{"id":9970,"date":"2024-11-21T09:59:28","date_gmt":"2024-11-21T09:59:28","guid":{"rendered":"\/cybersecurity-blog\/?p=9970"},"modified":"2024-11-21T10:39:46","modified_gmt":"2024-11-21T10:39:46","slug":"mitre-ttps-in-ti-lookup","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/","title":{"rendered":"Explore MITRE ATT&amp;CK Techniques in Real-World Samples with TI Lookup"},"content":{"rendered":"\n<p>We\u2019re excited to announce the latest update to <a href=\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence (TI) Lookup<\/a>. The enhanced home screen now integrates all techniques and tactics of the <a href=\"https:\/\/any.run\/cybersecurity-blog\/mitre-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">MITRE ATT&amp;CK matrix<\/a>, along with relevant malware samples and signatures.&nbsp;<\/p>\n\n\n\n<p>Let\u2019s dive into how these updates can transform your workflow and help you tackle threats with greater confidence.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Redesigned Threat Intelligence Dashboard&nbsp;<\/h2>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"608\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-1024x608.png\" alt=\"\" class=\"wp-image-9975\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-1024x608.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-300x178.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-768x456.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-1536x911.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-2048x1215.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-370x220.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-270x160.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image-5-740x439.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Updated home screen of TI Lookup featuring MITRE ATT&amp;CK matrix<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>The centerpiece of the updated <a href=\"https:\/\/intelligence.any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=mitre_ttps_in_ti_lookup&amp;utm_term=211124&amp;utm_content=linktolookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence home screen<\/a> is the&nbsp;<strong>MITRE ATT&amp;CK matrix<\/strong>, neatly organizing tactics and techniques into a clear, actionable layout.&nbsp;<\/p>\n\n\n\n<p>But here\u2019s where it gets really exciting: The matrix is interactive and lets you explore&nbsp;<strong><a href=\"https:\/\/any.run\/cybersecurity-blog\/malware-analysis-report\/\" target=\"_blank\" rel=\"noreferrer noopener\">actual malware samples<\/a><\/strong>&nbsp;tied to each technique. This bridges the gap between theoretical knowledge of attack patterns and practical insights into how those patterns are used in real-world attacks.&nbsp;<\/p>\n\n\n\n<p>The new home screen is designed to be super functional for anyone working with malware, whether you\u2019re a malware analyst, an incident responder, a threat researcher, or just someone curious about how malware operates.&nbsp;<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nCollect threat intel on the <span class=\"highlight\">latest malware and phishing<\/span> attacks with TI Lookup&nbsp;\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/intelligence.any.run\/plans\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=mitre_ttps_in_ti_lookup&#038;utm_term=211124&#038;utm_content=linktotiplans\" rel=\"noopener\" target=\"_blank\">\nGet trial access\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">Making the MITRE ATT&amp;CK Matrix Actionable&nbsp;<\/h2>\n\n\n\n<p>One of the core goals of this redesign was to turn the&nbsp;MITRE ATT&amp;CK classification&nbsp;into a&nbsp;working tool&nbsp;for analysts. Instead of just showcasing popular techniques, the matrix now:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Covers all techniques we detect\u2014not just a subset<\/li>\n\n\n\n<li>Links techniques to detection data and real-world examples<\/li>\n\n\n\n<li>Helps analysts identify patterns and connections across incidents<\/li>\n<\/ul>\n\n\n\n<p>This update takes analysts beyond just understanding the techniques and tactics. It&nbsp;helps them put that knowledge into action. <\/p>\n\n\n\n<p>They can see how specific techniques have been used in real attacks, spot the malware families tied to certain behaviors, and fine-tune their detection rules to better defend against similar threats in the future.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Use the Interactive MITRE ATT&amp;CK Matrix <\/h2>\n\n\n\n<p>With the new home screen, all techniques and tactics are displayed clearly. Clicking on any technique opens up a wealth of information and analysis samples related to it, including its sub-techniques. &nbsp;<\/p>\n\n\n\n<p>The updated TI Lookup now includes filtering options for MITRE ATT&amp;CK matrix techniques to help users prioritize threats:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Red (danger):<\/strong>&nbsp;High-risk techniques requiring immediate action<\/li>\n\n\n\n<li><strong>Yellow (warning):<\/strong>&nbsp;Moderate-risk techniques for ongoing analysis<\/li>\n\n\n\n<li><strong>Blue (other):<\/strong>&nbsp;Low-risk or less urgent techniques<\/li>\n<\/ul>\n\n\n\n<p>Users can refine their view by choosing to hide or display specific categories using the button next to the labels.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"249\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-1024x249.png\" alt=\"\" class=\"wp-image-9976\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-1024x249.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-300x73.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-768x187.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-1536x373.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-2048x498.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-370x90.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-270x66.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image2-5-740x180.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Filtering options for MITRE ATT&amp;CK techniques<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>Here\u2019s an example of how the redesigned TI Lookup can be used to explore real-world malware scenarios. Let\u2019s take a closer look at the samples related to spearphishing links.