Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. North Korean state-sponsored groups, such as Lazarus, continue to target the financial and cryptocurrency sectors with a variety of custom malware families. In previous research, we examined strains like InvisibleFerret, Beavertail, and OtterCookie, often…
Category: ANYRUN
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, guest post, Malware Analysis
PyLangGhost RAT: Rising Stealer from Lazarus Group Striking Finance and Technology
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. North Korean state-sponsored groups, such as Lazarus, continue to target the financial and cryptocurrency sectors with a variety of custom malware families. In previous research, we examined strains like InvisibleFerret, Beavertail, and OtterCookie, often…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Integrations & connectors, Malware Analysis, release
ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence
ANY.RUN now delivers Threat Intelligence (TI) Feeds directly to Microsoft Sentinel via the built-in STIX/TAXII connector. No complicated setups. No custom scripts. Only high-quality indicators of compromise (IOCs) to fortify your SOC and catch attacks early, keeping your business secure. About the TI Feeds Connector for Microsoft Sentinel ANY.RUN’s TI Feeds support a seamless, out-of-the-box…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Integrations & connectors, Malware Analysis, release
ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence
ANY.RUN now delivers Threat Intelligence (TI) Feeds directly to Microsoft Sentinel via the built-in STIX/TAXII connector. No complicated setups. No custom scripts. Only high-quality indicators of compromise (IOCs) to fortify your SOC and catch attacks early, keeping your business secure. About the TI Feeds Connector for Microsoft Sentinel ANY.RUN’s TI Feeds support a seamless, out-of-the-box…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Integrations & connectors, Malware Analysis, release
ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence
ANY.RUN now delivers Threat Intelligence (TI) Feeds directly to Microsoft Sentinel via the built-in STIX/TAXII connector. No complicated setups. No custom scripts. Only high-quality indicators of compromise (IOCs) to fortify your SOC and catch attacks early, keeping your business secure. About the TI Feeds Connector for Microsoft Sentinel ANY.RUN’s TI Feeds support a seamless, out-of-the-box…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules
July brought powerful new updates to help your SOC catch threats faster, reduce manual effort, and make more confident decisions, right inside your existing workflows. From fresh integrations to better detection coverage, these changes are built to support your team every step of the way. In this update: New IBM QRadar SOAR integration to automate investigations and speed…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules
July brought powerful new updates to help your SOC catch threats faster, reduce manual effort, and make more confident decisions, right inside your existing workflows. From fresh integrations to better detection coverage, these changes are built to support your team every step of the way. In this update: New IBM QRadar SOAR integration to automate investigations and speed…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules
July brought powerful new updates to help your SOC catch threats faster, reduce manual effort, and make more confident decisions, right inside your existing workflows. From fresh integrations to better detection coverage, these changes are built to support your team every step of the way. In this update: New IBM QRadar SOAR integration to automate investigations and speed…
ANYRUN, Cybersecurity, features, Global Security News, release, Service Updates
Detect ARM Malware in Seconds with Debian Sandbox for Stronger Enterprise Security
ANY.RUN’s Interactive Sandbox provides SOC teams with the fastest solution for analyzing and detecting cyber threats targeting Windows, Linux, and Android systems. Now, our selection of VMs has been expanded to include Linux Debian 12.2 64-bit (ARM). With the rapid rise of ARM-based malware, the sandbox helps businesses tackle this threat through proactive analysis and…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Global Security News, Malware Analysis
CISO Blueprint: 5 Steps to Enterprise Cyber Threat Resilience
Why are SOC teams still struggling to keep up despite heavy investments in security tools? False positives pile up, evasive threats slip through, and critical alerts often get buried under noise. For CISOs, the challenge is giving teams the visibility and speed they need to respond before damage is done. ANY.RUN helps close that gap. 95% of…
ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis, malware behavior
Major Cyber Attacks in July 2025: Obfuscated .LNK‑Delivered DeerStealer, Fake 7‑Zip, and More
While cybercriminals were working overtime this July, so were we at ANY.RUN — and, dare we say, with better results. As always, we’ve picked the most dangerous and intriguing attacks of the month. But this time, there’s more. Alongside the monthly top, we are highlighting a key trend that’s been powering campaigns throughout 2025: the…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Exploits, Global Security News, Malware Analysis
