ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

VMRay Blog

Stay current on the threat landscape with industry-leading cybersecurity insights!
Try VMRay
2019-08-01

Stepping into the Breach: Improving Security Researchers’ Ability to Dynamically Analyze macOS Malware at Scale

This content covered in the blog is based on my Objective By the Sea talk “Hypervisor-Based Analysis of macOS Malware”. You can access the slides from my presentation here. A Growing Threat and a Dearth of Tools Compared to Windows, macOS accounts for only a small percentage of all malware,
Read More
2019-07-23

Enterprise Security Takes a Big Leap Forward with VMRay Analyzer 3.1

With the latest release of our flagship platform for malware analysis, VMRay Analyzer 3.1, we are enhancing enterprise security in four broad areas: providing greater platform coverage, improved scalability, additional access security, and greater detection efficacy. In Version v3.1 we have: Mapped malicious behavior to the industry-standard MITRE ATT&CK framework,
Read More
2019-07-10

Intelligent Monitoring: Auto-Focus for Malware Analysts

Intelligent Monitoring captures everything that’s relevant and only what’s relevant, so your Security Team can focus on what’s most critical & essential. In explaining what had motivated his team to switch to VMRay Analyzer, a customer told us, “It’s not about getting our analysts started with malware analysis. It’s getting
Read More
2019-07-03

SANS Webcast Recap: Hitting the Silent Alarm on Banking Trojans

In this era of Ransomware attacks and Zero Day attacks, it’s easy to forget about pervasive threats like Banking Trojans which have been around for some time. These same threats have evolved significantly over the past years, constantly presenting new challenges to security teams. In this post—condensed from a SANS
Read More
2019-06-25

Analyzing Ursnif’s Behavior Using a Malware Sandbox

Ursnif is a group of malware families based on the same leaked source code. When fully executed Urnsif has the capability to steal banking and online account credentials. In this blog post, we will analyze the payload of a Ursnif sample and demonstrate how a malware sandbox can expedite the

Read More
2019-05-29

How to Leverage Indicators of Compromise with VMRay & ThreatConnect

Indicators of compromise (IOCs) are essential pieces of information security teams use to improve detection and response times. With VMRay’s Intelligent Monitoring technology, IOCs extracted from an analysis are noise-free and provide relevant data for teams to import into their existing security tools. Our out-of-the-box integration with ThreatConnect allows you
Read More
2019-05-28

Our CEO, Carsten Willems’ Interview on the Risky Business Podcast

“We are really into the tech. It makes our day if we can detect malware that no one else can.” Continuing our run of podcast interviews, our CEO & Co-Founder Carsten Willems recently featured on the Risky Business Podcast. For over a decade Risky Biz has been one of the
Read More
2019-05-15

Delivering More Comprehensive and In-Depth URL Analysis in VMRay Analyzer 3.0

URLs are a ubiquitous infection vector. Embedded in emails, documents, and webpages, they are encountered early and often in the infection cycle. In addition to hosting exploits and delivering malicious files, they also play a major role in concealing threats and attacks by misdirecting analysis tools and security professionals. To
Read More
2019-05-08

Explained: Smart Memory Dumping

In a recent major update of our flagship platform, VMRay Analyzer 3.0, we made dramatic improvements in the system’s memory dumping capabilities. In an automated approach we call smart memory dumping, VMRay Analyzer now triggers more frequent and more relevant memory dumps to capture a comprehensive view of malware characteristics
Read More
2019-04-30

Empowering Email Users with Abuse Mailbox

Email phishing continues to be the most prevalent infection vector confronting enterprise security teams today. And with no end in sight to email-driven cybercrime, VMRay has been enhancing its email integration options, most recently with the introduction of IR Mailbox, an add-on feature to VMRay Analyzer and VMRay Detector. IR
Read More
2019-04-09

Introducing VMRay Detector: High-Precision Threat Detection at Scale

SOC teams are often overwhelmed by the flood of known and suspected malware coming at them from every direction. Web and email gateways, endpoints and other systems all feed into the fire hose of suspicious files sent to the SOC—and all those potential threats need to be vetted ASAP. The
Read More
2019-03-25

SANS Webcast Recap: Dissecting Popular Malware Evasion Techniques

Like a modern Superbug that has grown resistant to conventional antibiotics, malware today has evolved rapidly and become increasingly complex. While much has been written about malware’s ability to evade sandboxes, little has been made of the specific techniques malware authors are employing to evade detection. In this post—condensed from
Read More
2019-03-07

Reducing Incident Response Times with Splunk Adaptive Response

Typical enterprise security architectures involve tools and products from multiple vendors. An unfortunate reality is these tools and products are not designed to work together out-of-the-box. The Splunk Adaptive Response Framework solves this challenge by connecting all of these products through pre-configured actions. Security teams using the VMRay Add-On for
Read More
2019-03-05

VMRay Analyzer 3.0: Raising the Bar for Automated Malware Analysis & Detection

With today’s release of VMRay Analyzer 3.0, we’ve set a new standard of performance and accuracy with our flagship solution for automated malware analysis and detection. With version 3.0 security teams can quickly analyze and detect advanced, zero-day and targeted malware—and initiate incident response—stopping attacks and threats that other technologies
Read More
2019-02-27

How CyberInt Uses VMRay to Stay One-Step Ahead of Threat Actors

Israeli cybersecurity company CyberInt provides Managed Detection and Response (MDR) services using an innovative approach that leverages both inside-out and outside-in visibility into a customer’s infrastructure. We’ve recently partnered with CyberInt to provide their customers with rapid detection at scale for the tens of thousands of malware samples they see
Read More
2019-01-23

