Anyrun

Editor’s note: The current article is authored by RacWatchin8872, who is a threat intelligence analyst. You can find him on X.  This article covers two distinct methods used to infect systems with AsyncRAT via open directories. These techniques show how attackers are constantly adapting, finding new ways to use publicly accessible files to broaden AsyncRAT’s […]

The post AsyncRAT’s Infection Tactics <br>via Open Directories: Technical Analysis  appeared first on ANY.RUN's Cybersecurity Blog.

Welcome to ANY.RUN‘s monthly updates, where we share our latest achievements and improvements.  October has been another productive month here at ANY.RUN, filled with new features to enhance your cybersecurity toolkit. We’ve introduced TI Lookup Notifications for real-time threat updates, rolled out a newly improved Linux sandbox for smoother malware analysis, and added the ability to export STIX reports for seamless […]

The post Release Notes: TI Lookup Notifications, Upgraded Linux Sandbox, STIX Reports, <br>and More  appeared first on ANY.RUN's Cybersecurity Blog.

Dr. Jim Furstenberg is a distinguished faculty member in the Ferris State University Information Security and Intelligence program. Since joining the faculty in 2014, he has combined his extensive industry experience — including roles as Chief Information Officer, Cybersecurity Consultant, and Chief Operating Officer — with his passion for teaching.  With an information technology/security career […]

The post Expert Q&A: Dr. Jim Furstenberg on Cybersecurity Education and Practice  appeared first on ANY.RUN's Cybersecurity Blog.

Network traffic analysis provides critical insights into malware and phishing attacks. Doing it effectively requires using proper tools like ANY.RUN’s Interactive Sandbox. It simplifies the entire process, letting you investigate threats with ease and speed. Take a look at the key ways you can monitor and analyze network activity with the service. Connections  Examining network […]

The post How to Capture, Decrypt, and Analyze Malicious Network Traffic with ANY.RUN appeared first on ANY.RUN's Cybersecurity Blog.

In this article, we’ll explore the most common types of protectors—packers and crypters—along with simple ways to detect and remove them.   We’ll also introduce some useful tools to simplify the process and improve your malware analysis skills.  What Are Protectors and What Types Are There?  Protectors are tools designed to complicate code analysis, making […]

The post Packers and Crypters in Malware <br>and How to Remove Them appeared first on ANY.RUN's Cybersecurity Blog.

Using Threat Intelligence (TI) feeds in your cybersecurity strategy can significantly impact not only your organization’s security posture but also its business performance. Such an integration brings many benefits that directly and indirectly improve cost-efficiency, operational effectiveness, and strategic decision-making. Let’s explore these improvements in detail. Cost Savings and ROI Investing in TI feeds can […]

The post How TI Feeds Support Organizational Performance appeared first on ANY.RUN's Cybersecurity Blog.

Identifying new cyber threats is no simple task. They’re always evolving, adapting, and finding new ways to slip through the defenses.   But no stress—ANY.RUN has you covered!  Our team of researchers are always on the lookout, analyzing the latest attacks to keep you informed.   In this article, we’re sharing some of the most recent threats […]

The post Recent Cyber Attacks Discovered by ANY.RUN: October 2024 appeared first on ANY.RUN's Cybersecurity Blog.

We are thrilled to announce a significant enhancement to Threat Intelligence Lookup — Notifications. The new functionality allows users to subscribe to real-time notifications for new results related to their specified queries. Tracking emerging and evolving cyber threats has never been easier. What Are Lookup Notifications?  Lookup Notifications enable users to receive timely updates on […]

The post Notifications in Threat Intelligence Lookup  appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mostafa ElSheimy, a malware reverse engineer and threat intelligence analyst. You can find Mostafa on X and LinkedIn.  In this malware analysis report, we take an in-depth look at how the Remote Access Trojan (RAT) DarkComet has been used by attackers to remotely control systems, steal sensitive […]

The post DarkComet RAT: <br>Technical Analysis of Attack Chain appeared first on ANY.RUN's Cybersecurity Blog.