Top Email Security Risks for Businesses and How to Catch Them Before They Cause Damage
Even with all the new ways we stay in touch, Slack, Teams, DMs, email is still the backbone of business communication. That also makes it one of the easiest ways in for attackers. A single message with the right subject line or attachment can lead to stolen logins, malware infections, or even full network access.…
ANYRUN, Cybersecurity, Exploits, Global Security News, Malware Analysis
Beating Supply Chain Attacks: DHL Impersonation Case Study
ANY.RUN’s services processes data on current threats daily, including attacks affecting supply chains. In this case study, we analyze examples of DHL brand abuse. The company is a leading global logistic operator, and attackers exploit its recognition to send phishing emails, potentially targeting its partners. We will demonstrate how ANY.RUN’s solutions can be used to…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, release, Service Updates, update
Turn Alert Noise into Threat Insights without Leaving QRadar SOAR with ANY.RUN
IBM QRadar SOAR is a go-to platform for incident response. To make things faster and easier for SOCs to use this powerful tool with ANY.RUN’s services, we built an official app. Now you can seamlessly launch different playbooks directly inside SOAR to streamline threat analysis, speed up investigations, and reduce Mean Time to Respond (MTTR)…
ANYRUN, Cybersecurity, Global Security News, malware, Reports, update
Malware Trends Report, Q2 2025: Know the Key Risks to Your Business
Get Q2 2025 Report Based on real data from 15,000+ global SOC teams. Top malware types, families, and APTs Changes in threat landscape since Q1 2025 What SOC teams need to focus on Opt in to receive news, updates, and promotions. Get free report Loading… A copy of the report has been sent to your…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, Global Security News
How MSSPs Detect Incidents Early with Threat Intelligence Feeds from ANY.RUN
Managed Security Service Providers (MSSPs) are tasked with protecting multiple clients simultaneously while maintaining cost efficiency, rapid response times, and customer trust. The key to success lies in early threat detection, which requires access to high-quality, actionable threat intelligence that can be immediately applied across diverse client environments. Main MSSP Challenges MSSPs operate in a…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, malware behavior, Service Updates
Free. Powerful. Actionable. Make Smarter Security Decisions with Live Attack Data
Threat Intelligence in ANY.RUN continues to evolve — not only by adding more features, but by making the right ones easier to use. We’ve simplified access to ANY.RUN Threat Intelligence with a free version of TI Lookup. You now can explore Public Samples, TTPs, Suricata rules, and malware trends inside our Threat Intelligence product…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Europe, Global Security News
Enterprise Plan: Boost SOC Performance, Reduce Business Risks with ANY.RUN
Editor’s note: The current article was originally published on April 10, 2024, and updated on July 15, 2025. Modern cybersecurity teams face growing pressure: more threats, tighter SLAs, and less time to investigate. The difference between fast containment and a damaging breach often comes down to visibility, collaboration, and control. ANY.RUN’s Enterprise plan is a complete…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, Global Security News
How to Maintain Fast and Fatigue-Free Alert Triage with Threat Intelligence
Alert triage as one of the critical SOC and MSSP workflows implies evaluating, prioritizing, and categorizing security alerts to determine which threats require immediate attention and which can be safely dismissed or handled through automated processes. Efficient alert triage, supported by robust threat intelligence, ensures that organizations stay ahead of adversaries while maintaining analyst productivity…
ANYRUN, Cybersecurity, Global Security News, Malware Analysis
Technical Analysis of Ducex: Packer of Triada Android Malware
Many have probably heard of the modular malware for mobile devices called Triada. Even nine years after its first mention in 2016, it remains one of the most advanced Android trojans out there. Recently, our team at ANY.RUN came across an interesting sample of this malicious software. The sample in question was embedded in a…
ANYRUN, Cybersecurity, Exploits, features, Global Security News, release, Service Updates
Release Notes: Detonation Actions, Enhanced QR Extraction, and 1,400+ New Detection Rules
We’ve packed June with updates designed to make your day-to-day analysis faster, clearer, and easier than before. Whether you’re just getting started or deep into reverse engineering every day, these improvements are here to save you time and help you catch more threats. In this update: Real-time Detonation Action hints that guide you through the…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Malware Analysis, Uncategorized
A Guide to Developing Security-First Culture Powered by Threat Intelligence
Security-First Culture (SFC) is an organization-wide commitment where security considerations influence decision-making at every level, from strategic planning to daily operational tasks. It’s not just about having fancy tech or a dedicated IT team; it’s about making security a core part of how the company thinks and acts. A mindset where every decision, from coding…
