Anyrun

Network traffic analysis is one of the most effective ways to detect and investigate malware infections. By analyzing communication patterns, researchers and security teams can uncover signs of malicious activity, such as command-and-control (C2) connections, data exfiltration, or DDoS attacks.  In this guide, we’ll explore how traffic analysis helps detect malware, the key tools used […]

The post Malware Traffic Analysis in Linux: Hands-on Guide with Examples appeared first on ANY.RUN's Cybersecurity Blog.

Phishing kits have invested greatly in the popularity of phishing. They drop the entry threshold for cybercriminals enabling even low-skilled hackers to conduct successful attacks.   In general, a phishing kit is a set of tools for creating convincing fake webpages, sites, or emails that trick users into divulging sensitive information like passwords or credit […]

The post How to Identify and Investigate Phishing Kit Attacks appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X.  From December 20 to 24, 2024, the Quetzal Team identified a phishing campaign targeting the cryptocurrency and fintech sectors. This campaign aimed to distribute a newly discovered stealer malware, which we have […]

The post Zhong Stealer Analysis: New Malware Targeting Fintech and Cryptocurrency appeared first on ANY.RUN's Cybersecurity Blog.

ANY.RUN proudly presents Threat Intelligence Reports: investigative reports on cyber threats and attacks focused on delivering actionable insights to security professionals and decision makers.    Manually composed by our experienced analysts, the Reports provide data for threat monitoring and detection, incident mitigation and response, R&D, education, strategic planning and compliance.  These detailed attack overviews are based […]

The post Threat Intelligence Reports: Get Fresh Research on the Latest Cyber Attacks and APTs appeared first on ANY.RUN's Cybersecurity Blog.

Advanced persistent threats (APTs) stand out as one of the most formidable challenges for businesses in the cybersecurity landscape. These threats can cause irreparable damage, leading to financial losses, data breaches, and reputational harm.  APTs are defined as sophisticated targeted attacks typically conducted by highly funded adversaries: national agencies, state-sponsored groups, organized crime groups, corporate […]

The post How to Track Advanced Persistent Threats appeared first on ANY.RUN's Cybersecurity Blog.

Recently we had a chance to sit down for a chat with the Head of Cybersecurity at an investment bank. An hour-long conversation gave a sneak peek into the work of their cybersec team, challenges they face, and the use of ANY.RUN’s Interactive Sandbox.   Here’s what we learned.  Company and Team Overview  We’re an investment […]

The post I Used a Sandbox to Strengthen Bank’s Security—Here’s How It Worked appeared first on ANY.RUN's Cybersecurity Blog.

Phishing attempts, malicious redirects, and hidden malware can lurk in seemingly harmless links, putting your company’s data and systems at risk. To streamline threat detection and response, ANY.RUN has upgraded its browser extension, making the Safebrowsing feature free for all users.  How Safebrowsing Works in ANY.RUN’s Extension  Safebrowsing from ANY.RUN provides a fully functional browser, allowing users to […]

The post Instant URL Analysis: Use Safebrowsing via ANY.RUN’s Extension appeared first on ANY.RUN's Cybersecurity Blog.

Less than a month after its launch, DeepSeek has already shaken up the industry, caused NVidia’s stock to shed $600 billion, and sparked political controversy.   Now, the AI company is dealing with the consequences of major cyber attacks. As of February 5, DeepSeek is still having trouble letting new users join.   Let’s review the entire […]

The post Cyber Attacks on DeepSeek AI: What Really Happened? Full Timeline and Analysis appeared first on ANY.RUN's Cybersecurity Blog.

Hello, cybersecurity enthusiasts!  January may often feel like a slow month, but at ANY.RUN, we’ve been hard at work behind the scenes, focusing on system and threat coverage updates.  As the new year kicked off, our team dived straight into fine-tuning the platform, optimizing performance, and strengthening detection capabilities.  Now that February is here, let’s […]

The post Release Notes: System Updates, New YARA and Suricata Rules, Signatures, and More appeared first on ANY.RUN's Cybersecurity Blog.

