November 19, 2025 at 10:37 AM
Malware Sandbox https://Any.Run Targeted in Phishing Attack
https://www.securityweek.com/malware-sandbox-any-run-targeted-in-phishing-attack/
##Infosec ##Security ##Cybersecurity ##CeptBiro ##Malware ##Sandbox ##AnyRun ##PhishingAttack
https://www.securityweek.com/malware-sandbox-any-run-targeted-in-phishing-attack/
##Infosec ##Security ##Cybersecurity ##CeptBiro ##Malware ##Sandbox ##AnyRun ##PhishingAttack
ANY.RUN - Interactive Online Malware Sandbox
Cloud-based malware analysis service. Take your information security to the next level. Analyze suspicious and malicious activities using our innovative tools.
Any.Run
June 25, 2024 at 1:14 PM
Malware Sandbox https://Any.Run Targeted in Phishing Attack
https://www.securityweek.com/malware-sandbox-any-run-targeted-in-phishing-attack/
##Infosec ##Security ##Cybersecurity ##CeptBiro ##Malware ##Sandbox ##AnyRun ##PhishingAttack
https://www.securityweek.com/malware-sandbox-any-run-targeted-in-phishing-attack/
##Infosec ##Security ##Cybersecurity ##CeptBiro ##Malware ##Sandbox ##AnyRun ##PhishingAttack
SOCs are facing challenges with quishing phishing via QR codes. Learn how interactive sandboxes like ANY.RUN can expose these threats in seconds. #CyberSecurity #Quishing #SOC #ANYRUN Link: thedailytechfeed.com/security-ope...
October 23, 2025 at 10:07 AM
SOCs are facing challenges with quishing phishing via QR codes. Learn how interactive sandboxes like ANY.RUN can expose these threats in seconds. #CyberSecurity #Quishing #SOC #ANYRUN Link: thedailytechfeed.com/security-ope...
A false positive from Microsoft Defender XDR led to 1,700+ sensitive documents being shared publicly on ANYRUN. Microsoft mistakenly flagged Adobe links as malicious, prompting users to upload sensitive files for analysis. Users are urged to use commercial licenses for privacy.
Important: False positive from MS Defender XDR has led to 1,700+ sensitive docs being shared publicly via ANYRUN alone
Yesterday we saw a sudden inflow of Adobe Acrobat Cloud links being uploaded to ANYRUN's sandbox.
After research, we've discovered that Microsoft Defender XDR mistakenly flagged acrobat[.]adobe...
reddit.com
April 25, 2025 at 11:42 AM
A false positive from Microsoft Defender XDR led to 1,700+ sensitive documents being shared publicly on ANYRUN. Microsoft mistakenly flagged Adobe links as malicious, prompting users to upload sensitive files for analysis. Users are urged to use commercial licenses for privacy.
5. Hudsonrock [ Filtrado ]
www.hudsonrock.com/threat-intel...
6. AbuseIPdb [ Comprobar IP ]
abuseipdb.com
7. Anyrun [ Reportes Ataques ]
app.any.run
8. BgpTools [ ASN / DNS ]
bgp.tools
9. Archiveorg [ Histórico Web ]
archive.org
www.hudsonrock.com/threat-intel...
6. AbuseIPdb [ Comprobar IP ]
abuseipdb.com
7. Anyrun [ Reportes Ataques ]
app.any.run
8. BgpTools [ ASN / DNS ]
bgp.tools
9. Archiveorg [ Histórico Web ]
archive.org
https://hudsonrock.com/threat-intelli…
April 26, 2025 at 6:45 AM
5. Hudsonrock [ Filtrado ]
www.hudsonrock.com/threat-intel...
6. AbuseIPdb [ Comprobar IP ]
abuseipdb.com
7. Anyrun [ Reportes Ataques ]
app.any.run
8. BgpTools [ ASN / DNS ]
bgp.tools
9. Archiveorg [ Histórico Web ]
archive.org
www.hudsonrock.com/threat-intel...