ANYRUN, Cybersecurity, Europe, Global Security News, Malware Analysis
DEVMAN Ransomware: Analysis of New DragonForce Variant
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. New ransomware strains continue to surface frequently, and many of them are loosely built on or repackaged from existing families. One such case involves a sample resembling DragonForce ransomware, yet bearing several…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Malware Analysis
Top 3 Cyber Attacks in June 2025: GitHub Abuse, Control Flow Flattening, and More
June 2025 saw several sophisticated and stealthy cyber attacks that relied heavily on obfuscated scripts, abuse of legitimate services, and multi-stage delivery techniques. Among the key threats observed by ANY.RUN’s analysts were malware campaigns using GitHub for payload hosting, JavaScript employing control-flow flattening to drop Remcos, and obfuscated BAT scripts delivering NetSupport RAT. Let’s see…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Malware Analysis
Top 3 Cyber Attacks in June 2025: GitHub Abuse, Control Flow Flattening, and More
June 2025 saw several sophisticated and stealthy cyber attacks that relied heavily on obfuscated scripts, abuse of legitimate services, and multi-stage delivery techniques. Among the key threats observed by ANY.RUN’s analysts were malware campaigns using GitHub for payload hosting, JavaScript employing control-flow flattening to drop Remcos, and obfuscated BAT scripts delivering NetSupport RAT. Let’s see…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Malware Analysis
Top 3 Cyber Attacks in June 2025: GitHub Abuse, Control Flow Flattening, and More
June 2025 saw several sophisticated and stealthy cyber attacks that relied heavily on obfuscated scripts, abuse of legitimate services, and multi-stage delivery techniques. Among the key threats observed by ANY.RUN’s analysts were malware campaigns using GitHub for payload hosting, JavaScript employing control-flow flattening to drop Remcos, and obfuscated BAT scripts delivering NetSupport RAT. Let’s see…
ANYRUN, Cybersecurity, Emerging Tech, Global Security News, Malware Analysis
Top 3 Cyber Attacks in June 2025: GitHub Abuse, Control Flow Flattening, and More
June 2025 saw several sophisticated and stealthy cyber attacks that relied heavily on obfuscated scripts, abuse of legitimate services, and multi-stage delivery techniques. Among the key threats observed by ANY.RUN’s analysts were malware campaigns using GitHub for payload hosting, JavaScript employing control-flow flattening to drop Remcos, and obfuscated BAT scripts delivering NetSupport RAT. Let’s see…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Exploits, Global Security News, Malware Analysis, malware behavior
How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox
When malware infiltrates a system, it doesn’t always make noise. In fact, some of the most dangerous threats operate quietly embedding themselves deep within the system and ensuring they come back even after a reboot. One of the most common ways they achieve this is by abusing the Windows Registry. In this article, we’ll walk…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Exploits, Global Security News, Malware Analysis, malware behavior
How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox
When malware infiltrates a system, it doesn’t always make noise. In fact, some of the most dangerous threats operate quietly embedding themselves deep within the system and ensuring they come back even after a reboot. One of the most common ways they achieve this is by abusing the Windows Registry. In this article, we’ll walk…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Exploits, Global Security News, Malware Analysis, malware behavior
How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox
When malware infiltrates a system, it doesn’t always make noise. In fact, some of the most dangerous threats operate quietly embedding themselves deep within the system and ensuring they come back even after a reboot. One of the most common ways they achieve this is by abusing the Windows Registry. In this article, we’ll walk…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Exploits, Global Security News, Malware Analysis, malware behavior
How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox
When malware infiltrates a system, it doesn’t always make noise. In fact, some of the most dangerous threats operate quietly embedding themselves deep within the system and ensuring they come back even after a reboot. One of the most common ways they achieve this is by abusing the Windows Registry. In this article, we’ll walk…
ANYRUN, Cybersecurity, features, Global Security News, release, Service Updates
Simplify Threat Analysis and Boost Detection Rate with Detonation Actions
Threat analysis is a complex task that demands full attention, especially during active incidents, when every second counts. ANY.RUN’s Interactive Sandbox is designed to ease that pressure with an intuitive interface and fast threat detection. Our new feature, Detonation Actions, takes this further by highlighting detonation steps during analysis. When a specific action is needed…
ANYRUN, Cybersecurity, features, Global Security News, release, Service Updates
Simplify Threat Analysis and Boost Detection Rate with Detonation Actions
Threat analysis is a complex task that demands full attention, especially during active incidents, when every second counts. ANY.RUN’s Interactive Sandbox is designed to ease that pressure with an intuitive interface and fast threat detection. Our new feature, Detonation Actions, takes this further by highlighting detonation steps during analysis. When a specific action is needed…
ANYRUN, Cybersecurity, features, Global Security News, release, Service Updates
Simplify Threat Analysis and Boost Detection Rate with Detonation Actions
Threat analysis is a complex task that demands full attention, especially during active incidents, when every second counts. ANY.RUN’s Interactive Sandbox is designed to ease that pressure with an intuitive interface and fast threat detection. Our new feature, Detonation Actions, takes this further by highlighting detonation steps during analysis. When a specific action is needed…
ANYRUN, Cybersecurity, features, Global Security News, release, Service Updates
Simplify Threat Analysis and Boost Detection Rate with Detonation Actions
Threat analysis is a complex task that demands full attention, especially during active incidents, when every second counts. ANY.RUN’s Interactive Sandbox is designed to ease that pressure with an intuitive interface and fast threat detection. Our new feature, Detonation Actions, takes this further by highlighting detonation steps during analysis. When a specific action is needed…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis
Threat Hunting: Hands-on Tips for SOC Analysts and MSSPs
Editor’s note: The current article is authored by Clandestine, threat researcher and threat hunter. You can find Clandestine on X. Threat actors today are continuously developing sophisticated techniques to evade traditional detection methods. ANY.RUN’s Threat Intelligence Lookup offers advanced capabilities for threat data gathering and analysis. As a specialized search engine, it allows security analysts to query…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis
Threat Hunting: Hands-on Tips for SOC Analysts and MSSPs
Editor’s note: The current article is authored by Clandestine, threat researcher and threat hunter. You can find Clandestine on X. Threat actors today are continuously developing sophisticated techniques to evade traditional detection methods. ANY.RUN’s Threat Intelligence Lookup offers advanced capabilities for threat data gathering and analysis. As a specialized search engine, it allows security analysts to query…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis
Threat Hunting: Hands-on Tips for SOC Analysts and MSSPs
Editor’s note: The current article is authored by Clandestine, threat researcher and threat hunter. You can find Clandestine on X. Threat actors today are continuously developing sophisticated techniques to evade traditional detection methods. ANY.RUN’s Threat Intelligence Lookup offers advanced capabilities for threat data gathering and analysis. As a specialized search engine, it allows security analysts to query…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis
Threat Hunting: Hands-on Tips for SOC Analysts and MSSPs
Editor’s note: The current article is authored by Clandestine, threat researcher and threat hunter. You can find Clandestine on X. Threat actors today are continuously developing sophisticated techniques to evade traditional detection methods. ANY.RUN’s Threat Intelligence Lookup offers advanced capabilities for threat data gathering and analysis. As a specialized search engine, it allows security analysts to query…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis, malware sandbox
Why Businesses Are at Risk of Android Malware Attacks and How to Detect Them Early
It usually starts with something small: an app download, a strange text message, a tap on the wrong link. But when that device is also connected to company email, Slack, or cloud storage, it’s no longer just a personal problem. Android malware has become a serious risk for businesses. Attackers know mobile devices are often…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis, malware sandbox
Why Businesses Are at Risk of Android Malware Attacks and How to Detect Them Early
It usually starts with something small: an app download, a strange text message, a tap on the wrong link. But when that device is also connected to company email, Slack, or cloud storage, it’s no longer just a personal problem. Android malware has become a serious risk for businesses. Attackers know mobile devices are often…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis, malware sandbox
Why Businesses Are at Risk of Android Malware Attacks and How to Detect Them Early
It usually starts with something small: an app download, a strange text message, a tap on the wrong link. But when that device is also connected to company email, Slack, or cloud storage, it’s no longer just a personal problem. Android malware has become a serious risk for businesses. Attackers know mobile devices are often…
ANYRUN, Cybersecurity Lifehacks, Global Security News, Malware Analysis, malware sandbox
Why Businesses Are at Risk of Android Malware Attacks and How to Detect Them Early