Our cyber threat analysts detected and explored a number of malware campaigns this January. Here are the three most dangerous attacks dissected with the aid of ANY.RUN’s Interactive Sandbox and Threat Intelligence Lookup.  Fake YouTube links redirect users to phishing pages  Original post on X  Using the Uniform Resource Identifier authority (URI), phishers obfuscate links […]

The post 3 Major Cyber Attacks in January 2025 appeared first on ANY.RUN's Cybersecurity Blog.

Ransomware attacks have become a relentless threat to the healthcare sector, exposing sensitive patient data, disrupting life-saving treatments, and placing lives at risk. With healthcare systems underfunded and critical infrastructure vulnerable, cybercriminals find this sector an easy and lucrative target.  In recent years, ransomware attacks have not only caused financial losses but have also shaken […]

The post Interlock Ransomware: Analysis of Attacks on US Healthcare Providers appeared first on ANY.RUN's Cybersecurity Blog.

Lost documents, stolen code, exposed customer data, and a falling stock price are all common consequences of just one click on a ransomware file. To avoid this problem, you need proper security tools and, most importantly, knowledge of how ransomware attacks are carried out.  This quick guide will explain how ransomware works and the simple […]

The post How to Prevent a Ransomware Attack on a Business: A Lynx Malware Use Case appeared first on ANY.RUN's Cybersecurity Blog.

The growing dependence on digital technology of modern businesses makes them vulnerable to cyber threats. For three years in a row, manufacturing has stayed the sector most targeted by cyberattacks, IBM reports. Industrial companies suffered from more than 25% of security incidents recorded last year, the majority of them being ransomware attacks. Investing in comprehensive […]

The post How Threat Intelligence Lookup Helps Enterprises appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. Recently, during October and November, we observed a rise in North Korean activity employing a well-known and distinctive technique: staging job interview processes to spread multiple malware families. This signature technique was […]

The post InvisibleFerret Malware: Technical Analysis appeared first on ANY.RUN's Cybersecurity Blog.

2024 has been an eventful year in the world of cybersecurity, with new trends emerging and malware families evolving at an alarming rate. Our analysis highlights the most prevalent malware families, types, and TTPs of the year, giving you a snapshot of the changing threat landscape.  This report is based on the analysis of 4,001,036 […]

The post Malware Trends Overview Report: 2024 appeared first on ANY.RUN's Cybersecurity Blog.

Every ticking second is a chance for cyber threats to creep in.  For businesses, the stakes couldn’t be higher. One malicious email opened by an employee, and the malware can spread across office computers faster than mushrooms after rain. The consequences? Lost data, financial damage, and a hit to your company’s reputation.  To stop these […]

The post YARA Rules: Cyber Threat Detection Tool for Modern Cybersecurity appeared first on ANY.RUN's Cybersecurity Blog.

Pivoting in cyber threat intelligence refers to using one piece of data to find and explore related information and expand your understanding of a threat. It lets you discover hidden connections between indicators of compromise and find potential vulnerabilities before they are exploited.   Why pivoting matters  Cyber threat intelligence concentrates on indicators of compromise, IOCs. […]

The post Threat Intelligence Pivoting: Actionable Insights Behind Indicators appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s Note: This article was originally published on June 11, 2024, and updated on January 9, 2025. The ANY.RUN Threat Intelligence Feeds provide data on the known indicators of compromise: malicious IPs, URLs, domains, files, and ports.    The data is collected and pre-processed from public malware and phishing samples analyzed by our community of […]

The post Integrate ANY.RUN Threat Intelligence Feeds with Your Security Platform appeared first on ANY.RUN's Cybersecurity Blog.

As we wrap up 2024, let’s take a moment to reflect on what an incredible year it’s been for ANY.RUN. Together, we’ve achieved so much: breaking barriers, improving tools, and working side by side with you, our amazing community of cybersecurity heroes.  From big product launches to small tweaks that make a huge difference, everything […]

The post 2024 Wrapped: A Year of Growth, Innovation, and Community at ANY.RUN  appeared first on ANY.RUN's Cybersecurity Blog.

Can you believe 2024 has come to an end? As we prepare to step into 2025, we’re excited to share key updates on the cybersecurity front from Q4. The last three months were anything but quiet—new threats emerged, familiar ones evolved, and cybercriminals kept raising the stakes.  At ANY.RUN, we’ve been monitoring these shifts every […]

The post Malware Trends Report: Q4, 2024  appeared first on ANY.RUN's Cybersecurity Blog.