AhnLab セキュリティセンター

アンラボの分析専門家によるテクニカルレポートをダウンロードできます。
(*現在は英語版のみ提供されます。)

Featured
  • Deep Web & Dark Web Threat Trend Report - August 2023

    This report analyzes the latest trends on the deep web and dark web, along with the associated threat actors in August 2023.

    Sep 8, 2023 Read More
    #Ransomware #DeepWeb #DarkWeb
  • NEW
    Threat Trend Report on Kimsuky - August 2023

    This trend report examines Kimsuky group's threat activities in August 2023, including a notable surge in BabyShark.

    Sep 7, 2023 Read More
    #Kimsuky #Malware #Threatgroup
  • NEW
    Threat Trend Report on Ransomware - August 2023

    This report analyzes the latest ransomware trends, including statistics on new ransomware samples and targets in August 2023.

    Sep 7, 2023 Read More
    #Ransomware #Cyberattack #Compromise
  • NEW
    Threat Trend Report on APT Groups - August 2023

    This report investigates the activities of APT groups, suspected of engaging in state-sponsored cyber espionage during August 2023.

    Sep 8, 2023 Read More
    #APT #Threatactors #Cyberespionage
  • BlueShell Used in APT Attacks Against Korean and Thai Targets

    This report describes in detail the way that BlueShell, a type of backdoor developed in Go, has been distributed in South Korea and Thailand.

    Sep 11, 2023 Read More
    #BlueShell #Backdoor #APT
  • Threat Trend Report on Ransomware - July 2023

    This report provides statistics on ransomware attack cases confirmed in July 2023, and shares key findings of ransowmare trend analysis.

    Aug 4, 2023 Read More
    #Ransomware #Threatactors #Exploitation
  • Threat Trend Report on APT Groups - July 2023

    This analysis report shows the trends of APT groups, as well as details their activities in the month of July 2023.

    Aug 8, 2023 Read More
    #APT #Cybercrime #Threatactors
  • Threat Trend Report on Kimsuky Group - July 2023

    This trend report explains how the activities of the Kimsuky attack group have changed compared to June of this year, based on statistical data.

    Aug 7, 2023 Read More
    #Kimsuky #Hackinggroup #Cyberattack
  • Deep Web and Dark Web Threat Trend Report - July 2023

    This trend report analyzes ransomware issues and attack cases discovered in deep web and dark web in July of this year.

    Aug 8, 2023 Read More
    #DeepWeb #DarkWeb #BlackMarket
  • Threat Trend Report on Kimsuky – June 2023

    The trend report shares an analysis of the activities of Kimsuky group in June 2023, using statistical graphs to show their changes.

    Jul 06, 2023 Read More
    #Kimsuky #Attackgroup #Malware
  • Threat Trend Report on Ransomware – June 2023

    This trend report provides statistics on ransomware status and trends, as well as information on key related issues for June 2023.

    Jul 06, 2023 Read More
    #Ransomware #Cyberattack #Hackinggroup
  • Threat Trend Report on APT Groups – June 2023

    This trend report covers the trends and behaviors of APT groups supported by certain countries or organizations for the month of June this year.

    Jul 07, 2023 Read More
    #Threatgroup #Cyberespionage #Cybercrime
  • Deep Web & Dark Web Threat Trend Report – June 2023

    This report analyzes the trends of attack groups that distributed ransomware through cyber crime forums and black markets in June 2023.

    Jul 07, 2023 Read More
    #DeepWeb #DarkWeb #Ransomware
  • Deep Web & Dark Web Threat Trend Report – May 2023

    This trend report details ransomware distributed via deep web and dark web, and related threat actors during the month of May this year.

    June 09, 2023 Read More
    #DeepWeb #DarkWeb #Ransomware
  • Trend Report on Kimsuky – May 2023

    This analysis report details changes in trends of malicious behavior by Kimsuky hacking group compared to April this year.

