Anyrun

An emerging threat is a new or evolving cybersecurity risk that is particularly challenging to defend against due to the lack of intelligence on its attack methods, strategies, and techniques.  These threats can take various forms, from sophisticated malware to unconventional attack vectors. They also often exploit new vulnerabilities or technologies that can bypass current […]

The post What Are Emerging Threats <br>and How to Investigate Them appeared first on ANY.RUN's Cybersecurity Blog.

We’re excited to share that ANY.RUN has been honored with multiple recognitions from G2, the world’s leading business software and services review platform!   As always, we’re committed to providing top-tier malware analysis and system security solutions to all our customers, which is reflected in these titles ANY.RUN received on G2:  Here’s what each title […]

The post ANY.RUN Recognized as a Leader in Multiple G2 Categories for 2024 appeared first on ANY.RUN's Cybersecurity Blog.

We’ve uncovered a new campaign delivering DeerStealer malware by exploiting Google’s own advertising platform and other legitimate services.  Read in-depth analysis of DeerStealer.  What’s happening?  Adversaries are impersonating Google Authenticator in Google Ads to deliver the DeerStealer information-stealing malware.  Easily analyze malware in ANY.RUN sandbox  Get started free The campaign uses sophisticated techniques to evade […]

The post Fake Google Authenticator Website Installs Malware via Google Ads appeared first on ANY.RUN's Cybersecurity Blog.

Welcome to ANY.RUN‘s monthly updates, where we share our team’s achievements over the past month.   In July, we introduced new features in Threat Intelligence Lookup, added Windows 10 for free users, reduced task startup time, implemented numerous YARA rules and signatures, and expanded our Suricata ruleset.   Let’s break down what’s new in ANY.RUN […]

The post Release Notes: New IOCs in TI Lookup, Network Threats Tab, Free Windows 10 VM, and More appeared first on ANY.RUN's Cybersecurity Blog.

Our team recently uncovered a malware distribution campaign for a threat we’ve named DeerStealer.  The malware was spread through fake Google Authenticator websites, captured in this analysis session.  The site appears to be a Google page offering the application for download. The first site we discovered, authentificcatorgoolglte[.]com, mimics safety.google/intl/en_my/cybersecurity-advancements:  Clicking the Download button sends visitor […]

The post Brief Overview of the DeerStealer Distribution Campaign  appeared first on ANY.RUN's Cybersecurity Blog.

TTPs stands for Tactics, Techniques, and Procedures, a concept commonly used in cybersecurity to describe the behavior patterns of threat actors or adversaries. What are TTPs? TTPs refer to the specific methods and patterns that adversaries use to carry out their objectives. Understanding TTPs is crucial for defenders to anticipate, detect, and respond to threats […]

The post What are TTPs: Tactics, Techniques <br>and Procedures appeared first on ANY.RUN's Cybersecurity Blog.

Indicators of compromise (IOCs) are essential for proactive cybersecurity. They help you identify and respond to threats effectively. However, getting high-quality IOCs can be difficult, as the best source for this data is the malware’s code, analyzing which often requires hours of intensive work.  ANY.RUN sandbox users know that config-extracted indicators can be easily found […]

The post Collect and Use IOCs from Malware Configs <br> in TI Lookup  appeared first on ANY.RUN's Cybersecurity Blog.

At ANY.RUN, we’re all about making in-depth technical information accessible. One of the ways we do this is by providing you with various detailed, yet easy-to-understand reports on malware behavior. One such report is Process graph.  What is Process graph?  Process graph is a report that visually shows how system processes, especially malicious ones, relate […]

The post See Malicious Process Relationships <br> on a Visual Graph  appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mohamed Talaat, a cybersecurity researcher and malware analyst. You can find Mohamed on X and LinkedIn. Brute Ratel C4 (BRC4) is a customized, commercial command and control (C2) framework that was first introduced in December 2020. Its primary use is for conducting adversarial attack simulation, red-team engagements, […]

The post Brute Ratel C4 Badger Used to Load Latrodectus appeared first on ANY.RUN's Cybersecurity Blog.

A recent update by CrowdStrike on July 18, 2024, resulted in a worldwide outage, causing significant disruption for users who were left with blue screens of death (BSODs) on their devices. Cybercriminals seized the opportunity to target affected users with phishing scams and malware.  The ANY.RUN team has been closely monitoring the situation after the […]

The post Find Threats Exploiting CrowdStrike Outage <br> with TI Lookup   appeared first on ANY.RUN's Cybersecurity Blog.

Cyber Threat Intelligence is a powerful tool that helps organizations make sense of the vast amounts of data generated by their cybersecurity systems.  By analyzing this data, cyber threat intelligence provides insights into the specific details of an organization’s security posture. It enables security teams to identify risks, anticipate potential threats, and assess the effectiveness […]

The post What Are the 3 Types of Threat Intelligence Data appeared first on ANY.RUN's Cybersecurity Blog.

Today, we’re sitting down with Aaron Fillmore, president and co-founder of Cyber Info, a nonprofit dedicated to making cybersecurity education accessible to all. We’ll talk about what Cyber Info is, where the platform is so far, and how Aaron plans to use it to empower the next generation of cybersecurity professionals. A few words about […]

The post Expert Q&A: Aaron Fillmore on his Cybersec Nonprofit — Cyber Info appeared first on ANY.RUN's Cybersecurity Blog.

We’re excited to share ANY.RUN‘s latest malware trends analysis for Q2 2024! Our quarterly update provides insights into the most widely deployed malware families, types, and TTPs we saw during the last 3 months of the year.  Summary  In Q2 2024, ANY.RUN users ran 881,466 public interactive analysis sessions, which is a 0.5% increase from […]

The post Malware Trends Report: Q2, 2024  appeared first on ANY.RUN's Cybersecurity Blog.