We’re excited to share ANY.RUN‘s latest malware trends analysis for Q3 2024. Our quarterly update provides insights into the most widely deployed malware families, types, and TTPs we saw during the last 3 months of the year. Summary In Q3 2024, ANY.RUN users ran 1,090,457 public interactive analysis sessions, which is a 23.7% increase from […]

The post Malware Trends Report: Q3, 2024 appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article was originally published on August 16, 2022, and updated on October 21, 2024. Malware analysis is a challenge as it is. But after your hard work on cracking a new sample, it is important to present all your results to the company and colleagues. And today, we will talk about how […]

The post Malware Analysis Report in One Click appeared first on ANY.RUN's Cybersecurity Blog.

To stay safe from cyber attacks, organizations need effective ways to gather information about threats before they cause irreparable damage. Let’s look at several methods for gathering threat intelligence (TI) to see how they can help you gain a better view of the current threat landscape.  Why is Threat Intelligence Important?  Threat intelligence is important […]

The post Cyber Information Gathering: Techniques <br>and Tools for Effective Threat Research  appeared first on ANY.RUN's Cybersecurity Blog.

At ANY.RUN, we’re always working to improve our services, and this time, we’ve focused on making our Linux sandbox even better. We’ve fine-tuned every detail to ensure it runs as smoothly and reliably as our Windows environment.   From bug fixes to feature enhancements, our Linux sandbox is now more powerful and stable than ever, […]

The post ANY.RUN’s Upgraded Linux Sandbox <br>for Fast and Secure Malware Analysis appeared first on ANY.RUN's Cybersecurity Blog.

We are excited to announce the release of an updated AI assistant, which brings powerful analysis capabilities right to your private sessions in the ANY.RUN sandbox. With our new assistant, we’ve taken things to the next level by combining deep, insightful analysis with the privacy and security you need.  AI Reports Are Now Available for […]

The post Private AI Assistant for Malware Analysis <br>in ANY.RUN Sandbox appeared first on ANY.RUN's Cybersecurity Blog.

In the rapidly evolving landscape of cybersecurity, access to high-quality threat intelligence feeds is crucial for detecting and mitigating threats in real time. Not all feeds are created equal, however, and choosing the right one can make a significant difference in your organization’s defense strategy. Let’s explore five key characteristics of good threat intelligence feeds […]

The post 5 Characteristics <br>of Good Threat Intelligence Feeds appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mohamed Talaat, a cybersecurity researcher and malware analyst. You can find Mohamed on X and LinkedIn. In this malware analysis report, we take an in-depth look at how an undocumented loader called PhantomLoader has been used by attackers to distribute a rust-based malware known as SSLoad. Overview The PhantomLoader usually […]

The post New PhantomLoader Malware Distributes SSLoad: Technical Analysis appeared first on ANY.RUN's Cybersecurity Blog.

Welcome to ANY.RUN‘s monthly updates, where we share our team’s achievements over the past month.  September has been a productive month at ANY.RUN, packed with exciting new features and improvements. We’ve launched Safebrowsing, a powerful tool that lets you safely check suspicious URLs in an isolated browser.  In addition to that, we’ve integrated with Splunk, […]

The post Release Notes: Safebrowsing, Private AI Assistant, Splunk Integration, and more appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Anna Pham (also known as RussianPanda), a threat intelligence researcher. You can find her latest research and insights on X, LinkedIn, and her blog. ANY.RUN introduced Threat Intelligence Lookup in February 2024, followed by the YARA Search in April 2024. This article will explore both services and […]

The post TI Lookup: Real-World Use Cases <br>from a Malware Researcher appeared first on ANY.RUN's Cybersecurity Blog.

Gathering Indicators of Compromise (IOCs) is key to identifying and responding to threats. IOCs are pieces of forensic data that point to potential malicious activity, helping you detect, investigate, and prevent cyberattacks. With ANY.RUN, you can collect a wide variety of IOCs, giving you a complete picture of any threat.  Let’s dive into the types […]

The post How to Collect Indicators of Compromise <br>in the ANY.RUN Sandbox appeared first on ANY.RUN's Cybersecurity Blog.

Often, malware uses platforms like — Telegram and Discord for data exfiltration. Due to its simplicity and the lack of need for building a server architecture, this exfiltration method has gained significant popularity. However, this very simplicity is also its weakness.  In this article we’ll show you how to obtain information related to threat actors’ […]

The post How to Intercept Data Exfiltrated by Malware via Telegram and Discord appeared first on ANY.RUN's Cybersecurity Blog.