    June 02, 2023 Read More
    #Kimsuky #Hackinggroup #Cyberattack
  • Threat Trend Report on APT Groups – May 2023

    This report analyzes nation-led threat groups presumed to conduct cyber espionage or sabotage, referred to as 'APT groups' in May 2023.

    June 09, 2023 Read More
    #APT #Threatgroup #Cyberespionage
  • CVE Trend Report – May 2023

    TThis report provides statistical data on the top 10 most mentioned vulnerabilities in May 2023, and details on the characteristics of each of them.

    June 12, 2023 Read More
    #Vulnerability #CVE #Malware
  • Threat Trend Report on Ransomware – May 2023

    This trend report introduces new ransomware samples, targeted systems and businesses in May 2023, and notable global ransomware issues.

    June 09, 2023 Read More
    #Ransomware #Cyberattack #Compromise
  • Threat Trend Report on APT Groups – April 2023

    This trend report covers the content related to nation-state threat actors suspected of engaging in cyber espionage with the support of certain national governments in April 2023.

    May 04, 2023 Read More
    #APT #Threatgroup #Cyberespionage
  • Deep Web & Dark Web Threat Trend Report – April 2023

    This report examines the type of ransomware distributed via deep web and dark web, and analyzes a few cases affected by these attacks in April 2023.

    May 04, 2023 Read More
    #Ransomware #Deepweb #Darkweb
  • Threat Trend Report on Kimsuky – April 2023

    This trend report details how Kimsuky group's activities have changed compared to March 2023, and explains what attack techniques and malware were used.

    May 04, 2023 Read More
    #Kimsuky #Threatgroup #Cyberattack
  • Threat Trend Report on Ransomware – April 2023

    This trend report provides statistics on newly collected ransomware samples, affected systems and businesses during the month of April 2023.

    May 04, 2023 Read More
    #Ransomware #Cyberattack #Securityincident
  • CVE Trend Report – April 2023 Vulnerability Statistics and Major Issues

    This statistical report provides information on the top 10 most mentioned CVE vulnerabilities in April 2023, along with key features of them.

    May 04, 2023 Read More
    #Vulnerability #Exposure #Exploit
  • March 2023 Deep Web & Dark Web Threat Trend Report

    This trend report details the types of ransomware distributed via the deep web and dark web in March of this year, as well as the threat actors involved.

    Apr 7, 2023 Read More
    #DeepWeb #DarkWeb #ThreatActor
  • March 2023 Threat Trend Report on KImsuky Group

    This analysis report details based on statistical data on how the activities of Kimsuky group have changed in comparison to February of this year.

    Apr 7, 2023 Read More
    #Kimsuky #Malware #attack
  • Threat Trend Report on Ransomware - March 2023

    This report provides statistics on the number of newly collected ransomware samples and affected systems during the month of March 2023.

    Apr 6, 2023 Read More
    #Ransomware #CyberAttack #Compromise
  • CVE Trend Report - March 2023 Vulnerability Statistics and Major Issues

    This trend report provides statistics on the trends and patterns of the top 10 most mentioned CVE vulnerabilities.

    Apr 6, 2023 Read More
    #CVE #Vulnerabilities #Threats
  • Shadow Force Group's Viticdoor and CoinMiner

    This analysis report details the overall attack pattern for Shadow Force Group from 2020 to 2022.

    Mar 27, 2023 Read More
    #ShadowForce #Malware #Attack
  • February 2023 Threat Trend Report on Kimsuky Group

    This analysis report shows significant change in threat activities of Kimsuky group compared to January through statistical data.

    Mar 29, 2023 Read More
    #Kimsuky #Malware #attack
  • January 2023 Threat Trend Report on Kimsuky Group

    This report analyzes threat activities of Kimsuky group in 2023, focusing on 3 types of malware.

    Mar 16, 2023 Read More
    #Kimsuky #Malware #Attack
  • 2022 Threat Trend Report on Kimsuky Group

    This report analyzes threat activities of Kimsuky group, particularly those utilizing FlowerPower and AppleSeed malware.