It usually starts with something small: an app download, a strange text message, a tap on the wrong link. But when that device is also connected to company email, Slack, or cloud storage, it’s no longer just a personal problem. Android malware has become a serious risk for businesses. Attackers know mobile devices are often…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, Global Security News
5 Key Ways Threat Intelligence Feeds Drive SOC Performance
Modern Security Operations Centers (SOCs) face an unprecedented challenge: defending against an ever-evolving threat landscape while managing alert fatigue, resource constraints, and the need for rapid response times. The integration of high-quality Threat Intelligence (TI) feeds has proven itself as a force multiplier for SOC teams, transforming reactive security postures into proactive defense strategies. ANY.RUN’s…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, Global Security News
5 Key Ways Threat Intelligence Feeds Drive SOC Performance
Modern Security Operations Centers (SOCs) face an unprecedented challenge: defending against an ever-evolving threat landscape while managing alert fatigue, resource constraints, and the need for rapid response times. The integration of high-quality Threat Intelligence (TI) feeds has proven itself as a force multiplier for SOC teams, transforming reactive security postures into proactive defense strategies. ANY.RUN’s…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, Global Security News
5 Key Ways Threat Intelligence Feeds Drive SOC Performance
Modern Security Operations Centers (SOCs) face an unprecedented challenge: defending against an ever-evolving threat landscape while managing alert fatigue, resource constraints, and the need for rapid response times. The integration of high-quality Threat Intelligence (TI) feeds has proven itself as a force multiplier for SOC teams, transforming reactive security postures into proactive defense strategies. ANY.RUN’s…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, Global Security News
5 Key Ways Threat Intelligence Feeds Drive SOC Performance
Modern Security Operations Centers (SOCs) face an unprecedented challenge: defending against an ever-evolving threat landscape while managing alert fatigue, resource constraints, and the need for rapid response times. The integration of high-quality Threat Intelligence (TI) feeds has proven itself as a force multiplier for SOC teams, transforming reactive security postures into proactive defense strategies. ANY.RUN’s…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, cybersecurity training, Global Security News
How SOC Teams Save Time and Effort with ANY.RUN: Action Plan
Recently, we hosted a webinar exploring the everyday challenges SOC teams face and how ANY.RUN helps solve them. From low detection rates to alert fatigue, poor coordination, and infrastructure overhead, our team outlined a practical action plan to tackle it all. Missed the session? You can watch it on ANY.RUN’s YouTube channel. Here are the…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, cybersecurity training, Global Security News
How SOC Teams Save Time and Effort with ANY.RUN: Action Plan
Recently, we hosted a webinar exploring the everyday challenges SOC teams face and how ANY.RUN helps solve them. From low detection rates to alert fatigue, poor coordination, and infrastructure overhead, our team outlined a practical action plan to tackle it all. Missed the session? You can watch it on ANY.RUN’s YouTube channel. Here are the…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, cybersecurity training, Global Security News
How SOC Teams Save Time and Effort with ANY.RUN: Action Plan
Recently, we hosted a webinar exploring the everyday challenges SOC teams face and how ANY.RUN helps solve them. From low detection rates to alert fatigue, poor coordination, and infrastructure overhead, our team outlined a practical action plan to tackle it all. Missed the session? You can watch it on ANY.RUN’s YouTube channel. Here are the…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, cybersecurity training, Global Security News
How SOC Teams Save Time and Effort with ANY.RUN: Action Plan
Recently, we hosted a webinar exploring the everyday challenges SOC teams face and how ANY.RUN helps solve them. From low detection rates to alert fatigue, poor coordination, and infrastructure overhead, our team outlined a practical action plan to tackle it all. Missed the session? You can watch it on ANY.RUN’s YouTube channel. Here are the…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: TAXII Support for TI Feeds, New Sandbox Onboarding, and 900+ Detection Rules
We’ve packed May with updates to make your experience smoother and your threat detection even sharper. Whether you’re just getting started or knee-deep in malware every day, these changes are here to save you time and give you better insights. In this update: A brand-new onboarding tutorial in the sandbox to guide you step by…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: TAXII Support for TI Feeds, New Sandbox Onboarding, and 900+ Detection Rules
We’ve packed May with updates to make your experience smoother and your threat detection even sharper. Whether you’re just getting started or knee-deep in malware every day, these changes are here to save you time and give you better insights. In this update: A brand-new onboarding tutorial in the sandbox to guide you step by…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: TAXII Support for TI Feeds, New Sandbox Onboarding, and 900+ Detection Rules
