One solution can change everything. ANY.RUN’s Threat Intelligence Lookup is living proof of that. By delivering a browsable source of threat data, it helps your SOC overcome challenges that have to be faced in order to reach higher detection rates and make smarter security decisions. Find details on how to make the most of TI […] The post How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts appeared first on ANY.RUN's Cybersecurity Blog.| ANY.RUN's Cybersecurity Blog
Today, phishing accounts for the majority of all cyberattacks. The availability of low-cost, easy-to-use Phishing-as-a-Service (PhaaS) platforms like Tycoon2FA, EvilProxy, and Sneaky2FA only makes the problem worse. These services are actively maintained by their operators; new evasion techniques are regularly added, and the multi-layered infrastructure behind the phishing kits continues to evolve and expand. But […] The post Salty 2FA: Undetected PhaaS from Storm-1575 Hitting US and EU...| ANY.RUN's Cybersecurity Blog
Editor’s note: The current article was originally published on March 11, 2024, and updated on August 14, 2025. Security Operations Centers (SOCs) face an overwhelming volume of threat alerts, making it difficult to separate real threats from false positives without heavy resource use. For teams already working with, or planning to adopt Filigran’s OpenCTI, ANY.RUN now […] The post ANY.RUN & OpenCTI: Transform SOC for Maximum Performance appeared first on ANY.RUN's Cybersecurity Blog.| ANY.RUN's Cybersecurity Blog
Find crucial steps to take as a CISO to empower your SOC operations with threat intelligence to mitigate risks and improve key metrics.| ANY.RUN's Cybersecurity Blog
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. North Korean state-sponsored groups, such as Lazarus, continue to target the financial and cryptocurrency sectors with a variety of custom malware families. In previous research, we examined strains like InvisibleFerret, Beavertail, and OtterCookie, often […] The post PyLangGhost RAT: Rising Stealer from Lazarus Group Striking Finance an...| ANY.RUN's Cybersecurity Blog
ANY.RUN now delivers Threat Intelligence (TI) Feeds directly to Microsoft Sentinel via the built-in STIX/TAXII connector. No complicated setups. No custom scripts. Only high-quality indicators of compromise (IOCs) to fortify your SOC and catch attacks early, keeping your business secure. About the TI Feeds Connector for Microsoft Sentinel ANY.RUN’s TI Feeds support a seamless, out-of-the-box […] The post ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Inte...| ANY.RUN's Cybersecurity Blog
July brought powerful new updates to help your SOC catch threats faster, reduce manual effort, and make more confident decisions, right inside your existing workflows. From fresh integrations to better detection coverage, these changes are built to support your team every step of the way. In this update: Keep reading to explore what’s new and how […] The post Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules appeared first on ANY.RUN's Cybersecurit...| ANY.RUN's Cybersecurity Blog
ANY.RUN’s Interactive Sandbox provides SOC teams with the fastest solution for analyzing and detecting cyber threats targeting Windows, Linux, and Android systems. Now, our selection of VMs has been expanded to include Linux Debian 12.2 64-bit (ARM). With the rapid rise of ARM-based malware, the sandbox helps businesses tackle this threat through proactive analysis and […] The post Detect ARM Malware in Seconds with Debian Sandbox for Stronger Enterprise Security appeared first on A...| ANY.RUN's Cybersecurity Blog
Why are SOC teams still struggling to keep up despite heavy investments in security tools? False positives pile up, evasive threats slip through, and critical alerts often get buried under noise. For CISOs, the challenge is giving teams the visibility and speed they need to respond before damage is done. ANY.RUN helps close that gap. 95% of […] The post CISO Blueprint: 5 Steps to Enterprise Cyber Threat Resilience appeared first on ANY.RUN's Cybersecurity Blog.| ANY.RUN's Cybersecurity Blog
While cybercriminals were working overtime this July, so were we at ANY.RUN — and, dare we say, with better results. As always, we’ve picked the most dangerous and intriguing attacks of the month. But this time, there’s more. Alongside the monthly top, we are highlighting a key trend that’s been powering campaigns throughout 2025: the […] The post Major Cyber Attacks in July 2025: Obfuscated .LNK‑Delivered DeerStealer, Fake 7‑Zip, and More appeared first on ANY.RUN's Cybersecu...| ANY.RUN's Cybersecurity Blog
Power up IBM QRadar SOAR with ANY.RUN's Interactive Sandbox and Threat Intelligence Lookup to detect threats faster and reduce workload.| ANY.RUN's Cybersecurity Blog
Discover the key insights into the current threat landscape with ANY.RUN's Q2 2025 report to ensure effective security planning.| ANY.RUN's Cybersecurity Blog