&nbsp;<\/p>\n\n\n\n<p>In the&nbsp;<strong>Initial Access<\/strong>&nbsp;section of the MITRE ATT&amp;CK matrix, you\u2019ll find&nbsp;<strong>Phishing (T1566)<\/strong>, which includes sub-techniques like spearphishing. &nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"371\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-1024x371.png\" alt=\"\" class=\"wp-image-9977\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-1024x371.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-300x109.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-768x278.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-1536x556.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-2048x741.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-370x134.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-270x98.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image3-7-740x268.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Spearphishing link sub-technique displayed in TI Lookup<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>Clicking on&nbsp;<strong>Phishing<\/strong>&nbsp;brings up a new tab with detailed information, including:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An overview of&nbsp;<strong>Phishing<\/strong>&nbsp;and its popular sub-techniques, such as spearphishing links, spearphishing attachments, and more<\/li>\n\n\n\n<li>Insights into related processes and threats<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"552\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-1024x552.png\" alt=\"\" class=\"wp-image-9978\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-1024x552.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-300x162.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-768x414.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-1536x828.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-2048x1104.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-370x200.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-270x146.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image4-5-740x399.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Tactics, techniques and procedures of phishing (T1566)<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>For example, under the&nbsp;<strong>Spearphishing Links<\/strong>&nbsp;sub-technique, you\u2019ll see signatures pulled from actual analysis sessions. <\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nTry TI Lookup&#8217;s <span class=\"highlight\">interactive<\/span> MITRE ATT&#038;CK matrix&nbsp;\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/intelligence.any.run\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=mitre_ttps_in_ti_lookup&#038;utm_term=211124&#038;utm_content=linktolookup\/\" rel=\"noopener\" target=\"_blank\">\nExplore it now\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<p>These might include:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A QR code containing a malicious URL<\/li>\n\n\n\n<li>A potential phishing attempt leveraging&nbsp;Freshdesk abuse<\/li>\n\n\n\n<li>Suspicious URLs identified in real-world samples, and much more<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"640\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-1024x640.png\" alt=\"\" class=\"wp-image-9979\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-1024x640.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-300x188.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-768x480.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-1536x961.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-2048x1281.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-370x231.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-270x169.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image5-4-740x463.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Signatures related to sprearphishing links pulled from analysis sessions<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>When you select a technique, sub-technique, or a specific signature, the service will show relevant samples along with links to corresponding sandbox sessions where the selected TTP was identified.&nbsp;<br>&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"245\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-1024x245.png\" alt=\"\" class=\"wp-image-9980\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-1024x245.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-300x72.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-768x184.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-370x89.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-270x65.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4-740x177.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image6-4.png 1436w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Clicking the button in the top right corner takes you to the sandbox session<\/em> <\/figcaption><\/figure><\/div>\n\n\n<p>With one click, you can jump into <a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=mitre_ttps_in_ti_lookup&amp;utm_term=211124&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN\u2019s sandbox<\/a> to observe the <a href=\"https:\/\/app.any.run\/tasks\/dddaf024-6235-4798-af11-b50d9d244b41\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=mitre_ttps_in_ti_lookup&amp;utm_term=211124&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">behavior of the malware<\/a> in action and analyze the attack\u2019s overall structure. &nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"585\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-1024x585.png\" alt=\"\" class=\"wp-image-9983\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-1024x585.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-300x171.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-768x438.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-1536x877.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-2048x1169.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-370x211.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-270x154.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/blurred_qr-740x422.