Read @Volexity’s latest #threatintel blog post about Russian threat actor UTA0355's recent campaigns that abuse Device Code and OAuth authentication workflows to impersonate European security events: https://t.co/cJbA6HaxI1. [2/2]

.@Volexity #threatintel tracks a wide variety of threat actors abusing Device Code & OAuth authentication workflows to phish credentials. And these techniques continue to see success due to creative social engineering. [1/2]

Check out our blog post for more details on how UTA0388 used AI + LLMs in their operations:

@Volexity has continued to see nation-state threat actors use AI + LLMs to assist in cyber attacks. Our recent research on a Chinese APT threat actor (UTA0388) using AI in its operation was something @stevenadair recently discussed with the @WSJ.

It was great talking to @bobmcmillan earlier this week on nation-state threat actors using AI ahead of a report released by @AnthropicAI. We often suspect the use of AI in attacks, and our research confirmed #UTA0388 used it to identify targets, write emails, and dev malware.

The 13th annual @volatility #PluginContest is OPEN for submissions! This contest is designed to encourage research & development in the field of #memoryanalysis. Every year, contributions from all around the world continue to help build the next generation of #memoryforensics.

Make sure to get your submissions in by 31 December 2025. More details can be found here:

We had a great day yesterday at #FTSCon 2025! FTSCon Week continues with @joegrand’s Hardware Hacking Basics + @volatility Malware & Memory Forensics training with @attrc, @iMHLv2 & @superponible.

And now @attrc is discussing Detection and Analysis of Linux Rootkits Using Memory Forensics at #FTSCon @Volexity @volatility

Detecting and Preventing Obfuscated Script Execution with Tree-sitter, presented by David McDonald, Software Engineer at Volexity. This talk shows how tree-sitter can detect and block obfuscated scripts, strengthening defenses against AMSI bypasses and malware attacks. #BSidesNYC

Registration for #FTSCon 2025 closes tomorrow! We are really excited to see everyone on Monday, October 20th!

Read @volexity’s latest blog post, "APT Meets GPT: Targeted Operations with UnTamed LLMs": https://t.co/g2QJV6SE47 [2/2]

APT meets GPT: @Volexity #threatintel is tracking #UTA0388's spear phishing campaigns against targets in North America, Europe & Asia, that appear to use LLMs to assist the #threatactor’s ops. Letting #AI run your espionage operations? What could go wrong? [1/2]

We would like to thank @volexity for sponsoring the #FTSCon 2025 Evening Reception, which will be at VUE Rooftop DC this year! If you haven’t registered for FTSCon yet, there’s still time! Registration closes Sunday Oct 12; learn more + register here: https://t.co/NZA6bSWN8i

If you plan to attend the #FTSCon 2025 conference or training sessions, make sure to register before seats sell out! Registration closes this Sunday, October 12!

With Volcano, security teams can automate the entire workflow of acquisition of memory and select files to deep analysis to automated alerts that directly point to signs of memory only malware and attacker activity throughout RAM and key artifacts sources from disk.

Contact us for more information about @Volexity Volcano Server & Volcano One: https://t.co/KPNOCyK70C [2/2]

.@Volexity Volcano Server & Volcano One v25.09.21 adds memory analysis support for ARM64 Linux, macOS 26 (Tahoe) & Windows 25H2, as well as 75+ new YARA rules, 10+ new IOCs, analysis of udev rules, and rolling upgrades for managed endpoints. [1/2]

Learn more here:

Coming up the week of October 20th: #FTSCon + TWO in-person #training opportunities! #dfir #memoryforensics #hardwarehacking