Kristel Faris
@kristelfaris.bsky.social
Creative. Mom. Loves the outdoors. Plymouth State alum. Marketing @volexity.com
Reposted by Kristel Faris
Check out our recent blog post for more details on how UTA0388 used AI + LLMs in their operations: www.volexity.com/blog/2025/10...
APT Meets GPT: Targeted Operations with Untamed LLMs
Starting in June 2025, Volexity detected a series of spear phishing campaigns targeting several customers and their users in North America, Asia, and Europe. The initially observed campaigns were tail...
www.volexity.com
November 14, 2025 at 4:28 PM
Check out our recent blog post for more details on how UTA0388 used AI + LLMs in their operations: www.volexity.com/blog/2025/10...
Reposted by Kristel Faris
@volexity.com has continued to see nation-state threat actors use AI + LLMs to assist in cyber attacks. Our recent research on a Chinese APT threat actor (UTA0388) using AI in its operation was something @stevenadair.bsky.social recently discussed with the @wsj.com.
Exclusive: China’s state-sponsored hackers used Anthropic’s AI model to automate break-ins of major corporations and foreign governments.
Chinese Hackers Used Anthropic’s AI to Automate Cyberattacks
The use of AI automation in hacks is a growing trend that gives hackers additional scale and speed
on.wsj.com
November 14, 2025 at 4:28 PM
@volexity.com has continued to see nation-state threat actors use AI + LLMs to assist in cyber attacks. Our recent research on a Chinese APT threat actor (UTA0388) using AI in its operation was something @stevenadair.bsky.social recently discussed with the @wsj.com.
Reposted by Kristel Faris
We had a great day yesterday at #FTSCon 2025! FTSCon Week continues with @joegrand.bsky.social's Hardware Hacking Basics + #Volatility Malware & Memory Forensics training with @attrc.bsky.social, Michael Ligh + Dave Lassalle.
October 21, 2025 at 1:37 PM
We had a great day yesterday at #FTSCon 2025! FTSCon Week continues with @joegrand.bsky.social's Hardware Hacking Basics + #Volatility Malware & Memory Forensics training with @attrc.bsky.social, Michael Ligh + Dave Lassalle.
Reposted by Kristel Faris
With Volcano, security teams can automate the entire workflow of acquisition of memory and select files to deep analysis to automated alerts that directly point to signs of memory only malware and attacker activity throughout RAM and key artifacts sources from disk.
@volexity.com Volcano Server & Volcano One v25.09.21 adds memory analysis support for ARM64 Linux, macOS 26 (Tahoe) & Windows 25H2, plus 75+ new YARA rules, 10+ new IOCs, analysis of udev rules & rolling upgrades for managed endpoints.
For more information, contact us: volexity.com/company/cont...
For more information, contact us: volexity.com/company/cont...
October 3, 2025 at 5:05 PM
With Volcano, security teams can automate the entire workflow of acquisition of memory and select files to deep analysis to automated alerts that directly point to signs of memory only malware and attacker activity throughout RAM and key artifacts sources from disk.
Reposted by Kristel Faris
The full lineup for our From the Source event is out! The event take places on October 20th in Arlington, VA. Joe Grand will keynote followed by an amazing speaker line up across two tracks. All proceeds will be donated to Connect Our Kids. volatilityfoundation.org/from-the-sou...
From The Source 2025
Learn Directly from the World’s Leading Digital Investigators: On Monday, October 20, 2025, the Volatility Foundation is hosting From The Source, a one-day summit, in Arlington, VA, followed by fou…
volatilityfoundation.org
October 6, 2025 at 3:49 PM
The full lineup for our From the Source event is out! The event take places on October 20th in Arlington, VA. Joe Grand will keynote followed by an amazing speaker line up across two tracks. All proceeds will be donated to Connect Our Kids. volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
We would like to thank @volexity.com for sponsoring the #FTSCon 2025 Evening Reception, which will be at VUE Rooftop DC this year! If you haven’t registered for FTSCon yet, there’s still time! Registration closes Sunday Oct 12; learn more + register here: volatilityfoundation.org/from-the-sou...
October 7, 2025 at 4:47 PM
We would like to thank @volexity.com for sponsoring the #FTSCon 2025 Evening Reception, which will be at VUE Rooftop DC this year! If you haven’t registered for FTSCon yet, there’s still time! Registration closes Sunday Oct 12; learn more + register here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
New Release: #volatility3 v2.26.2 - visit github.com/volatilityfo... for details and downloads.
#memoryforensics #dfir
#memoryforensics #dfir
September 29, 2025 at 10:19 PM
New Release: #volatility3 v2.26.2 - visit github.com/volatilityfo... for details and downloads.
#memoryforensics #dfir
#memoryforensics #dfir
Reposted by Kristel Faris
@volexity.com Volcano Server & Volcano One v25.09.21 adds memory analysis support for ARM64 Linux, macOS 26 (Tahoe) & Windows 25H2, plus 75+ new YARA rules, 10+ new IOCs, analysis of udev rules & rolling upgrades for managed endpoints.
For more information, contact us: volexity.com/company/cont...
For more information, contact us: volexity.com/company/cont...
October 1, 2025 at 6:06 PM
@volexity.com Volcano Server & Volcano One v25.09.21 adds memory analysis support for ARM64 Linux, macOS 26 (Tahoe) & Windows 25H2, plus 75+ new YARA rules, 10+ new IOCs, analysis of udev rules & rolling upgrades for managed endpoints.
For more information, contact us: volexity.com/company/cont...
For more information, contact us: volexity.com/company/cont...
Reposted by Kristel Faris
Coming up the week of October 20th: #FTSCon + TWO in-person #training opportunities!