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>The sandbox session featuring the explored TTP<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>If you want to dive deeper and gather&nbsp;<strong><a href=\"https:\/\/any.run\/cybersecurity-blog\/how-to-collect-iocs-in-sandbox\/\" target=\"_blank\" rel=\"noreferrer noopener\">Indicators of Compromise<\/a> (IOCs)<\/strong>&nbsp;for your analysis, there are two ways to do so. &nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"332\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5.png\" alt=\"\" class=\"wp-image-9984\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5.png 800w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5-300x125.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5-768x319.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5-370x154.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5-270x112.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image8-5-740x307.png 740w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><figcaption class=\"wp-element-caption\"><em>Click the magnifying glass icon next to the TTP to filter the results<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>First, you can use the search icon next to each threat to instantly uncover additional details, such as domains, IPs, URLs, files, and other relevant context tied to the selected technique.&nbsp;<\/p>\n\n\n\n<p>Alternatively, by clicking on <em>TI Lookup<\/em>&nbsp;in the upper-right corner of the tab, you\u2019ll be redirected to the dedicated&nbsp;<strong>TI Lookup search page<\/strong>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"551\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-1024x551.png\" alt=\"\" class=\"wp-image-9985\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-1024x551.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-300x161.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-768x413.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-1536x826.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-2048x1101.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-370x199.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-270x145.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/image9-3-740x398.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Find more samples with the TTP of your interest via TI Lookup <\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>Here, you can refine your search and explore a wealth of actionable intelligence. TI Lookup is designed to provide everything an analyst needs in one place, comprehensive data about specific techniques, behavior patterns, malware families, and their associated IOCs, IOBs, and IOAs.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"606\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-1024x606.png\" alt=\"\" class=\"wp-image-9986\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-1024x606.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-300x178.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-768x455.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-1536x910.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-2048x1213.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-370x219.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-270x160.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/11\/imagea-740x438.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Search results for the &#8220;Suspicious URL&#8221; TTP<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>This new workflow not only makes it easier to understand the processes behind a specific technique but also provides the context needed to develop better strategies for combating similar threats.&nbsp;<\/p>\n\n\n\n<p>For instance, by analyzing spearphishing links in-depth, you\u2019ll gain insights into the methods attackers use to trick victims and the types of payloads delivered. Armed with this knowledge, you can:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create detection rules tailored to phishing tactics<\/li>\n\n\n\n<li>Enhance your defense mechanisms to block similar attacks in the future<\/li>\n\n\n\n<li>Build detailed reports for stakeholders, complete with real-world examples and actionable recommendations<\/li>\n<\/ul>\n\n\n\n<!-- CTA Split START -->\n<div class=\"cta-split\">\n<div class=\"cta__split-left\">\n\n<!-- Image -->\n<img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/mcusercontent.com\/663b94f19348582a8dc323efe\/images\/0d88188b-3e89-2314-5a60-cb87e8077326.png\" alt=\"ANY.RUN cloud interactive sandbox interface\" class=\"cta__split-icon\" \/>\n<\/div>\n\n<div class=\"cta__split-right\">\n<div>\n\n<!-- Heading -->\n<h3 class=\"cta__split-heading\"><br>Learn to Track Emerging Cyber Threats<\/h3>\n\n<!-- Text -->\n<p class=\"cta__split-text\">\nCheck out expert guide to collecting intelligence on emerging threats with <span class=\"highlight\">TI Lookup<\/span>\n<br \/>\n<br \/>\n<\/p>\n<\/div>\n<!-- CTA Link -->\n<a target=\"_blank\" rel=\"noopener\" id=\"article-banner-split\" href=\"https:\/\/any.run\/cybersecurity-blog\/emerging-threats\/\"><div class=\"cta__split-link\">Read full guide<\/div><\/a>\n<\/div>\n<\/div>\n<!-- CTA Split END -->\n<!-- CTA Split Styles START -->\n<style>\n.cta-split {\noverflow: hidden;\nmargin: 3rem 0;\ndisplay: grid;\njustify-items: center;\nborder-radius: 0.5rem;\nwidth: 100%;\nmin-height: 25rem;\ngrid-template-columns: repeat(2, 1fr);\nborder: 1px solid rgba(75, 174, 227, 0.32);\nfont-family: 'Catamaran Bold';\n}\n\n.cta__split-left {\ndisplay: flex;\nalign-items: center;\njustify-content: center;\nheight: 100%;\nwidth: 100%;\nbackground-color: #161c59;\nbackground-position: center center;\nbackground: rgba(32, 168, 241, 0.1);\n}\n\n.cta__split-icon { \nwidth: 100%;\nheight: auto;\nobject-fit: contain;\nmax-width: 100%;\n}\n\n.cta__split-right {\ndisplay: flex;\nflex-direction: column;\njustify-content: space-between;\npadding: 2rem;\n}\n\n.cta__split-heading { font-size: 1.5rem; }\n\n.cta__split-text {\nmargin-top: 1rem;\nfont-family: Lato, Roboto, sans-serif;\n}\n\n.cta__split-link {\npadding: 0.5rem 1rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: white;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\ndisplay: block;\nz-index: 1000;\nposition: relative;\ncursor: pointer !important;\n}\n\n.cta__split-link:hover {\nbackground-color: #68CBFF;\ncolor: white;\ncursor: pointer;\n}\n\n.highlight { color: #ea2526;}\n\n\n\/* Mobile styles START *\/\n@media only screen and (max-width: 768px) {\n\n.cta-split {\ngrid-template-columns: 1fr;\nmin-height: auto;\n}\n\n.cta__split-left {\nheight: auto;\nmin-height: 10rem;\n}\n\n\n.cta__split-left, .cta__split-right {\nheight: auto;\n}\n\n.cta__split-heading { font-size: 1.2rem; }\n\n.cta__split-text { font-size: 1rem; }\n.cta__split-icon {\nmax-height: auto;\nobject-fit: cover;\n}\n\n}\n\/* Mobile styles END *\/\n<\/style>\n<!