ANY.RUN announced an upgrade to its Threat Intelligence Portal, enhancing its capabilities to identify and analyze emerging cyber threats. This upgrade underscores ANY.RUN’s commitment to providing comprehensive threat intelligence solutions, empowering users to navigate the ever evolving landscape of cyber threats.
Threat Intelligence Lookup is a streamlined platform designed to help users find relevant threat data extracted from ANY.RUN’s extensive database of malware analysis sessions carried out in its interactive sandbox. This tool transforms isolated data into a holistic view of both persistent and emerging threats, offering users insights into malicious activities, suspicious connections, and hidden indicators of compromise.
Accessible through an intuitive web interface and an API for seamless integration with existing security solutions, TI Lookup allows users to examine various data points including:
This comprehensive approach enables cybersecurity analysts to gain detailed context about attacks, helping them understand the nature, scope, and potential impact of threats.
In addition to the enhancements to Threat Intelligence Lookup, ANY.RUN has significantly expanded its search capabilities, now offering over 40 parameters for querying its extensive database. This upgrade allows users to filter searches by file hashes, IP addresses, domain names, and more, facilitating a more targeted and efficient investigation of potential threats.
ANY.RUN showcased the effectiveness of its TI Lookup feature through a practical use case. By utilizing a single suspicious IP address, users can efficiently identify associated malware.
For instance, investigating the IP address by submitting the query destinationIP : 185.196.9.26 revealed connections to Redline malware, which is used to steal login credentials and other sensitive data.
The close integration between the ANY.RUN sandbox and Threat Intelligence Lookup allows users to directly access recorded sandbox sessions where the specific IP address was detected. By accessing the sandbox session, users can examine the malware’s actions in a secure environment.
One of the significant advantages of TI Lookup is its ability to provide immediate insights into threat behavior, collecting crucial data such as Indicators of Compromise IOCs and Tactics, Techniques, and Procedures TTPs.
With these significant upgrades, ANY.RUN reaffirms its position as a leader in threat intelligence solutions, equipping cybersecurity analysts with the tools necessary to combat emerging threats effectively.
Users who want to experience ANY.RUN’s enhanced Threat Intelligence portal firsthand can sign up for a 14-day free trial to unlock powerful tools for detecting, analyzing, and combating emerging cyber threats.
The ANY.RUN team
ANYRUN FZCO
pr@any.run
+1 657-366-5050
Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center (GSOC)…
Zloader, a sophisticated Trojan, has recently evolved with features that enhance its stealth and destructive…
The US Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence Information…
DMD Diamond - one of the oldest blockchain projects in the space has announced the start…
Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the…
The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack…