Anyrun

Cyber threat intelligence is all about data: its collection, exploration and research, extracting actionable insight. If you employ any intelligence solution, it is vital to understand what data sources it relies on and what kind of information they deliver.   In ANY.RUN’s Threat Intelligence Lookup and TI Feeds, we leverage fresh data from millions of sandbox […]

The post How We Enrich TI Lookup and Feeds with Fresh Threat Data from 15,000 Organizations appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mohamed Talaat, a cybersecurity researcher and malware analyst. You can find Mohamed on X and LinkedIn.  In this article, we’re diving into GorillaBot, a newly discovered botnet built on Mirai’s code. It’s been spotted launching hundreds of thousands of attacks across the globe, and it’s got some […]

The post GorillaBot: Technical Analysis and Code Similarities with Mirai appeared first on ANY.RUN's Cybersecurity Blog.

It is with great pleasure and gratitude that we announce our victory at the Cybersecurity Excellence Awards 2025, an annual competition for individuals and companies that stand out in the field of information security held by a major online community Cybersecurity Insiders.  Our service, ANY.RUN Threat Intelligence Lookup, was named best among leading threat intelligence […]

The post TI Lookup Named Best Threat Intelligence Service at Cybersecurity Excellence Awards appeared first on ANY.RUN's Cybersecurity Blog.

Malware analysis is a promising yet competitive career path, where education must be taken seriously to stand up against ever-evolving threats. The demand for such professionals has never been higher, but the requirements and expectations are not low either.   A specific mindset and a number of well-developed soft skills are no less vital than a […]

The post Decoding a Malware Analyst: Essential Skills and Expertise appeared first on ANY.RUN's Cybersecurity Blog.

It’s here! The news security teams have been waiting for: ANY.RUN now fully supports Android OS in its interactive sandbox!  Now, you can investigate Android malware in a real ARM-based sandbox, exactly as it would behave on an actual mobile device. No more blind spots or unreliable analysis.  With this release, ANY.RUN allows SOC teams, […]

The post Expose Android Malware in Seconds: ANY.RUN Sandbox Now Supports Real-Time APK Analysis  appeared first on ANY.RUN's Cybersecurity Blog.

ANY.RUN sandbox just got even more powerful thanks to a new pre-installed development software set in its virtual machines (VMs).  Building on our existing pre-installed sets, we’re introducing this new option to give researchers even more flexibility and advanced tools for analyzing highly specific and complex malware inside the sandbox.  With this update, before launching an analysis session, users […]

The post New Pre-Installed Dev Tools for Deep Sandbox Malware Analysis  appeared first on ANY.RUN's Cybersecurity Blog.

Artificial Intelligence (AI) becomes increasingly integrated into daily life, offering unprecedented advancements in automation, communication, and cybersecurity. However, as AI models grow more sophisticated, they also introduce new threats. Discussions about AGI (Artificial General Intelligence) and superintelligence often dominate public discourse, but immediate risks demand urgent attention.   This article explores three major AI threats: AI-powered […]

The post AI Safety: Key Threats and Solutions  appeared first on ANY.RUN's Cybersecurity Blog.

Cybercriminals are constantly refining their methods to stay one step ahead of security defenses. One of their key tactics is evasion, a set of techniques designed to hide malicious activity, bypass detection, and make investigations much more difficult for security teams.  Over time, attackers have developed countless evasion techniques, and they continue to evolve as […]

The post 5 Common Evasion Techniques in Malware  appeared first on ANY.RUN's Cybersecurity Blog.

How can security teams effectively monitor evolving attacks and stay ahead of constantly shifting attacker infrastructure? We spoke with a chief information security officer at a transport company about how they use subscriptions to Search Updates in Threat Intelligence Lookup to tackle this challenge.  Here’s what we learned.  Company Info  Without getting into any specifics, […]

The post How Transport Company Gets Real-Time IOC and IOB Updates on Active Cyber Attacks  appeared first on ANY.RUN's Cybersecurity Blog.

Hey, cybersecurity enthusiasts!  February brought major enhancements to ANY.RUN, improving threat intelligence, detection capabilities, and overall user experience.  With the launch of Threat Intelligence Reports, security professionals now have access to detailed, expert-driven analyses of cyber threats, malware, and APT activities. We also introduced a redesigned website, making navigation more intuitive and structured.  On the […]

The post Release Notes: Threat Intelligence Reports, New Website Design, & Enhanced Detection appeared first on ANY.RUN's Cybersecurity Blog.