    Feb 27, 2023 Read More
    #Kimsuky #FlowerPower #AppleSeed
  • CHM Malware Disguised as North Korea-related Questionnaire (Kimsuky)

    This analysis report will discuss the distribution of CHM malware assumed to have been created by North Korean threat actor Kimsuky group.

    Mar 13, 2023 Read More
    #Kimsuky #CHM #Malware
  • PlugX Malware Being Distributed via Vulnerability Exploitation

    This analysis report reviews the installation of PlugX malware through Sunlogin and Awesun's remote code execution vulnerability.

    Mar 9, 2023 Read More
    #PlugX #Malware #Vulnerability
  • Anti-Forensic Techniques Used By Lazarus Group

    This analysis report aims to share the anti-forensic traces and details found in the systems that were infiltrated by the Lazarus group.

    Feb 23, 2023 Read More
    #Lazarus #ThreatActor #Anti-Forensic
  • Threat Trend Report on Region-Specific Ransomware

    This report investigates ransomware trends according to region and examines the different attack methods.

    Feb 14, 2023 Read More
    #Ransomware #Regional #Attacks
  • Dalbit (m00nlight): Chinese Hacker Group’s APT Attack Campaign

    This report will discuss the Dalbit,m00nlight APT attack campaign conducted by Chinese hackers, including the main methods used.

    February 23, 2023 Read More
    #Dalbit #m00nlight #APT
  • Analysis Report on Malware Distributed via Microsoft OneNote

    This report analyzes malware distributed via Microsoft OneNote, which is a rapidly increasing trend.

    Jan 30, 2023 Read More
    #Malware #OneNote #RLTO
  • Distribution of NetSupport RAT Malware Disguised as a Pokemon Game

    This report investigates NetSupport RAT malware being distributed from a phishing page for a Pokemon card game.

    Jan 6, 2023 Read More
    #NetSupport #RAT #Malware
  • Shc Linux Malware Installing CoinMiner

    This report examines Linux malware developed with Shc that has been installing a CoinMiner.

    Jan 4, 2023 Read More
    #Linux #Shc #CoinMiner
  • 2022 Threat Recap and 2023 Predictions

    In this article, AhnLab looks back at the Top 10 Cyber Threat Trends of 2022 and predicts upcoming trends for 2023.

    Dec 15, 2022 Read More
    #Threat #Trends #Attacks
  • The Major Ransomware Trends over the Last Two Years

    This article covers ransomware trends over the last two years, including notable characteristics of major ransomware groups.

    Dec 6, 2022 Read More
    #Ransomware #Trends #Attacks
  • Analysis Report on CVE-2022-26923 Vulnerability

    This report examines the vulerabilities of Active Directory Domain Services and methods to mitigate them.

    Oct 20, 2022 Read More
    #ActiveDirectory #Vulnerability #Domain
  • Analysis Report on Lazarus Group’s Rootkit Attack Using BYOVD

    This report analyzes Lazarus Group’s Rootkit attack method using BYOVD performed on vulnerable driver modules.

    Sep 22, 2022 Read More
    #Lazarus #Rootkit #BYOVD
  • Why Hackers Love Automatic Logins

    This article will discuss the principles behind Infostealer exploiting automatic login features and share ways to minimize damage.

    Sep 5, 2022 Read More
    #Infostealer #Hackers #AutomaticLogin
  • Analysis Report on CVE-2022-26134 Vulnerability

    This report analyzes vulnerable Atlassian Confluence servers that can result in OGNL injection attacks.

    Aug 11, 2022 Read More
    #Atlassian #OGNL #Injection
  • Threat Trend Report on LuoYu Group

    This report examines LuoYu Group's attack methods and major malware utilized by the group, including WinDealer.

    Aug 10, 2022 Read More
    #LuoYu #WinDealer #Malware
  • Analysis Report on Follina (CVE-2022-30190) Vulnerability

    This report will analyze the Follina zero-day vulnerability exploited through the Microsoft Support Diagnostic Tool(MSDT).

