Bridging the Threat Intelligence Gap in Your SOC: A Guide for Security Leaders 文章介绍了如何通过整合威胁情报提升企业安全运营能力，强调了ANY.RUN的TI Lookup和TI Feeds工具在主动威胁识别、减少误报和提供丰富上下文中的作用，并展示了其在SIEM、TIP等系统中的应用价值。... 2025-8-13 11:31:42 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - any.run threats feeds proactive malicious

Hunter Plan: Fast and Private Threat Analysis for Solo Malware Researchers Hunter提供强大的恶意软件分析功能，支持多种环境快速识别威胁，并具备高级安全措施。用户可控制隐私设置，并利用AI辅助分析复杂案例。企业版增强团队协作和自动化能力。... 2025-8-12 12:46:44 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - any.run analysis network security threats

PyLangGhost RAT: Rising Data Stealer from Lazarus Group Targeting Finance and Technology 朝鲜 Lazarus 集团的Famous Chollima分支开发了PyLangGhost RAT恶意软件，通过伪装成面试或技术测试诱骗目标运行恶意脚本，获取远程控制权。该恶意软件窃取浏览器和加密钱包数据，并使用弱加密与C2服务器通信。... 2025-8-6 10:31:35 | 阅读: 46 | 收藏 | Over Security - Cybersecurity news aggregator - any.run chrome pylangghost python c2 malicious

ANY.RUN & Microsoft Sentinel: Catch Emerging Threats with Real-Time Threat Intelligence ANY.RUN通过内置STIX/TAXII连接器将实时威胁情报传送到微软Sentinel，无需复杂设置。提供高质量IOCs帮助早期检测攻击，并加强SOC能力。... 2025-8-5 10:46:52 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - any.run feeds threats stix taxii indicator

Release Notes: QRadar SOAR App, TI Lookup Free Access, and 2,900+ New Detection Rules ANY.RUN在7月推出新功能和更新，包括与IBM QRadar SOAR的集成以加速响应、免费威胁情报查询计划、Debian ARM虚拟机用于分析物联网恶意软件以及新增163个行为签名、13个YARA规则和2772个Suricata规则，提升威胁可见性和工作效率。... 2025-8-4 12:1:38 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - any.run threats analysis soar stealthy premium

Detect ARM Malware in Seconds with Debian Sandbox for Stronger Enterprise Security ANY.RUN推出支持Linux Debian 12.2（ARM）的交互式沙盒，帮助安全团队快速分析和检测针对Windows、Linux和Android系统的网络威胁。新增功能可识别基于ARM架构的恶意软件，如僵尸网络、挖矿软件和后门程序，并提供实时行为分析、网络活动跟踪和详细报告生成能力。... 2025-7-31 10:32:16 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - any.run kaiji threats analysis security malicious

CISO Blueprint: 5 Steps to Enterprise Cyber Threat Resilience 文章探讨了SOC团队在安全工具投资下仍面临威胁检测与响应挑战的问题，并介绍了ANY.RUN如何通过实时威胁分析、自动化分类、协作工具和隐私控制等解决方案提升 SOC 效率和韧性。... 2025-7-30 10:32:32 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - any.run security analysis threats

Major Cyber Attacks in July 2025: Obfuscated .LNK‑Delivered DeerStealer, Fake 7‑Zip, and More 该页面不存在于本网站中。您可能误输了地址或点击了失效链接。我们建议您尝试搜索所需页面以继续浏览。... 2025-7-29 10:52:57 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - any.run anyway mistyped expired

Top Email Security Risks for Businesses and How to Catch Them Before They Cause Damage 文章指出电子邮件仍是企业通信的核心但也是主要安全威胁来源。常见风险包括恶意附件、钓鱼链接、零点击攻击等。ANY.RUN沙盒工具可实时分析可疑邮件，揭示攻击行为并提供详细报告，帮助企业快速检测威胁并降低风险。... 2025-7-24 12:47:25 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - any.run malicious microsoft security phishing threats

Beating Supply Chain Attacks: DHL Impersonation Case Study read file error: read notes: is a directory... 2025-7-23 12:2:17 | 阅读: 33 | 收藏 | Over Security - Cybersecurity news aggregator - any.run dhl phishing analysis attackers malicious

Turn Alert Noise into Threat Insights without Leaving QRadar SOAR with ANY.RUN IBM QRadar SOAR与ANY.RUN的集成通过官方应用实现无缝协作，支持自动启动 playbook，优化威胁分析和调查流程。该应用提供实时威胁情报、动态文件分析及自动化任务处理功能，帮助降低MTTR并提升SOC效率。... 2025-7-22 11:17:38 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - any.run soar analysis qradar enrichment threats