Threat Intelligence Feeds from ANY.RUN provide a continuously-updated stream of the latest indicators of compromise. They enable SOC teams to quickly detect and mitigate attacks, including emerging malware and persistent threats. But how do ANY.RUN’s feeds get enriched with fresh and, most importantly, unique indicators? Let’s find out. About ANY.RUN’s Threat Intelligence Feeds ANY.RUN’s Threat […]

The post Enriching ANY.RUN’s TI Feeds with Unique IOCs: How It Works appeared first on ANY.RUN's Cybersecurity Blog.

If you are a student, you might be several years away from getting a degree and a profession – and about a month away from becoming a malware analyst. The latter is made possible by ANY.RUN’s Security Training Lab. There is no point in advertising a career in cybersecurity nowadays. Money talks louder: ransom sums, […]

The post Learn to Analyze Real-World Cyber Threats with Security Training Lab appeared first on ANY.RUN's Cybersecurity Blog.

Network traffic analysis is one of the most effective ways to detect and investigate malware infections. By analyzing communication patterns, researchers and security teams can uncover signs of malicious activity, such as command-and-control (C2) connections, data exfiltration, or DDoS attacks.  In this guide, we’ll explore how traffic analysis helps detect malware, the key tools used […]

The post Malware Traffic Analysis in Linux: Hands-on Guide with Examples appeared first on ANY.RUN's Cybersecurity Blog.

Phishing kits have invested greatly in the popularity of phishing. They drop the entry threshold for cybercriminals enabling even low-skilled hackers to conduct successful attacks.   In general, a phishing kit is a set of tools for creating convincing fake webpages, sites, or emails that trick users into divulging sensitive information like passwords or credit […]

The post How to Identify and Investigate Phishing Kit Attacks appeared first on ANY.RUN's Cybersecurity Blog.

Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X.  From December 20 to 24, 2024, the Quetzal Team identified a phishing campaign targeting the cryptocurrency and fintech sectors. This campaign aimed to distribute a newly discovered stealer malware, which we have […]

The post Zhong Stealer Analysis: New Malware Targeting Fintech and Cryptocurrency appeared first on ANY.RUN's Cybersecurity Blog.

ANY.RUN proudly presents Threat Intelligence Reports: investigative reports on cyber threats and attacks focused on delivering actionable insights to security professionals and decision makers.    Manually composed by our experienced analysts, the Reports provide data for threat monitoring and detection, incident mitigation and response, R&D, education, strategic planning and compliance.  These detailed attack overviews are based […]

The post Threat Intelligence Reports: Get Fresh Research on the Latest Cyber Attacks and APTs appeared first on ANY.RUN's Cybersecurity Blog.

Advanced persistent threats (APTs) stand out as one of the most formidable challenges for businesses in the cybersecurity landscape. These threats can cause irreparable damage, leading to financial losses, data breaches, and reputational harm.  APTs are defined as sophisticated targeted attacks typically conducted by highly funded adversaries: national agencies, state-sponsored groups, organized crime groups, corporate […]

The post How to Track Advanced Persistent Threats appeared first on ANY.RUN's Cybersecurity Blog.

Recently we had a chance to sit down for a chat with the Head of Cybersecurity at an investment bank. An hour-long conversation gave a sneak peek into the work of their cybersec team, challenges they face, and the use of ANY.RUN’s Interactive Sandbox.   Here’s what we learned.  Company and Team Overview  We’re an investment […]

The post I Used a Sandbox to Strengthen Bank’s Security—Here’s How It Worked appeared first on ANY.RUN's Cybersecurity Blog.

Phishing attempts, malicious redirects, and hidden malware can lurk in seemingly harmless links, putting your company’s data and systems at risk. To streamline threat detection and response, ANY.RUN has upgraded its browser extension, making the Safebrowsing feature free for all users.  How Safebrowsing Works in ANY.RUN’s Extension  Safebrowsing from ANY.RUN provides a fully functional browser, allowing users to […]

The post Instant URL Analysis: Use Safebrowsing via ANY.RUN’s Extension appeared first on ANY.RUN's Cybersecurity Blog.

Less than a month after its launch, DeepSeek has already shaken up the industry, caused NVidia’s stock to shed $600 billion, and sparked political controversy.   Now, the AI company is dealing with the consequences of major cyber attacks. As of February 5, DeepSeek is still having trouble letting new users join.   Let’s review the entire […]

The post Cyber Attacks on DeepSeek AI: What Really Happened? Full Timeline and Analysis appeared first on ANY.RUN's Cybersecurity Blog.