Paul Rascagnères
@r00tbsd
Threat Researcher at @Volexity | Mastodon account: 🐘 @[email protected] |
ID:137062000
http://www.r00ted.com 25-04-2010 17:37:27
235 Tweets
17,1K Followers
2,3K Following
The volatility Team will be hosting a four day training + one day conference on Volatility 3 this October in D.C. This is your chance to learn Volatility 3 directly from the core team plus learn about cutting edge malware analysis and threat intel!
volatilityfoundation.org/the-2023-volat…
Volexity Palo Alto Networks We have seen limited exploitation but impact at multiple customers. We first detected this just two days ago. Impressive response from the Palo Alto Networks team, as they quickly worked with us and have now pushed a Threat Protection signature with a fix to come April 14.
Our team at Volexity has identified a new 0day exploited in the wild. This time we caught a threat actor using an unauthenticated RCE in Palo Alto Networks GlobalProtect. It has been assigned CVE-2024-3400 and is covered in this Palo Alto Networks advisory security.paloaltonetworks.com/CVE-2024-3400
We are also excited to announce in-person Malware & Memory Forensics Training on #Volatility3 is coming October 2024!
AND the volatility Foundation is hosting a one-day summit in conjunction with the training!
See details in the Contest Results post: volatilityfoundation.org/the-2023-volat…
.Volexity consistently observes Iranian #apt group CharmingCypress innovate ways to persistently pursue targets. This blog reviews the group's phishing tactics & malware + investigates an attack with Volexity Volcano: volexity.com/blog/2024/02/1…
#dfir #threatintel #memoryforensics
In this blog post, Michael Ligh (MHL) + Andrew Case break down how Volexity used #memoryforensics to discover two #0days being chained together to achieve unauthenticated remote code execution in Ivanti Connect Secure VPN devices. More details here: volexity.com/blog/2024/02/0…
#dfir #threatintel