Malware Trends Report, Q2 2025: Know the Key Risks to Your Business ANY.RUN发布2025年第二季度恶意软件趋势报告，基于全球1.5万家SOC团队数据，分析恶意软件类型、APT活动及钓鱼工具包等关键威胁。报告提供可操作见解，助力组织提升安全韧性。... 2025-7-21 09:47:29 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - any.run threats q1 industries phishing families

How MSSPs Detect Incidents Early with Threat Intelligence Feeds from ANY.RUN 本文探讨了托管安全服务提供商（MSSP）在保护多客户环境中的挑战，并强调高质量威胁情报的重要性。通过实时、可操作的情报，MSSP能够提升威胁检测效率、减少误报并优化资源利用。ANY.RUN的威胁情报 feeds 提供新鲜的恶意指标和上下文分析，帮助MSSP实现早期威胁检测、自动化响应和成本节约，从而增强客户信任和业务竞争力。... 2025-7-17 09:47:33 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - any.run feeds mssps client threats security

Free. Powerful. Actionable. Make Smarter Security Decisions with Live Attack Data ANY.RUN推出免费威胁情报工具TI Lookup，帮助SOC团队简化工作流程。该工具提供实时攻击数据和行为分析，支持快速威胁调查和响应。通过免费版本，用户可访问最新IOCs、IOBs和IOAs，并结合MITRE ATT&CK矩阵提升团队能力。Premium版本提供更多高级功能和数据集成选项。... 2025-7-16 11:33:46 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - any.run threats premium analysis proactive

Enterprise Plan: Boost SOC Performance, Reduce Business Risks with ANY.RUN ANY.RUN的Enterprise计划是一款企业级恶意软件分析解决方案，提供互动沙盒分析、隐私控制和自动化功能，帮助安全团队快速检测威胁并缩短响应时间，提升整体防御能力。... 2025-7-15 10:32:54 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - any.run analysis security threats

How to Maintain Fast and Fatigue-Free Alert Triage with Threat Intelligence 文章探讨了安全运营中心（SOC）和托管安全服务提供商（MSSP）中的警报分诊流程及其重要性。通过ANY.RUN的威胁情报查找工具，组织能够快速获取实时威胁信息并做出决策，从而提高效率、减少误报并降低风险。该工具支持多种搜索参数，帮助分析师在复杂环境中快速识别真实威胁并采取行动。... 2025-7-9 12:2:50 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - any.run triage threats security fatigue analysis

Technical Analysis of Ducex: Packer of Triada Android Malware 这篇文章分析了Triada恶意软件中的高级Android打包工具Ducex，其通过加密函数、XOR加密字符串、反调试机制及检测分析工具（如Frida）来混淆分析和隐藏payload。... 2025-7-8 12:47:33 | 阅读: 22 | 收藏 | Over Security - Cybersecurity news aggregator - any.run analysis ducex packer apk decrypted

Release Notes: Detonation Actions, Enhanced QR Extraction, and 1,400+ New Detection Rules ANY.RUN在六月更新中推出实时 detonation actions、增强QR码提取和扩展威胁覆盖功能，提升恶意软件分析速度与准确性，并支持跨平台检测与自动化流程。... 2025-7-2 13:47:29 | 阅读: 22 | 收藏 | Over Security - Cybersecurity news aggregator - any.run threats detonation phishing qr analysis

A Guide to Developing Security-First Culture Powered by Threat Intelligence 安全至上的文化（SFC）是一种组织级承诺，强调在决策中融入安全考量。其核心原则包括主动风险管理、持续学习与适应、透明沟通、设计安全及数据驱动决策。通过减少数据泄露、提升运营效率、合规性及创新能力等多重优势，SFC助力组织在威胁环境中蓬勃发展。成功实施需结合威胁情报与持续改进策略。... 2025-7-2 12:2:39 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - any.run security threats cti sfc malicious

Top 3 Cyber Attacks in June 2025: GitHub Abuse, Control Flow Flattening, and More 2025年6月出现多起复杂网络攻击事件，利用混淆脚本、合法服务滥用及多阶段技术传播恶意软件。Braodo Stealer通过GitHub托管载荷；控制流平坦化混淆的JavaScript传播Remcos；混淆BAT脚本分发NetSupport RAT。ANY.RUN工具助力分析此类威胁行为。... 2025-6-25 11:47:35 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - any.run powershell analysis netsupport threats security