6. AbuseIPdb [ Comprobar IP ]
abuseipdb.com
7. Anyrun [ Reportes Ataques ]
app.any.run
8. BgpTools [ ASN / DNS ]
bgp.tools
9. Archiveorg [ Histórico Web ]
archive.org
Mastering SOC Collaboration and Threat Detection with ANYRUN
Introduction Security Operations Centers (SOCs) face increasing challenges in threat detection, investigation, and team collaboration. ANY.RUN offers a streamlined solution, integrating into existing infrastructure to accelerate incident…
Introduction Security Operations Centers (SOCs) face increasing challenges in threat detection, investigation, and team collaboration. ANY.RUN offers a streamlined solution, integrating into existing infrastructure to accelerate incident…
Mastering SOC Collaboration and Threat Detection with ANYRUN
Introduction Security Operations Centers (SOCs) face increasing challenges in threat detection, investigation, and team collaboration. ANY.RUN offers a streamlined solution, integrating into existing infrastructure to accelerate incident response and improve detection scalability. This article explores key commands, techniques, and best practices to enhance SOC efficiency. Learning Objectives Understand how ANY.RUN enhances SOC workflows. Learn essential Linux/Windows commands for threat detection. …
undercodetesting.com
August 7, 2025 at 11:42 PM
Mastering SOC Collaboration and Threat Detection with ANYRUN
Introduction Security Operations Centers (SOCs) face increasing challenges in threat detection, investigation, and team collaboration. ANY.RUN offers a streamlined solution, integrating into existing infrastructure to accelerate incident…
Introduction Security Operations Centers (SOCs) face increasing challenges in threat detection, investigation, and team collaboration. ANY.RUN offers a streamlined solution, integrating into existing infrastructure to accelerate incident…
⚡ #Phishing attacks are becoming harder to spot. Learn about key phishing indicators and discover effective ways to identify and mitigate these threats using advanced tools like #ANYRUN.
thehackernews.com/2024/09/expe...
#infosec #cybersecurity
thehackernews.com/2024/09/expe...
#infosec #cybersecurity
Expert Tips on How to Spot a Phishing Link
Learn how to detect phishing links with these expert tips on URL inspection, redirects, and fake pages.
thehackernews.com
September 25, 2024 at 9:42 PM
⚡ #Phishing attacks are becoming harder to spot. Learn about key phishing indicators and discover effective ways to identify and mitigate these threats using advanced tools like #ANYRUN.
thehackernews.com/2024/09/expe...
#infosec #cybersecurity
thehackernews.com/2024/09/expe...
#infosec #cybersecurity
Some other launchers that are promising are: vicinae, gauntlet, anyrun, sherlock, raycast-linux
But none of them are quite there yet
But none of them are quite there yet
August 22, 2025 at 8:26 PM
Some other launchers that are promising are: vicinae, gauntlet, anyrun, sherlock, raycast-linux
But none of them are quite there yet
But none of them are quite there yet
"Lazarus Group Attacks in 2025: Overview for SOC Teams" published by AnyRun. #ContagiousInterview, #ITWorker, #InvisibleFerret, #Lazarus, #OtterCookie, #PylangGhost, #DPRK, #CTI https://any.run/cybersecurity-blog/lazarus-group-attacks-2025/
September 10, 2025 at 1:30 PM
"Lazarus Group Attacks in 2025: Overview for SOC Teams" published by AnyRun. #ContagiousInterview, #ITWorker, #InvisibleFerret, #Lazarus, #OtterCookie, #PylangGhost, #DPRK, #CTI https://any.run/cybersecurity-blog/lazarus-group-attacks-2025/
~Anyrun~
November's landscape was dominated by multi-stage loaders like XWorm and JSGuLdr delivering stealers and backdoors via in-memory execution.
-
IOCs: drive. google. com
-
#JSGuLdr #Malware #ThreatIntel #XWorm
November's landscape was dominated by multi-stage loaders like XWorm and JSGuLdr delivering stealers and backdoors via in-memory execution.
-
IOCs: drive. google. com
-
#JSGuLdr #Malware #ThreatIntel #XWorm
November 2025 Threat Roundup: XWorm & JSGuLdr
any.run
November 26, 2025 at 12:32 PM
~Anyrun~
November's landscape was dominated by multi-stage loaders like XWorm and JSGuLdr delivering stealers and backdoors via in-memory execution.
-
IOCs: drive. google. com
-
#JSGuLdr #Malware #ThreatIntel #XWorm
November's landscape was dominated by multi-stage loaders like XWorm and JSGuLdr delivering stealers and backdoors via in-memory execution.