Read a technical analysis of the Ducex packer used by Android malware like Triada for obfuscation and analysis evasion.| ANY.RUN's Cybersecurity Blog
Learn actionable threat hunting techniques to proactively identify malware hidden inside your infrastructure and enrich your defense with fresh IOCs.| ANY.RUN's Cybersecurity Blog
Explore in-depth technical analysis of OtterCookie, a new North Korean Lazarus APT malware that steals victims' crypto and credentials.| ANY.RUN's Cybersecurity Blog
ANY.RUN now offers a new pre-installed development software set, giving analysts advanced tools for deeper malware investigation.| ANY.RUN's Cybersecurity Blog
Analyze Android malware in real time with ANY.RUN sandbox. Detect threats in an ARM-based environment available to all users, including Free!| ANY.RUN's Cybersecurity Blog
Learn to hunt for Linux malware with ANY.RUN's Threat Intelligence Lookup and see how you can use it together with the Interactive Sandbox.| ANY.RUN's Cybersecurity Blog
Learn how to use wildcards and operators in TI Lookup to create effective search queries for collecting intelligence on cyber threats.| ANY.RUN's Cybersecurity Blog
Read technical analysis of PE32, a new ransomware strain that demands ransom for both decryption and not leaking stolen data.| ANY.RUN's Cybersecurity Blog
Learn how SOC teams use Indicators of Compromise (IOCs), Attack (IOAs), and Behavior (IOBs) for threat detection.| ANY.RUN's Cybersecurity Blog
Discover how ANY.RUN provides cyber threat intelligence enriched by the IOCs and IOBs from the latest malware analyzed by 15,000 companies.| ANY.RUN's Cybersecurity Blog
See how ANY.RUN sources unique indicators of compromise for Threat Intelligence Feeds, helping businesses detect cyber threats.| ANY.RUN's Cybersecurity Blog
See how you can use Threat Intelligence Lookup to identify emerging cyber threats using over 40 different search parameters.| ANY.RUN's Cybersecurity Blog
See how to use process trees in malware analysis and discover what insights you can gain from a superficial investigation of a malware sample.| ANY.RUN's Cybersecurity Blog
See technical analysis PSLoramyra, an advanced malware that leverages PowerShell, VBS, and BAT scripts to execute directly in memory.| ANY.RUN's Cybersecurity Blog
See how you can expand your threat detection capabilities with fresh IOCs from ANY.RUN's Cyber Threat Intelligence Feeds.| ANY.RUN's Cybersecurity Blog
See technical analysis of a zero-day attack that uses corrupted malicious files to bypass detection by advanced security systems.| ANY.RUN's Cybersecurity Blog
Here you will find information on updates to our service. The latest news about release notes, reviews of new functionality, and much more.| ANY.RUN's Cybersecurity Blog
Learn actionable tips for analyzing malware's network traffic and see real-world examples investigated in the ANY.RUN sandbox.| ANY.RUN's Cybersecurity Blog
Explore obfuscation tactics in malware. We'll break down how they work and discuss strategies for detection and mitigation.| ANY.RUN's Cybersecurity Blog
Take a look at the major cybesecurity awards won by ANY.RUN in 2024 and discover the products recognized by leading experts in the industry.| ANY.RUN's Cybersecurity Blog
Here you will find a lot of information about how to detect malware and analyze it. Various tricks to help speed up the workflow and a lot of other useful information.| ANY.RUN's Cybersecurity Blog
Welcome to Instructions on ANY.RUN section. Here we talk about the various features of our interactive sandbox and how we can make it easier for you to analyze malware using our service.| ANY.RUN's Cybersecurity Blog
Get fresh Threat Intelligence reports on the latest cyber attacks and persistent APTs to enrich your company's security.| ANY.RUN's Cybersecurity Blog
Learn how TI Lookup from ANY.RUN helps businesses collect intelligence on active Advanced Persistent Threats to prevent cyber attacks.| ANY.RUN's Cybersecurity Blog
Discover a detailed technical analysis of the InvisibleFerret malware that targets businesses across different industries.| ANY.RUN's Cybersecurity Blog
Discover how YARA detection rules work and see real-world examples of rules used in ANY.RUN's Interactive Sandbox.| ANY.RUN's Cybersecurity Blog
Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.| ANY.RUN's Cybersecurity Blog
Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.| ANY.RUN's Cybersecurity Blog
Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.| ANY.RUN's Cybersecurity Blog
Welcome to analyst training section, here are collected materials for Cybersecurity education. Various techniques and approaches for malware analysis and research.| ANY.RUN's Cybersecurity Blog
Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.| ANY.RUN's Cybersecurity Blog
Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.| ANY.RUN's Cybersecurity Blog
Welcome to the Malware Analysis section. We tell you about the principles and approach to the analysis, useful cases and examples, new samples, and analytics.| ANY.RUN's Cybersecurity Blog