    Jun 27, 2022 Read More
    #Follina #Vulnerability #MSDT
  • Are Dark Web and Deep Web Hotbed of Hackers?

    This article analyzes recent trends of Dark Web and Deep Web, based on ransomware, black markets, and hacking groups.

    Jun 7, 2022 Read More
    #DarkWeb #DeepWeb #Hacking
  • Threat Trend Report on Conti Ransomware

    This analysis report presents cases of Conti Ransomware attacks, major tooles used, and related issues in detail.

    May 18, 2022 Read More
    #Conti #Ransomware #Attacks
  • Threat Trend Report on Operation Triple Tiang

    This report introduces Operation Triple Tiang, a cyber attack mission targeting South Korean fields of politics and foreign affairs.

    Mar 31, 2022 Read More
    #Operation #TripleTiang #Attacks
  • Threat Trend Report on Kimsuky Group’s 2021 Activities

    This analysis report examines the malicious activities of Kimsuky Group during the year 2021, including detailed cases and targets.

    Jan 28, 2022 Read More
    #Kimsuky #2021 #Attacks
  • Analysis Report on Kimsuky Group’s APT Attacks (AppleSeed, PebbleDash)

    This analysis report focuses on types of malware recently utilized by the Kimsuky group, including AppleSeed and PebbleDash.

    Jan 5, 2022 Read More
    #Kimsuky #AppleSeed #PebbleDash
  • 2022 Cybersecurity Threat Outlook: What to Watch Out for

    This article takes a closer look at the top 5 cybersecurity threats in 2022 and shares security issues to watch out for in the new year.

    Jan 4, 2022 Read More
    #2022 #Threats #Trends
  • Analysis Report on Apache Log4Shell (CVE-2021-44228) Vulnerability

    This report details the Log4Shell vulnerability executed in the Apache Log4j 2 library.

    Dec 13, 2021 Read More
    #Log4Shell #Apache #Log4j2
  • BlackMatter Ransomware: Descendant of DarkSide?

    This article will analyze the characteristics, damage, and attack process of BlackMatter ransomware.

    Nov 2, 2021 Read More
    #BlackMatter #Ransomware #DarkSide
  • Threat Trend Report on Mustang Panda

    This report describes the malicious activities of the APT Group Mustang Panda and its attack methods.

    Aug 20, 2021 Read More
    #MustangPanda #APT #Attacks
  • Threat Trend Report on TeamTNT Group

    TeamTnT is a threat actor continuously attacking cloud environments since 2020. This report introduces the group's tactics and procedures.

    Jul 29, 2021 Read More
    #TeamTnT #Cloud #ThreatActor
  • 2020 Threat Review and 2021 Predictions

    This report will review the significant security threats of 2020 and share predictions for 2021 based on the relevant data analysis.

    Jan 7, 2021 Read More
    #2021 #Threats #Analysis
  • Five Malicious Sextortion Apps

    This analysis report will examine the top five malicious applications being used for sextortion scams.

    Jul 6, 2020 Read More
    #Sextortion #Applications #Scams
  • Operation Shadow Force

    This analysis report will examine Operation Shadow Force that had been hidden behind legitimate certificates for the last seven years.

    Apr 7, 2020 Read More
    #Operation #ShadowForce #Attacks
  • The Evolution of Magniber Ransomware

    This analysis report will examine the recent malicious activities of Magniber from changes in exploited vulnerability to shellcode.

    Mar 2, 2020 Read More
    #Magniber #Vulnerability #Shellcode
  • Sour Lemon Duck: PowerShell Malware Exploiting SMB Vulnerability

    This analysis report presents the kill-chain, primary functions, and internal proliferation methods of Lemon Duck in full detail.

    Dec 19, 2019 Read More
    #LemonDuck #PowerShell #SMBVulnerability
  • Operation Kabar Cobra: Tenacious cyber-espionage by Kimsuky

    This report describes the latest attacks by Kimsuky Group including main methods, and changes in their purpose and targets.

    Feb 28, 2019 Read More
    #Kimsuky #Operation #KabarCobra
top