-
IOCs: drive. google. com
-
#JSGuLdr #Malware #ThreatIntel #XWorm
Anyone knows malware stuff use the IoC I shared on alien otx and/or I have 3 pcap files though a friend said anyrun pcaps are malformed files.
or I can give you the initial URL that create a tree of chain forwarding with other compromised sites. pdf files along the way also suspicious. 2/3
or I can give you the initial URL that create a tree of chain forwarding with other compromised sites. pdf files along the way also suspicious. 2/3
February 24, 2025 at 5:57 PM
Anyone knows malware stuff use the IoC I shared on alien otx and/or I have 3 pcap files though a friend said anyrun pcaps are malformed files.
or I can give you the initial URL that create a tree of chain forwarding with other compromised sites. pdf files along the way also suspicious. 2/3
or I can give you the initial URL that create a tree of chain forwarding with other compromised sites. pdf files along the way also suspicious. 2/3
Tracking ClickFix Domains with ANYRUN Threat Intelligence
ClickFix is a deceptive social engineering tactic that tricks users into executing malicious commands disguised as bot verification tests, often through fake CAPTCHA prompts. Attackers manipulate victims into performing actions like…
ClickFix is a deceptive social engineering tactic that tricks users into executing malicious commands disguised as bot verification tests, often through fake CAPTCHA prompts. Attackers manipulate victims into performing actions like…
Tracking ClickFix Domains with ANYRUN Threat Intelligence
ClickFix is a deceptive social engineering tactic that tricks users into executing malicious commands disguised as bot verification tests, often through fake CAPTCHA prompts. Attackers manipulate victims into performing actions like pressing keyboard shortcuts, leading to malware installation. Security professionals can leverage ANY.RUN’s threat intelligence database and network IOCs (Indicators of Compromise) to detect ClickFix domains and mitigate risks effectively.
undercodetesting.com
June 1, 2025 at 6:44 AM
Tracking ClickFix Domains with ANYRUN Threat Intelligence
ClickFix is a deceptive social engineering tactic that tricks users into executing malicious commands disguised as bot verification tests, often through fake CAPTCHA prompts. Attackers manipulate victims into performing actions like…
ClickFix is a deceptive social engineering tactic that tricks users into executing malicious commands disguised as bot verification tests, often through fake CAPTCHA prompts. Attackers manipulate victims into performing actions like…
What is Crypto Malware: Definition and Analysis in ANY.RUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #Crypto #Malware #ANYRUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #Crypto #Malware #ANYRUN
What is Crypto Malware: Definition and Analysis in ANY.RUN - ANY.RUN's Cybersecurity Blog
Discover how crypto malware operates, learn about the most popular crypto malware families, and see how you can analyze malware in ANY.RUN.
any.run
February 21, 2024 at 2:11 PM
What is Crypto Malware: Definition and Analysis in ANY.RUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #Crypto #Malware #ANYRUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #Crypto #Malware #ANYRUN
"PyLangGhost RAT: Rising Data Stealer from Lazarus Group Targeting Finance and Technology" published by AnyRun. #ClickFix, #FamousChollima, #PylangGhost, #DPRK, #CTI https://any.run/cybersecurity-blog/pylangghost-malware-analysis/
August 6, 2025 at 1:30 PM
"PyLangGhost RAT: Rising Data Stealer from Lazarus Group Targeting Finance and Technology" published by AnyRun. #ClickFix, #FamousChollima, #PylangGhost, #DPRK, #CTI https://any.run/cybersecurity-blog/pylangghost-malware-analysis/
Proactive Cybersecurity: Analyzing Threats with ANYRUN and Phishing Defense
Introduction In today’s evolving threat landscape, organizations must adopt proactive cybersecurity measures to defend against malware, phishing, and automated attacks. Tools like ANY.RUN’s sandbox enable real-time…
Introduction In today’s evolving threat landscape, organizations must adopt proactive cybersecurity measures to defend against malware, phishing, and automated attacks. Tools like ANY.RUN’s sandbox enable real-time…
Proactive Cybersecurity: Analyzing Threats with ANYRUN and Phishing Defense
Introduction In today’s evolving threat landscape, organizations must adopt proactive cybersecurity measures to defend against malware, phishing, and automated attacks. Tools like ANY.RUN’s sandbox enable real-time analysis of Windows, Linux, and Android threats, while phishing simulations demonstrate how attackers exploit browser vulnerabilities. This article explores practical techniques for threat analysis and credential protection. Learning Objectives Understand how to use ANY.RUN’s sandbox for dynamic malware analysis.