We’ve packed May with updates to make your experience smoother and your threat detection even sharper. Whether you’re just getting started or knee-deep in malware every day, these changes are here to save you time and give you better insights. In this update: A brand-new onboarding tutorial in the sandbox to guide you step by…
ANYRUN, Cybersecurity, Emerging Tech, features, Global Security News, release, Service Updates
Release Notes: TAXII Support for TI Feeds, New Sandbox Onboarding, and 900+ Detection Rules
We’ve packed May with updates to make your experience smoother and your threat detection even sharper. Whether you’re just getting started or knee-deep in malware every day, these changes are here to save you time and give you better insights. In this update: A brand-new onboarding tutorial in the sandbox to guide you step by…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Global Security News, Malware Analysis, malware behavior
How MSSPs Can Analyze and Investigate Phishing Attacks with ANY.RUN
Phishing attacks have become a pervasive and escalating threat across various industries, notably in finance, manufacturing, and healthcare. For Managed Security Service Providers (MSSPs), the challenge lies in swiftly identifying and mitigating these threats to safeguard client infrastructures and uphold service integrity. This case study explores how ANY.RUN’s Threat Intelligence Lookup and Interactive Sandbox can…
ANYRUN, Global Security News, Malware Analysis, malware behavior
How MSSPs Can Analyze and Investigate Phishing Attacks with ANY.RUN
Phishing attacks have become a pervasive and escalating threat across various industries, notably in finance, manufacturing, and healthcare. For Managed Security Service Providers (MSSPs), the challenge lies in swiftly identifying and mitigating these threats to safeguard client infrastructures and uphold service integrity. This case study explores how ANY.RUN’s Threat Intelligence Lookup and Interactive Sandbox can…
ANYRUN, Global Security News, Malware Analysis, malware behavior
How MSSPs Can Analyze and Investigate Phishing Attacks with ANY.RUN
Phishing attacks have become a pervasive and escalating threat across various industries, notably in finance, manufacturing, and healthcare. For Managed Security Service Providers (MSSPs), the challenge lies in swiftly identifying and mitigating these threats to safeguard client infrastructures and uphold service integrity. This case study explores how ANY.RUN’s Threat Intelligence Lookup and Interactive Sandbox can…
ANYRUN, Global Security News, Malware Analysis, malware behavior
How MSSPs Can Analyze and Investigate Phishing Attacks with ANY.RUN
Phishing attacks have become a pervasive and escalating threat across various industries, notably in finance, manufacturing, and healthcare. For Managed Security Service Providers (MSSPs), the challenge lies in swiftly identifying and mitigating these threats to safeguard client infrastructures and uphold service integrity. This case study explores how ANY.RUN’s Threat Intelligence Lookup and Interactive Sandbox can…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, features, Global Security News, malware
How SOC Teams Improve Mean Time to Detect and Other KPIs with Threat Intelligence Feeds
Security Operations Centers (SOCs) are under constant pressure to detect threats faster, respond more effectively, and reduce operational noise. Metrics like Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), False Positive Rate (FPR), and True Positive Rate (TPR) are more than just numbers — they define the health and impact of a business…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, features, Global Security News, malware
How SOC Teams Improve Mean Time to Detect and Other KPIs with Threat Intelligence Feeds
Security Operations Centers (SOCs) are under constant pressure to detect threats faster, respond more effectively, and reduce operational noise. Metrics like Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), False Positive Rate (FPR), and True Positive Rate (TPR) are more than just numbers — they define the health and impact of a business…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, features, Global Security News, malware
How SOC Teams Improve Mean Time to Detect and Other KPIs with Threat Intelligence Feeds
Security Operations Centers (SOCs) are under constant pressure to detect threats faster, respond more effectively, and reduce operational noise. Metrics like Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), False Positive Rate (FPR), and True Positive Rate (TPR) are more than just numbers — they define the health and impact of a business…
ANYRUN, Cybersecurity, Cybersecurity Lifehacks, Emerging Tech, features, Global Security News, malware
How SOC Teams Improve Mean Time to Detect and Other KPIs with Threat Intelligence Feeds
Security Operations Centers (SOCs) are under constant pressure to detect threats faster, respond more effectively, and reduce operational noise. Metrics like Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), False Positive Rate (FPR), and True Positive Rate (TPR) are more than just numbers — they define the health and impact of a business…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis, malware behavior, North America
