 Following the recent abuse of vulnerabilities in various malware distributions and attacks, it is becoming more crucial to detect said information early on. Zero-day and other various vulnerabilities are typically spread faster through social networks. AhnLab provides the trend of current vulnerabilities through the ATIP service based on the information collected by the in-house infrastructure. Additionally, ATIP offers information on said vulnerabilities’ characteristics and countermeasures through related News Clippings, ASEC Notes, analysis reports, security advisories, and more. This report introduces…
Threat Trend Report on Kimsuky – April 2023 Posted By ahnlabti , June 9, 2023 The Kimsuky group’s activities in April 2023 showed a decline in comparison to their activities in March, falling under half the number of the previous month. Korean domains were used for FlowerPower like before without major changes, and the RandomQuery type also remained the same. Lastly, we confirmed that the domain responsible for distributing AppleSeed has been spreading the Google Chrome Remote Desktop setup script. Also, the dropper file and AppleSeed file used different argument values, which is a shift…
ASEC Weekly Malware Statistics (May 29th, 2023 – June 4th, 2023) Posted By ASEC , June 9, 2023 AhnLab Security Emergency response Center (ASEC) uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from May 29th, 2023 (Monday) to June 4th, 2023 (Sunday). For the main category, downloader ranked top with 40.1%, followed by Infostealer with 39.5%, backdoor with 13.6%, CoinMiner with 4.1%, and ransomware with 2.7%. Top 1 – AgentTesla AgentTesla is an Infostealer that ranked first place with 21.4%. It leaks user credentials saved…
ASEC Weekly Phishing Email Threat Trends (May 21st, 2023 – May 27th, 2023) Posted By ASEC , June 9, 2023 AhnLab Security Emergency response Center (ASEC) monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and honeypot. This post will cover the cases of distribution of phishing emails during the week from May 21st, 2023 to May 27th, 2023 and provide statistical information on each type. Generally, phishing is cited as an attack that leaks users’ login account credentials by disguising as or impersonating an institute, company, or individual through social engineering methods. On a broader note,…
Similar AhnLab Response Cases Regarding Korea-US Joint Cyber Security Advice Posted By AhnLab_en , June 8, 2023 On June 2nd, the Korean NIS (National Intelligence Service), NPA (National Police Agency), and MOFA (Ministry of Foreign Affairs) released a joint security advisory regarding the spear phishing attacks of North Korea’s Kimsuky group with the US FBI (Federal Bureau of Investigation), DoS (Department of State), and NSA (National Security Agency). The government agencies stated that the act was done to raise awareness of members of global think tanks, academic institutions, and media companies on CNE (Computer Network Exploitation) using…