undercodetesting.com
June 27, 2025 at 1:03 AM
Proactive Cybersecurity: Analyzing Threats with ANYRUN and Phishing Defense
Introduction In today’s evolving threat landscape, organizations must adopt proactive cybersecurity measures to defend against malware, phishing, and automated attacks. Tools like ANY.RUN’s sandbox enable real-time…
Introduction In today’s evolving threat landscape, organizations must adopt proactive cybersecurity measures to defend against malware, phishing, and automated attacks. Tools like ANY.RUN’s sandbox enable real-time…
"OtterCookie: Analysis of New Lazarus Group Malware" published by AnyRun. #Lazarus, #OtterCookie, #DPRK, #CTI https://any.run/potatosecurity-blog/ottercookie-malware-analysis/
June 3, 2025 at 3:44 PM
"OtterCookie: Analysis of New Lazarus Group Malware" published by AnyRun. #Lazarus, #OtterCookie, #DPRK, #CTI https://any.run/potatosecurity-blog/ottercookie-malware-analysis/
DCRat: Step-by-Step Analysis in ANY.RUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #DCRat #ANYRUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #DCRat #ANYRUN
DCRat: Step-by-Step Analysis in ANY.RUN - ANY.RUN's Cybersecurity Blog
Learn about the distribution and ecosystem of DCRat and study a detailed dynamic analysis of DCRat using the ANY.RUN sandbox.
any.run
February 27, 2024 at 2:24 PM
DCRat: Step-by-Step Analysis in ANY.RUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #DCRat #ANYRUN
any.run/cybersecurit...
#Infosec #Security #Cybersecurity #CeptBiro #DCRat #ANYRUN
(Sharing in collab with AnyRun)
Using AnyRun, I was able to run this PERFECTLY NORMAL WeChat Installer:
0/69 VT score, Signed by "Commander Software Solutions Oy"
While running it, it required me to complete a captcha and also install .NET runtime.
1/2
Using AnyRun, I was able to run this PERFECTLY NORMAL WeChat Installer:
0/69 VT score, Signed by "Commander Software Solutions Oy"
While running it, it required me to complete a captcha and also install .NET runtime.
1/2
November 24, 2024 at 11:01 PM
(Sharing in collab with AnyRun)
Using AnyRun, I was able to run this PERFECTLY NORMAL WeChat Installer:
0/69 VT score, Signed by "Commander Software Solutions Oy"
While running it, it required me to complete a captcha and also install .NET runtime.
1/2
Using AnyRun, I was able to run this PERFECTLY NORMAL WeChat Installer:
0/69 VT score, Signed by "Commander Software Solutions Oy"
While running it, it required me to complete a captcha and also install .NET runtime.
1/2
#411499 open-webui: 0.6.10 -> 0.6.11
#411476 workflows/check-cherry-picks: fix silent failure
#411475 teams-for-linux: 2.0.13 -> 2.0.14
#411470 lib.maintainers.nicoo: update GH account name
#411455 anyrun: 0-unstable-2025-04-29 -> 0-unstable-2025-05-19
#411454 clorinde: 0.15.0 -> 0.15.1
#411476 workflows/check-cherry-picks: fix silent failure
#411475 teams-for-linux: 2.0.13 -> 2.0.14
#411470 lib.maintainers.nicoo: update GH account name
#411455 anyrun: 0-unstable-2025-04-29 -> 0-unstable-2025-05-19
#411454 clorinde: 0.15.0 -> 0.15.1
May 28, 2025 at 12:05 AM
#411499 open-webui: 0.6.10 -> 0.6.11
#411476 workflows/check-cherry-picks: fix silent failure
#411475 teams-for-linux: 2.0.13 -> 2.0.14
#411470 lib.maintainers.nicoo: update GH account name
#411455 anyrun: 0-unstable-2025-04-29 -> 0-unstable-2025-05-19
#411454 clorinde: 0.15.0 -> 0.15.1
#411476 workflows/check-cherry-picks: fix silent failure
#411475 teams-for-linux: 2.0.13 -> 2.0.14
#411470 lib.maintainers.nicoo: update GH account name
#411455 anyrun: 0-unstable-2025-04-29 -> 0-unstable-2025-05-19
#411454 clorinde: 0.15.0 -> 0.15.1
~Anyrun~
New 'Tykit' phishing kit uses SVG files and multi-stage redirects to steal Microsoft 365 corporate credentials.
