Step #1 for every security program: go hire Volexity and deploy their NSM.

Join us at Black Hat Vegas training in August to learn how to triage modern malware using volatility 3!

- blackhat.com/us-24/training…

- blackhat.com/us-24/training…

Learn how to perform detection + triage of sophisticated malware against Windows 10+ systems using #Volatility3 from Volexity Director of Research & volatility core developer Andrew Case at Bsidesseattle on Apr 27!

bsidesseattle.com/2024-schedule.…

#dfir #memoryforensics #memoryanalysis

Learn how to perform detection + triage of sophisticated malware against Windows 10+ systems using #Volatility3 from Volexity Director of Research & volatility core developer Andrew Case at Bsidesseattle on Apr 27!

bsidesseattle.com/2024-schedule.…

#dfir #memoryforensics #memoryanalysis

🧵Last week we (Volexity) identified and reported in-the wild (ITW) exploitation of CVE-2024-3400 affecting Palo Alto GlobalProtect 👇

volexity.com/blog/2024/04/1…

#dfir #ThreatIntel #infosecurity

Our team at Volexity has identified a new 0day exploited in the wild. This time we caught a threat actor using an unauthenticated RCE in Palo Alto Networks GlobalProtect. It has been assigned CVE-2024-3400 and is covered in this Palo Alto Networks advisory security.paloaltonetworks.com/CVE-2024-3400

CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks - helpnetsecurity.com/2024/04/12/pal… Palo Alto Networks Unit 42 Volexity #Exploit #Firewall #Vulnerability #CyberSecurity #InfoSecurity #CISO #ITsecurity #CyberSecurity News #SecurityNews

Researchers with Volexity discovered exploitation of CVE-2024-3400 on April 10 - however, researchers said that the earliest evidence of attempted exploitation tracks back to March 26.

duo.com/decipher/palo-…

Our team's technical breakdown of exploitation of the Palo Alto 0day. Patch and remediate ASAP!

#DFIR #infosec

Volexity Palo Alto Networks We have seen limited exploitation but impact at multiple customers. We first detected this just two days ago. Impressive response from the Palo Alto Networks team, as they quickly worked with us and have now pushed a Threat Protection signature with a fix to come April 14.

Our blog with details on the exploitation of CVE-2024-3400 is up! An incredibly fast turn around from our detecting a breach to smashing threat actor capabilities. Huge shout out to our Volexity team and our awesome customers & a great response from the Palo Alto Networks team.

Our latest blog post details Volexity's identification & incident response associated with the Palo Alto Networks GlobalProtect #0day vuln, assigned CVE-2024-3400, that the team found being exploited in the wild.

Read more here: volexity.com/blog/2024/04/1…

#DFIR #ThreatIntel

I was interviewed by ForensicFocus about my job at Volexity, how I got introduced into the field of #memoryforensics , the power of memoryforenics and the importance of evidence tampering in the #BhimaKoregaon case. A trip down memory forensics lane.
#dfir #threatintel