How Adversary Telegram Bots Help to Reveal Threats: Case Study
While analyzing malware samples uploaded to ANY.RUN’s Interactive Sandbox, one particular case marked as “phishing” and “Telegram” drew the attention of our security analysts. Although this analysis session wasn’t attributed to any known malware family or threat actor group, the analysis revealed that Telegram bots were being used for data exfiltration. This led us to…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis, malware behavior, North America
How Adversary Telegram Bots Help to Reveal Threats: Case Study
While analyzing malware samples uploaded to ANY.RUN’s Interactive Sandbox, one particular case marked as “phishing” and “Telegram” drew the attention of our security analysts. Although this analysis session wasn’t attributed to any known malware family or threat actor group, the analysis revealed that Telegram bots were being used for data exfiltration. This led us to…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis, malware behavior, North America
How Adversary Telegram Bots Help to Reveal Threats: Case Study
While analyzing malware samples uploaded to ANY.RUN’s Interactive Sandbox, one particular case marked as “phishing” and “Telegram” drew the attention of our security analysts. Although this analysis session wasn’t attributed to any known malware family or threat actor group, the analysis revealed that Telegram bots were being used for data exfiltration. This led us to…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis, malware behavior, North America
How Adversary Telegram Bots Help to Reveal Threats: Case Study
While analyzing malware samples uploaded to ANY.RUN’s Interactive Sandbox, one particular case marked as “phishing” and “Telegram” drew the attention of our security analysts. Although this analysis session wasn’t attributed to any known malware family or threat actor group, the analysis revealed that Telegram bots were being used for data exfiltration. This led us to…
ANYRUN, Cybersecurity, Global Security News, News, release, update
We’re 9! Special Thanks (and Special Offers) Just for You
Time really flies. Nine years ago, we set out with a simple goal: to make malware analysis faster, easier, and more accessible for analysts and security teams everywhere. We started as a small group of researchers with a big idea. Today, ANY.RUN is trusted by over 15,000 companies and half a million professionals around the…
ANYRUN, Cybersecurity, Global Security News, News, release, update
We’re 9! Special Thanks (and Special Offers) Just for You
Time really flies. Nine years ago, we set out with a simple goal: to make malware analysis faster, easier, and more accessible for analysts and security teams everywhere. We started as a small group of researchers with a big idea. Today, ANY.RUN is trusted by over 15,000 companies and half a million professionals around the…
ANYRUN, Cybersecurity, Global Security News, News, release, update
We’re 9! Special Thanks (and Special Offers) Just for You
Time really flies. Nine years ago, we set out with a simple goal: to make malware analysis faster, easier, and more accessible for analysts and security teams everywhere. We started as a small group of researchers with a big idea. Today, ANY.RUN is trusted by over 15,000 companies and half a million professionals around the…
ANYRUN, Cybersecurity, Global Security News, News, release, update
We’re 9! Special Thanks (and Special Offers) Just for You
Time really flies. Nine years ago, we set out with a simple goal: to make malware analysis faster, easier, and more accessible for analysts and security teams everywhere. We started as a small group of researchers with a big idea. Today, ANY.RUN is trusted by over 15,000 companies and half a million professionals around the…
ANYRUN, Cybersecurity, Global Security News, News, update
ANY.RUN Becomes a Gold Winner in Threat Intelligence at Globee Awards 2025
We are honored to announce that ANY.RUN became a gold winner at the annual Globee Business Awards 2025. The award aims to recognize and celebrate excellence in various industries worldwide, including cybersecurity. Our solution, ANY.RUN’s TI Lookup, was named best in the Cyber Threat Intelligence category. We believe that threat intelligence is an essential aspect…
ANYRUN, Cybersecurity, Global Security News, News, update
ANY.RUN Becomes a Gold Winner in Threat Intelligence at Globee Awards 2025
We are honored to announce that ANY.RUN became a gold winner at the annual Globee Business Awards 2025. The award aims to recognize and celebrate excellence in various industries worldwide, including cybersecurity. Our solution, ANY.RUN’s TI Lookup, was named best in the Cyber Threat Intelligence category. We believe that threat intelligence is an essential aspect…
ANYRUN, Cybersecurity, Global Security News, News, update
ANY.RUN Becomes a Gold Winner in Threat Intelligence at Globee Awards 2025
We are honored to announce that ANY.RUN became a gold winner at the annual Globee Business Awards 2025. The award aims to recognize and celebrate excellence in various industries worldwide, including cybersecurity. Our solution, ANY.RUN’s TI Lookup, was named best in the Cyber Threat Intelligence category. We believe that threat intelligence is an essential aspect…