Volexity's Avatar

Volexity

@volexity.com

A security firm providing Incident Response, Proactive Threat Assessments, Trusted Advisory, and Threat Intelligence // volexity.com

1,175
Followers 7
Following 36
Posts 22.10.2024
Joined
Posts Following

Latest posts by Volexity @volexity.com

Preview
The 2025 Volatility Plugin Contest results are in! Results from the 13th Annual Volatility Plugin Contest are in! We received 8 submissions from 7 different countries that included 20 plugins. Contest submissions included a range of features…

We are excited to announce the First Place winner of the 2025 #Volatility #PluginContest is:

Daniel Baier for XRFM Inspector

See the full Contest Results in our blog post: volatilityfoundation.org/the-2025-vol...

Congrats to all winners & thank you to all participants!

#DFIR #memoryforensics

06.03.2026 14:25 👍 4 🔁 3 💬 1 📌 0
Post image

Volatility New Release: #volatility3 v2.27.0 - visit github.com/volatilityfo... for details and downloads.

#memoryforensics #dfir

30.01.2026 14:30 👍 3 🔁 3 💬 0 📌 0
Preview
Contact If you'd like to learn more about Volexity, please contact us!

Contact us for more information about Volexity Volcano Server & Volcano One: volexity.com/company/cont... [3/3]

05.01.2026 16:39 👍 0 🔁 0 💬 0 📌 0

Volexity Volcano Server & Volcano One v25.12.18 also adds cross-account s3 bucket monitoring, automated health check alerts, SAML role mappings, and increased auditing. [2/3]

05.01.2026 16:39 👍 0 🔁 0 💬 1 📌 0
Post image

Volexity Volcano Server & Volcano One v25.12.18 adds 300+ YARA rules, full parsing of Windows prefetch and Linux cron jobs, inline syscall hooking detection, and 5-level page table support. [1/3]

05.01.2026 16:39 👍 1 🔁 1 💬 1 📌 0

And that’s it! The 2025 #Volatility #PluginContest is now closed. Stay tuned for winner announcements in the coming weeks! And good luck to all contenders!
#memoryforensics #opensource #dfir

01.01.2026 15:22 👍 4 🔁 2 💬 0 📌 0

Today is the last day to submit entries to the #PluginContest! This is your chance to gain industry-wide visibility for your work, contribute to an important open-source project, and compete for cash prizes! More details below!👇

31.12.2025 14:47 👍 2 🔁 1 💬 0 📌 1

There are only 2 days left to submit your entries to the #Volatility #PluginContest! The deadline is Wednesday!

29.12.2025 19:46 👍 1 🔁 1 💬 0 📌 0

You have 5 more days to submit your entries to the #Volatility #PluginContest!

26.12.2025 15:11 👍 1 🔁 2 💬 0 📌 0

There are 9 days left to submit entries to the #Volatility #PluginContest! Make sure to get your submissions in by the deadline!

22.12.2025 13:30 👍 2 🔁 2 💬 0 📌 0

The @volatilityfoundation.org #PluginContest closes on Dec 31, 2025! Make sure to submit your entry by the deadline! If you’re looking for inspiration, take a look at our roll call of past contest submissions: volatilityfoundation.org/volatility-p....

#memoryforensics

08.12.2025 18:57 👍 2 🔁 1 💬 0 📌 1
Preview
Dangerous Invitations: Russian Threat Actor Spoofs European Security Events in Targeted Phishing Attacks In early 2025, Volexity published two blog posts detailing a new trend among Russian threat actors targeting organizations through the abuse of Microsoft 365 OAuth and Device Code authentication workf...

@volexity.com tracks a variety of threat actors abusing Device Code & OAuth authentication workflows to phish credentials, which continue to see success due to creative social engineering. Our latest blog post details Russian threat actor UTA0355’s campaigns impersonating European security events.

04.12.2025 18:36 👍 10 🔁 8 💬 0 📌 0
Preview
How AI is changing hacking The tech company Anthropic’s AI technology was used by Chinese-backed hackers trying to breach foreign governments and major corporations.

@stevenadair.bsky.social recently spoke with Here & Now’s Scott Tong (@npr.org @wbur.org) about @volexity.com’s discovery of China-aligned threat actor UTA0388 using AI + LLMs in targeted phishing attacks. Listen here: www.wbur.org/hereandnow/2...

03.12.2025 20:04 👍 2 🔁 1 💬 0 📌 0
Preview
APT Meets GPT: Targeted Operations with Untamed LLMs Starting in June 2025, Volexity detected a series of spear phishing campaigns targeting several customers and their users in North America, Asia, and Europe. The initially observed campaigns were tail...

Check out our recent blog post for more details on how UTA0388 used AI + LLMs in their operations: www.volexity.com/blog/2025/10...

14.11.2025 16:28 👍 3 🔁 2 💬 0 📌 0

@volexity.com has continued to see nation-state threat actors use AI + LLMs to assist in cyber attacks. Our recent research on a Chinese APT threat actor (UTA0388) using AI in its operation was something @stevenadair.bsky.social recently discussed with the @wsj.com.