-- CTA Split Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p>Whether it\u2019s phishing, persistence techniques, or lateral movement, TI Lookup provides the tools you need to dive deep into the data and make informed decisions. With the redesigned home screen, the service is now even more useful for security analysts and researchers, as it helps them easily find samples where specific TTPs were used.  &nbsp;<\/p>\n\n\n\n<p>Ready to see it in action? Head over to <a href=\"https:\/\/intelligence.any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=mitre_ttps_in_ti_lookup&amp;utm_term=211124&amp;utm_content=linktolookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a> and start exploring!&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About ANY.RUN&nbsp;&nbsp;<\/h2>\n\n\n\n<p>ANY.RUN\u2019s\u00a0<a href=\"https:\/\/any.run\/threat-intelligence-lookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a>\u00a0and\u00a0<a href=\"https:\/\/any.run\/threat-intelligence-lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=mitre_ttps_in_ti_lookup&amp;utm_term=211124&amp;utm_content=linktotilanding\" target=\"_blank\" rel=\"noreferrer noopener\">YARA Search<\/a>\u00a0services allow for precise threat hunting and the extraction of valuable insights into current cyber threat trends. What\u2019s impressive is how fast these scans are\u2014they significantly speed up the analysis process, allowing for quick detection of threats and malware.\u00a0<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/plans\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=mitre_ttps_in_ti_lookup&amp;utm_term=211124&amp;utm_content=linktotiplans\" target=\"_blank\" rel=\"noreferrer noopener\">Test ANY.RUN\u2019s Threat Intelligence Lookup and YARA Search with a trial \u2192<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We\u2019re excited to announce the latest update to Threat Intelligence (TI) Lookup. The enhanced home screen now integrates all techniques and tactics of the MITRE ATT&amp;CK matrix, along with relevant malware samples and signatures.&nbsp; Let\u2019s dive into how these updates can transform your workflow and help you tackle threats with greater confidence.&nbsp; Redesigned Threat Intelligence [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":9993,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[57,10,54,55,56],"class_list":["post-9970","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-service-updates","tag-anyrun","tag-cybersecurity","tag-features","tag-release","tag-update"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Explore MITRE ATT&amp;CK TTPs in Real Samples with TI Lookup<\/title>\n<meta name=\"description\" content=\"See how TI Lookup integrates an interactive MITRE ATT&amp;CK matrix that provides relevant malware and phishing samples for different TTPs.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"Explore MITRE ATT&amp;CK Techniques in Real-World Samples with TI Lookup\",\"datePublished\":\"2024-11-21T09:59:28+00:00\",\"dateModified\":\"2024-11-21T10:39:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/\"},\"wordCount\":1138,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"ANYRUN\",\"cybersecurity\",\"features\",\"release\",\"update\"],\"articleSection\":[\"Service Updates\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/\",\"name\":\"Explore MITRE ATT&CK TTPs in Real Samples with TI Lookup\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2024-11-21T09:59:28+00:00\",\"dateModified\":\"2024-11-21T10:39:46+00:00\",\"description\":\"See how TI Lookup integrates an interactive MITRE ATT&CK matrix that provides relevant malware and phishing samples for different TTPs.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Service Updates\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/service-updates\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Explore MITRE ATT&amp;CK Techniques in Real-World Samples with TI Lookup\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Explore MITRE ATT&CK TTPs in Real Samples with TI Lookup","description":"See how TI Lookup integrates an interactive MITRE ATT&CK matrix that provides relevant malware and phishing samples for different TTPs.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"Explore MITRE ATT&amp;CK Techniques in Real-World Samples with TI Lookup","datePublished":"2024-11-21T09:59:28+00:00","dateModified":"2024-11-21T10:39:46+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/"},"wordCount":1138,"commentCount":0,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["ANYRUN","cybersecurity","features","release","update"],"articleSection":["Service Updates"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/","url":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/","name":"Explore MITRE ATT&CK TTPs in Real Samples with TI Lookup","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2024-11-21T09:59:28+00:00","dateModified":"2024-11-21T10:39:46+00:00","description":"See how TI Lookup integrates an interactive MITRE ATT&CK matrix that provides relevant malware and phishing samples for different TTPs.\u00a0","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/mitre-ttps-in-ti-lookup\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Service Updates","item":"https:\/\/any.run\/cybersecurity-blog\/category\/service-updates\/"},{"@type":"ListItem","position":3,"name":"Explore MITRE ATT&amp;CK Techniques in Real-World Samples with TI Lookup"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/9970"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=9970"}],"version-history":[{"count":14,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/9970\/revisions"}],"predecessor-version":[{"id":10006,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/9970\/revisions\/10006"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/9993"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=9970"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=9970"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=9970"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}