One solution can change everything. ANY.RUN’s Threat Intelligence Lookup is living proof of that. By delivering a browsable source of threat data, it helps your SOC overcome challenges that have to be faced in order to reach higher detection rates and make smarter security decisions. Find details on how to make the most of TI […] The post How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts appeared first on ANY.RUN's Cybersecurity Blog.| ANY.RUN's Cybersecurity Blog
Today, phishing accounts for the majority of all cyberattacks. The availability of low-cost, easy-to-use Phishing-as-a-Service (PhaaS) platforms like Tycoon2FA, EvilProxy, and Sneaky2FA only makes the problem worse. These services are actively maintained by their operators; new evasion techniques are regularly added, and the multi-layered infrastructure behind the phishing kits continues to evolve and expand. But […] The post Salty 2FA: Undetected PhaaS from Storm-1575 Hitting US and EU...| ANY.RUN's Cybersecurity Blog
Editor’s note: The current article was originally published on March 11, 2024, and updated on August 14, 2025. Security Operations Centers (SOCs) face an overwhelming volume of threat alerts, making it difficult to separate real threats from false positives without heavy resource use. For teams already working with, or planning to adopt Filigran’s OpenCTI, ANY.RUN now […] The post ANY.RUN & OpenCTI: Transform SOC for Maximum Performance appeared first on ANY.RUN's Cybersecurity Blog.| ANY.RUN's Cybersecurity Blog
Find crucial steps to take as a CISO to empower your SOC operations with threat intelligence to mitigate risks and improve key metrics.| ANY.RUN's Cybersecurity Blog
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. North Korean state-sponsored groups, such as Lazarus, continue to target the financial and cryptocurrency sectors with a variety of custom malware families. In previous research, we examined strains like InvisibleFerret, Beavertail, and OtterCookie, often […] The post PyLangGhost RAT: Rising Stealer from Lazarus Group Striking Finance an...| ANY.RUN's Cybersecurity Blog
ANY.RUN now delivers Threat Intelligence (TI) Feeds directly to Microsoft Sentinel via the built-in STIX/TAXII connector. No complicated setups. No custom scripts. Only high-quality indicators of compromise (IOCs) to fortify your SOC and catch attacks early, keeping your business secure. About the TI Feeds Connector for Microsoft Sentinel ANY.RUN’s TI Feeds support a seamless, out-of-the-box […] The post ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Inte...| ANY.RUN's Cybersecurity Blog
July brought powerful new updates to help your SOC catch threats faster, reduce manual effort, and make more confident decisions, right inside your existing workflows. From fresh integrations to better detection coverage, these changes are built to support your team every step of the way. In this update: Keep reading to explore what’s new and how […] The post Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules appeared first on ANY.RUN's Cybersecurit...| ANY.RUN's Cybersecurity Blog
ANY.RUN’s Interactive Sandbox provides SOC teams with the fastest solution for analyzing and detecting cyber threats targeting Windows, Linux, and Android systems. Now, our selection of VMs has been expanded to include Linux Debian 12.2 64-bit (ARM). With the rapid rise of ARM-based malware, the sandbox helps businesses tackle this threat through proactive analysis and […] The post Detect ARM Malware in Seconds with Debian Sandbox for Stronger Enterprise Security appeared first on A...| ANY.RUN's Cybersecurity Blog
Why are SOC teams still struggling to keep up despite heavy investments in security tools? False positives pile up, evasive threats slip through, and critical alerts often get buried under noise. For CISOs, the challenge is giving teams the visibility and speed they need to respond before damage is done. ANY.RUN helps close that gap. 95% of […] The post CISO Blueprint: 5 Steps to Enterprise Cyber Threat Resilience appeared first on ANY.RUN's Cybersecurity Blog.| ANY.RUN's Cybersecurity Blog
While cybercriminals were working overtime this July, so were we at ANY.RUN — and, dare we say, with better results. As always, we’ve picked the most dangerous and intriguing attacks of the month. But this time, there’s more. Alongside the monthly top, we are highlighting a key trend that’s been powering campaigns throughout 2025: the […] The post Major Cyber Attacks in July 2025: Obfuscated .LNK‑Delivered DeerStealer, Fake 7‑Zip, and More appeared first on ANY.RUN's Cybersecu...| ANY.RUN's Cybersecurity Blog
Power up IBM QRadar SOAR with ANY.RUN's Interactive Sandbox and Threat Intelligence Lookup to detect threats faster and reduce workload.| ANY.RUN's Cybersecurity Blog
Discover the key insights into the current threat landscape with ANY.RUN's Q2 2025 report to ensure effective security planning.| ANY.RUN's Cybersecurity Blog
Read a technical analysis of the Ducex packer used by Android malware like Triada for obfuscation and analysis evasion.| ANY.RUN's Cybersecurity Blog
Learn actionable threat hunting techniques to proactively identify malware hidden inside your infrastructure and enrich your defense with fresh IOCs.| ANY.RUN's Cybersecurity Blog
Explore in-depth technical analysis of OtterCookie, a new North Korean Lazarus APT malware that steals victims' crypto and credentials.| ANY.RUN's Cybersecurity Blog
Read technical analysis of PE32, a new ransomware strain that demands ransom for both decryption and not leaking stolen data.| ANY.RUN's Cybersecurity Blog
Learn how SOC teams use Indicators of Compromise (IOCs), Attack (IOAs), and Behavior (IOBs) for threat detection.| ANY.RUN's Cybersecurity Blog
Discover how ANY.RUN provides cyber threat intelligence enriched by the IOCs and IOBs from the latest malware analyzed by 15,000 companies.| ANY.RUN's Cybersecurity Blog
See how ANY.RUN sources unique indicators of compromise for Threat Intelligence Feeds, helping businesses detect cyber threats.| ANY.RUN's Cybersecurity Blog
Get fresh Threat Intelligence reports on the latest cyber attacks and persistent APTs to enrich your company's security.| ANY.RUN's Cybersecurity Blog
Learn how TI Lookup from ANY.RUN helps businesses collect intelligence on active Advanced Persistent Threats to prevent cyber attacks.| ANY.RUN's Cybersecurity Blog
Discover a detailed technical analysis of the InvisibleFerret malware that targets businesses across different industries.| ANY.RUN's Cybersecurity Blog
Discover how YARA detection rules work and see real-world examples of rules used in ANY.RUN's Interactive Sandbox.| ANY.RUN's Cybersecurity Blog
