🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

We're hiring Volexity! Details can be found at the job posting below 👇 volexity.com/company/career… Don't hesitate to reach out with questions!

We are excited to announce the opening keynote for #FTSCon: Volexity's Steven Adair & Sean Koessel will present "The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access". Event details + how to register: volatilityfoundation.org/from-the-sourc… #dfir

tlansec volatility And here is another opportunity to hear a talk from Volexity at #FTSCon on October 21: Steven Adair (Steven Adair) and Sean Koessel (5ck ) will present "The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access" x.com/volatility/sta…

We are hiring! Come join Volexity's Threat Detection team. This is a SOC-type role with purview across our customers to identify suspicious & malicious activity using our telemetry across network, EDR/AV, email, logs & more! Take a look! volexity.com/company/career…

There are only a few tickets left for #FTSCon & we are planning to close registration Monday! We are excited to see all of you & hear great talks by amazing speakers from across the industry. Register here: events.humanitix.com/from-the-sourc… #dfir

« #DFIR people have two best friends: strings and grep » (Paul Rascagnères) #QOTD

Tomorrow I will do an unexpected talk about edge-security incidents at hack_lu. I will present the behind the scenes of the recent incident responses where we have been involved. #hacklu

.Volexity has published a blog post detailing variants of LIGHTSPY & DEEPDATA malware discovered in the summer of 2024, including exploitation of a vulnerability in FortiClient to extract credentials from memory. Read more here: volexity.com/blog/2024/11/1… #dfir #threatintel

.Volexity’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target, while the attacker was halfway around the world. volexity.com/blog/2024/11/2… #dfir

Steven Adair and I presented on this last month at #FTSCon (IYKYK). Steven is also presenting today CYBERWARCON. Really excited to finally share this research publicly! It's probably one of the more crazy/interesting IR engagements we've ever worked! #DFIR #ThreatIntel

Just gave a talk about the Nearest Neighbor Attack at #CYBERWARCON and had a great time detailing our findings. This was a lot of great work by our Volexity team and special thanks to 5ck and tlansec for the long hours working on it! Def. one of our wildest #DFIR engagements!

.Volexity has developed a new #opensource tool, “HWP Extract”, a lightweight Python library & CLI for interacting with Hangul Word Processor files. It also supports object extraction from password-protected HWP files. Download here: github.com/volexity/hwp-e…   #dfir #threatintel

This talk is a great way to watch/listen to the details behind the work Steven Adair, 5ck, tlansec + @volexity’s #threatintel & IR teams did to investigate the Nearest Neighbor Attack. The related blog post is here: volexity.com/blog/2024/11/2…

.Volexity recently identified multiple Russian threat actors targeting users via #socialengineering + #spearphishing campaigns with Microsoft 365 Device Code authentication (a well-known technique) with alarming success: volexity.com/blog/2025/02/1… #dfir #threatintel #m365security

📣 Oops!... They did it again!!! 61 Talks submitted and so many too good that, once again, we had to increase a bit the number of accepted talks. 🔥 #PIVOTcon25 Agenda is finally here, and the caliber is insane!!! Check it out ➡️ link below in second post #CTI #ThreatIntel 1/19

Today, Volexity released GoResolver, open-source tooling to assist reverse engineers with obfuscated Golang samples. Paul Rascagnères & Killian Raimbaud presented details at INCYBER Forum earlier today. Learn how GoResolver works + where to download it: volexity.com/blog/2025/04/0… #dfir

Check out this great research and new open source tool by our threat intel team!

.Volexity #threatintel: Multiple Russian threat actors are using Signal, WhatsApp & a compromised Ukrainian gov email address to impersonate EU officials. These phishing attacks abuse 1st-party Microsoft Entra apps + OAuth to compromise targets. volexity.com/blog/2025/04/2… #dfir

We are very excited to announce that Volatility 3 has reached parity with Volatility 2! With this achievement, Volatility 2 is now deprecated. See the full details in our blog post: volatilityfoundation.org/announcing-the…

Congratulations to all of the Volatility contributors - this was no small feat! We are proud to be a sustaining sponsor of this important open-source project that remains the world’s most widely used memory forensics platform. #dfir