-
IOCs: segy. zip, segy. xyz, segy2. cc
-
#Phishing #ThreatIntel #Tykit
New 'Tykit' phishing kit uses SVG files and multi-stage redirects to steal Microsoft 365 corporate credentials.
-
IOCs: segy. zip, segy. xyz, segy2. cc
-
#Phishing #ThreatIntel #Tykit
New Tykit Phishing Kit Steals M365 Accounts
any.run
October 21, 2025 at 12:31 PM
~Anyrun~
New 'Tykit' phishing kit uses SVG files and multi-stage redirects to steal Microsoft 365 corporate credentials.
-
IOCs: segy. zip, segy. xyz, segy2. cc
-
#Phishing #ThreatIntel #Tykit
New 'Tykit' phishing kit uses SVG files and multi-stage redirects to steal Microsoft 365 corporate credentials.
-
IOCs: segy. zip, segy. xyz, segy2. cc
-
#Phishing #ThreatIntel #Tykit
🕵️♂️ AnyRun → app.any.run
🌐 Bgp tools → bgp.tools
📚 Archive Org → archive.org
⚠️ BlackMail → blacklistchecker.com
🛠️ BuiltWithTech → builtwith.com
🌐 Bgp tools → bgp.tools
📚 Archive Org → archive.org
⚠️ BlackMail → blacklistchecker.com
🛠️ BuiltWithTech → builtwith.com
June 11, 2025 at 9:39 PM
🕵️♂️ AnyRun → app.any.run
🌐 Bgp tools → bgp.tools
📚 Archive Org → archive.org
⚠️ BlackMail → blacklistchecker.com
🛠️ BuiltWithTech → builtwith.com
🌐 Bgp tools → bgp.tools
📚 Archive Org → archive.org
⚠️ BlackMail → blacklistchecker.com
🛠️ BuiltWithTech → builtwith.com
~Anyrun~
Attackers use GitHub, obfuscated JS, and BAT files to deliver Braodo Stealer, Remcos RAT, and NetSupport RAT.
-
IOCs: Braodo Stealer, Remcos RAT, NetSupport RAT
-
#Malware #RAT #ThreatIntel
Attackers use GitHub, obfuscated JS, and BAT files to deliver Braodo Stealer, Remcos RAT, and NetSupport RAT.
-
IOCs: Braodo Stealer, Remcos RAT, NetSupport RAT
-
#Malware #RAT #ThreatIntel
June 2025 Top Cyber Threats
any.run
June 25, 2025 at 12:37 PM
~Anyrun~
Attackers use GitHub, obfuscated JS, and BAT files to deliver Braodo Stealer, Remcos RAT, and NetSupport RAT.
-
IOCs: Braodo Stealer, Remcos RAT, NetSupport RAT
-
#Malware #RAT #ThreatIntel
Attackers use GitHub, obfuscated JS, and BAT files to deliver Braodo Stealer, Remcos RAT, and NetSupport RAT.
-
IOCs: Braodo Stealer, Remcos RAT, NetSupport RAT
-
#Malware #RAT #ThreatIntel
~Anyrun~
The Salty2FA phishing kit now uses Tycoon2FA as a fallback payload, creating a hybrid threat likely operated by the same group (Storm-1747).
-
IOCs: omvexe. shop, 1otyu7944x8. workers. dev, diogeneqc. pages. dev
-
...
The Salty2FA phishing kit now uses Tycoon2FA as a fallback payload, creating a hybrid threat likely operated by the same group (Storm-1747).
-
IOCs: omvexe. shop, 1otyu7944x8. workers. dev, diogeneqc. pages. dev
-
...
Salty2FA & Tycoon2FA Hybrid Phishing Threat
any.run
December 2, 2025 at 12:31 PM
~Anyrun~
The Salty2FA phishing kit now uses Tycoon2FA as a fallback payload, creating a hybrid threat likely operated by the same group (Storm-1747).
-
IOCs: omvexe. shop, 1otyu7944x8. workers. dev, diogeneqc. pages. dev
-
...
The Salty2FA phishing kit now uses Tycoon2FA as a fallback payload, creating a hybrid threat likely operated by the same group (Storm-1747).
-
IOCs: omvexe. shop, 1otyu7944x8. workers. dev, diogeneqc. pages. dev
-
...