Are You Ready for the Next Attack? 5 Tweaks to Your Incident Response Plan

Guest post by Limor Wainstein, Technical Writer & Editor at Agile SEO. IT security professionals have to deal with preventing and managing a variety of network security risks in their daily work, including cybercrime, the compromise of sensitive data, and service outages. The first line of defense is always prevention,
Read More
2019-01-08

Now, Near, Deep: The Power of Multi-Layered Malware Analysis & Detection

For malware authors, an important part of their strategy is to drown target organizations with a fire hose of constantly changing information. SOC teams struggle to keep pace with attackers’ ability to rapidly generate new malware variants, new URLs leading to infected websites, and new C2 (command & control) server
Read More
2018-12-18

SANS Webcast Recap: Infection to Remediation – Exploring the InfoStealer Kill Chain

While InfoStealers are hardly new, some recent developments have made them far more pervasive, more sophisticated, and more challenging to detect. In this post—condensed from a SANS webcast that he participated in— VMRay Product Manager Rohan Viegas along with SANS analyst Jake Williams discuss the mechanics of how InfoStealers work,
Read More
2018-11-29

Analyzing Location-Based Malware with Geo Anonymization

Malware authors regularly create campaigns to target victims in specific countries. Recent examples using location-based malware include two campaigns that delivered banking trojans to customers of financial institutions in Brazil and the Danabot malware campaign that targeted users in Australia and Europe. Such attacks are often meticulously crafted. The phishing
Read More
2018-11-27

6 Best Practices for your Malware Sandbox Proof of Concept

Any time you incorporate a major new component—such as a sandbox platform—into your security ecosystem, it’s important to do a rigorous, side-by-side evaluation of competing products to determine the best choice for your situation. But a proof of concept is about more than detection rates and vendor scores. It’s also
Read More
2018-11-15

SANS Webcast Recap: Dissecting GandCrab Ransomware

GandCrab is one of the most prevalent ransomware families in 2018. In this post—condensed from a SANS webcast that he participated in— VMRay Product Manager Rohan Viegas discusses the fundamental techniques GandCrab uses to encrypt user’s files and basic detection methods that can provide the first line of defense against
Read More
2018-10-16

How Expel Gets Answers, Not Alerts

Using VMRay Analyzer to get a full picture of attacker activity Tyler Fornes, a Senior Security Analyst at Expel, explains how his team uses VMRay Analyzer to quickly analyze suspicious or malicious files that have been identified in a client’s environment. The most significant result: Investigation times can be cut

Read More
2018-10-10

How VMRay Analyzer Powers MSSPs & MDRs

“The information VMRay Analyzer surfaced was exactly what we needed.” A little while ago our team traveled down to Herndon, VA to visit the offices of our partner Expel and hear first hand how they were using our technology for their MSSP offering. Expel’s CTO Matt Peters explained to us
Read More
2018-10-10

Effectively Responding to a Security Breach with Cb Response

In our recent Partner Perspectives blog post with Carbon Black, we detailed how our out-of-the-box integration with Cb Response allows Computer Incident Response Teams (CIRTs) to be more effective with incident response and proactiveness during threat hunting. To further demonstrate our integration, we created a short video showing how Cb

Read More
2018-10-03

Introducing the IDA Plugin for VMRay Analyzer

In this blog post, we’ll walk through the first version of the VMRay Analyzer IDA Plugin, which uses the output of VMRay Analyzer to enrich IDA Pro static analysis with behavior-based data. The plugin adds comments to dynamically-resolved API calls within IDA to show the resolved function, its parameters, return
Read More
2018-09-18

Improving Cyber Resilience with VMRay + InQuest

About InQuest InQuest provides a data acquisition and analysis platform. Providing network defenders with capabilities to block attacks, detect sophisticated breaches, discover sensitive data leaks, and hunt for otherwise unseen campaigns. Built out of necessity and touting a feature-set driven by seasoned SOC analysts with over 15 years of hands-on
Read More
2018-09-02

DEF CON CTF Finals: An Inside View

Hello everyone, My name is Tobias Scharnowski (@ScepticCtf). I’m a student employee at VMRay and a member of FluxFingers, the official Capture the Flag (CTF) team at Ruhr University Bochum (RUB), supported by VMRay and also part of the German team, Sauercloud. This August, my FluxFingers teammates and I traveled
Read More
2018-08-21

How to Use Interactive Malware Analysis with VMRay Analyzer

[Editor’s Note: This post was updated on May 19th, 2020] In the daily war against malware authors, incident response teams (CIRTs) need a comprehensive yet versatile sandbox as part of their automated malware analysis process. This provides the performance, scalability, and accuracy needed to handle the onslaught of malware-related threats.
Read More
2018-08-07

Forgotten MS Office Features Used to Deliver Malware

According to Microsoft’s 2016 Threat Intelligence Report, 98% of Office-targeted threats use macros. So, shouldn’t we just focus our efforts on detecting threats that leverage macros? Of course not. Attackers will constantly innovate. Finding ways to bypass existing security solutions and making malware easy to execute are top of mind
Read More
2018-07-13

VMRay Analyzer v2.3: Pairing Superior Performance with Exceptional Detection Efficacy

At the core of VMRay Analyzer is our dynamic analysis engine. Built on an agentless hypervisor-based approach, it delivers unparalleled detection efficacy and evasion resistance. In Version 2.0, we added a rapid reputation engine allowing malware analysts and incident response (DFIR) professionals to quickly identify not only known threats but
Read More
Vmray threatfeed

Latest Malware Analysis Reports

Access
Get The Latest Update

Subscribe to our newsletter

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2013-2025 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Proudly Presenting: UniqueSignal
VMRays New Threat Intelligence feed -
Actionable Malware Intelligence, Without The Noise

60 Days Free Trial – Available for a limited time

Start Free Trial