ANY.RUN Shows How Attackers Use PowerShell to Spread Malware and Expands Detection of Over 60 Cyber Threats

By
Technology For You
-

DUBAI, DUBAI, UNITED ARAB EMIRATES, April 2, 2024 /EINPresswire.com/ — ANY.RUN, the leading interactive malware sandbox platform, reports important updates to its malware analysis capabilities introduced in March.

๐๐จ๐ฐ๐ž๐ซ๐’๐ก๐ž๐ฅ๐ฅ ๐’๐œ๐ซ๐ข๐ฉ๐ญ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ข๐ฌ

ANY.RUN has expanded its Script Tracer functionality to now include support for PowerShell scripts. This addition complements existing support for JScript, VB Script, VBA, and Macro 4.0, enabling users to trace PowerShell script execution step by step.

These improvements allow analysts to dissect and mitigate threats associated with PowerShell, a favored tool among malicious actors and APTs for persistence, lateral movement, and payload execution.

๐๐ซ๐จ๐ฐ๐ฌ๐ž๐ซ ๐„๐ฑ๐ญ๐ž๐ง๐ฌ๐ข๐จ๐ง ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ข๐œ๐ข๐ž๐ง๐ญ ๐Œ๐š๐ฅ๐ฐ๐š๐ซ๐ž ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ข๐ฌ
ANY.RUN introduced a browser extension for Chrome and Edge browsers that lets users launch malware analysis sessions directly from their browsers. This streamlines the process of analyzing suspicious links and files without the need to navigate to the service separately.

The extension not only saves time but also enhances convenience, enabling users to view analysis results and download threat reports directly within the extension.

๐ˆ๐ง๐ญ๐ž๐ ๐ซ๐š๐ญ๐ข๐จ๐ง๐ฌ ๐ฐ๐ข๐ญ๐ก ๐Ž๐ญ๐ก๐ž๐ซ ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐•๐ž๐ง๐๐จ๐ซ๐ฌ
ANY.RUN now seamlessly integrates with leading security vendors, including OpenCTI, D3 Security, Threat Quotient, Blink, and TheHive, among others. These integrations bolster users’ ability to incorporate ANY.RUN into their existing security ecosystems, enhancing overall threat intelligence and incident response capabilities.

๐ˆ๐ง๐ญ๐ž๐ ๐ซ๐š๐ญ๐ข๐จ๐ง๐ฌ ๐ฐ๐ข๐ญ๐ก ๐Ž๐ญ๐ก๐ž๐ซ ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐•๐ž๐ง๐๐จ๐ซ๐ฌ
ANY.RUN has expanded its threat coverage with 63 new malware signatures, as well as updated YARA and Suricata rules, ensuring comprehensive protection against emerging threats.

The latest updates include the addition of network rules to detect new malware variants such as PlanetStealer, DARP, AsukaStealer, and DarkGate. Furthermore, ANY.RUN has introduced behavioral Suricata rules to improve phishing detection accuracy, irrespective of specific domains, further fortifying users’ defenses against phishing attacks.

To learn more about ANY.RUN and its latest updates, visit ANY.RUN’s blog.

Veronika Trifonova
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
Twitter
YouTube

You just read:

EIN Presswire’s priority is source transparency. We do not allow opaque clients, and our editors try to be careful about weeding out false and misleading content.
As a user, if you see something we have missed, please do bring it to our attention. Your help is welcome. EIN Presswire, Everyone’s Internet News Presswireโ„ข,
tries to define some of the boundaries that are reasonable in today’s world. Please see our
Editorial Guidelines
for more information.

Source Link

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here