14.11.2025 16:28 👍 4 🔁 4 💬 1 📌 0
Preview
The 13th Annual Volatility Plugin Contest is Open! We are excited to announce that the Volatility Plugin Contest is officially open for submissions! The annual Plugin Contest is your opportunity to: Directly contribute to the open source forensics …

The 13th annual @volatility #PluginContest is OPEN for submissions until 31 Dec 2025!

This contest is designed to encourage research & development in the field of #memoryanalysis. Every year, contributions from all around the world continue to help build the next generation of #memoryforensics.

29.10.2025 15:37 👍 1 🔁 4 💬 0 📌 4
Post image Post image Post image Post image

We had a great day yesterday at #FTSCon 2025! FTSCon Week continues with @joegrand.bsky.social's Hardware Hacking Basics + #Volatility Malware & Memory Forensics training with @attrc.bsky.social, Michael Ligh + Dave Lassalle.

21.10.2025 13:37 👍 3 🔁 5 💬 0 📌 0
Post image

@stevenadair.bsky.social is back again!

Founder + President of Volexity leading a team of experts that deal w/ complex cyber intrusions from nation-state level intruders. His talk will cover a Chinese APT actor that Volexity tracks as UTA0388.

Check out the official agenda:
cyberwarcon.com

15.10.2025 15:11 👍 2 🔁 5 💬 0 📌 1

Registration for #FTSCon 2025 closes tomorrow! We are really excited to see everyone on Monday, October 20th!

10.10.2025 12:03 👍 0 🔁 1 💬 0 📌 0
Preview
APT Meets GPT: Targeted Operations with Untamed LLMs Starting in June 2025, Volexity detected a series of spear phishing campaigns targeting several customers and their users in North America, Asia, and Europe. The initial observed campaigns were tailor...

APT meets GPT: @volexity.com #threatintel is tracking #threatactor UTA0388's spear phishing campaigns against targets in North America, Europe & Asia, appearing to use LLMs to assist their ops. Letting #AI run your espionage operations? What could go wrong?

08.10.2025 12:35 👍 3 🔁 3 💬 0 📌 0
Post image

We would like to thank @volexity.com for sponsoring the #FTSCon 2025 Evening Reception, which will be at VUE Rooftop DC this year! If you haven’t registered for FTSCon yet, there’s still time! Registration closes Sunday Oct 12; learn more + register here: volatilityfoundation.org/from-the-sou...

07.10.2025 16:47 👍 3 🔁 4 💬 0 📌 0
Preview
From The Source 2025 Learn Directly from the World’s Leading Digital Investigators: On Monday, October 20, 2025, the Volatility Foundation is hosting From The Source, a one-day summit, in Arlington, VA, followed by fou…

The full lineup for our From the Source event is out! The event take places on October 20th in Arlington, VA. Joe Grand will keynote followed by an amazing speaker line up across two tracks. All proceeds will be donated to Connect Our Kids. volatilityfoundation.org/from-the-sou...

06.10.2025 15:49 👍 3 🔁 3 💬 0 📌 0

If you plan to attend the #FTSCon 2025 conference or training sessions, make sure to register before seats sell out! Registration closes this Sunday, October 12!

06.10.2025 16:45 👍 1 🔁 1 💬 0 📌 1

With Volcano, security teams can automate the entire workflow of acquisition of memory and select files to deep analysis to automated alerts that directly point to signs of memory only malware and attacker activity throughout RAM and key artifacts sources from disk.

03.10.2025 17:05 👍 4 🔁 2 💬 0 📌 0
The stylized blue, orange and black Volexity Volcano logo is centered, with the Volcano wordmark below it. The words “by Volexity” appear below the Volcano logo. There is a dark blue banner in the upper left with white letters that read “New Release”. The background is a faded gray abstract illustration evoking smoke.

The stylized blue, orange and black Volexity Volcano logo is centered, with the Volcano wordmark below it. The words “by Volexity” appear below the Volcano logo. There is a dark blue banner in the upper left with white letters that read “New Release”. The background is a faded gray abstract illustration evoking smoke.

@volexity.com Volcano Server & Volcano One v25.09.21 adds memory analysis support for ARM64 Linux, macOS 26 (Tahoe) & Windows 25H2, plus 75+ new YARA rules, 10+ new IOCs, analysis of udev rules & rolling upgrades for managed endpoints.

For more information, contact us: volexity.com/company/cont...

01.10.2025 18:06 👍 5 🔁 2 💬 0 📌 1
Post image

New Release: #volatility3 v2.26.2 - visit github.com/volatilityfo... for details and downloads.

#memoryforensics #dfir

29.09.2025 22:19 👍 4 🔁 3 💬 0 📌 0

Coming up the week of October 20th: #FTSCon + TWO in-person #training opportunities!

Learn more here: volatilityfoundation.org/from-the-sou...

#dfir #memoryforensics #hardwarehacking

29.09.2025 17:16 👍 3 🔁 4 💬 0 📌 1
Post image

#FTSCon Speaker Spotlight: Michael Carson is presenting “Thorium” in the MAKER track.

See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...

19.09.2025 19:46 👍 1 🔁 2 💬 0 📌 0
Post image

#FTSCon Speaker Spotlight: Tom Lancaster (@tlansec.bsky.social) & Josh Duke are presenting “Mission Auth Possible: Passwordless Phishing” in the HUNTER track.

See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...

19.09.2025 18:43 👍 3 🔁 4 💬 0 📌 0