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
September 29, 2025 at 5:16 PM
Coming up the week of October 20th: #FTSCon + TWO in-person #training opportunities!
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Michael Carson is presenting “Thorium” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 19, 2025 at 7:46 PM
#FTSCon Speaker Spotlight: Michael Carson is presenting “Thorium” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Tom Lancaster (@tlansec.bsky.social) & Josh Duke are presenting “Mission Auth Possible: Passwordless Phishing” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 19, 2025 at 6:43 PM
#FTSCon Speaker Spotlight: Tom Lancaster (@tlansec.bsky.social) & Josh Duke are presenting “Mission Auth Possible: Passwordless Phishing” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Denis Bueno is presenting “CTADL: Customizable Static Taint Analysis” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 19, 2025 at 5:06 PM
#FTSCon Speaker Spotlight: Denis Bueno is presenting “CTADL: Customizable Static Taint Analysis” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Daniel Gordon (@validhorizon.bsky.social) is presenting “When the AppleJeus GitHub is Worth the Squeeze: Citrine Sleet Investigation” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 19, 2025 at 3:34 PM
#FTSCon Speaker Spotlight: Daniel Gordon (@validhorizon.bsky.social) is presenting “When the AppleJeus GitHub is Worth the Squeeze: Citrine Sleet Investigation” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Joe FitzPatrick (@securelyfitz.bsky.social) is presenting “Rethinking DMA Attacks with Erebus” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 19, 2025 at 1:23 PM
#FTSCon Speaker Spotlight: Joe FitzPatrick (@securelyfitz.bsky.social) is presenting “Rethinking DMA Attacks with Erebus” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Michael Horka is presenting “Lilac Typhoon aboard the Indigo Train - The Current State of Chinese Obfuscation Networks” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 19, 2025 at 11:23 AM
#FTSCon Speaker Spotlight: Michael Horka is presenting “Lilac Typhoon aboard the Indigo Train - The Current State of Chinese Obfuscation Networks” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Andrew Case (@attrc.bsky.social) is presenting “Detection and Analysis of Memory-Only Linux Rootkits” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 18, 2025 at 9:34 PM
#FTSCon Speaker Spotlight: Andrew Case (@attrc.bsky.social) is presenting “Detection and Analysis of Memory-Only Linux Rootkits” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Joseph Edwards (@eflags.bsky.social) is presenting “The Forensics of Zoom's Remote Control” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 18, 2025 at 7:56 PM
#FTSCon Speaker Spotlight: Joseph Edwards (@eflags.bsky.social) is presenting “The Forensics of Zoom's Remote Control” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Aleksandra Doniec (@hasherezade.bsky.social) is presenting “Uncovering Malware's Secrets with TinyTracer” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 18, 2025 at 6:10 PM
#FTSCon Speaker Spotlight: Aleksandra Doniec (@hasherezade.bsky.social) is presenting “Uncovering Malware's Secrets with TinyTracer” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Wesley Shields (@wxs.bsky.social) is presenting “COLDRIVER: NOROBOT/YESROBOT/MAYBEROBOT” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 18, 2025 at 4:29 PM
#FTSCon Speaker Spotlight: Wesley Shields (@wxs.bsky.social) is presenting “COLDRIVER: NOROBOT/YESROBOT/MAYBEROBOT” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Toni de la Fuente is presenting “Open Cloud Security, lessons learned building Prowler” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 18, 2025 at 2:46 PM
#FTSCon Speaker Spotlight: Toni de la Fuente is presenting “Open Cloud Security, lessons learned building Prowler” in the MAKER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
#FTSCon Speaker Spotlight: Juan Andrés Guerrero-Saade is presenting “From Threat Hunting to Threat Gathering” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
September 18, 2025 at 1:15 PM
#FTSCon Speaker Spotlight: Juan Andrés Guerrero-Saade is presenting “From Threat Hunting to Threat Gathering” in the HUNTER track.
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
See the full list of speakers + event info, including how to register, here: volatilityfoundation.org/from-the-sou...
Reposted by Kristel Faris
We are counting down to #FTSCon 2025! We have a slate of great speakers—you don't want to miss this event!
If you haven't registered yet, register here: events.humanitix.com/from-the-sou....
Stay tuned for speaker spotlights!
If you haven't registered yet, register here: events.humanitix.com/from-the-sou....
Stay tuned for speaker spotlights!
From The Source 2025
Learn Directly from the World’s Leading Digital Investigators: On Monday, October 20, 2025, the Volatility Foundation is hosting From The Source, a one-day summit, in Arlington, VA, followed by fou…
volatilityfoundation.org
September 18, 2025 at 12:02 PM
We are counting down to #FTSCon 2025! We have a slate of great speakers—you don't want to miss this event!
If you haven't registered yet, register here: events.humanitix.com/from-the-sou....
Stay tuned for speaker spotlights!
If you haven't registered yet, register here: events.humanitix.com/from-the-sou....
Stay tuned for speaker spotlights!
Reposted by Kristel Faris
We are so excited to have @joegrand.bsky.social keynoting at #FTSCon 2025! Come join us on October 20th!
We are thrilled to announce that @joegrand.bsky.social is this year’s #FTSCon Keynote speaker! Joe will be sharing stories & technical details about his wallet hacking adventures to kickoff our full-day event on Monday, Oct 20, 2025. You don’t want to miss this!
September 15, 2025 at 4:30 PM
We are so excited to have @joegrand.bsky.social keynoting at #FTSCon 2025! Come join us on October 20th!
Reposted by Kristel Faris
The next in-person offering of our Malware and Memory Forensics Training will be held in Arlington, VA from Oct 21st-24th. This course has converted to Volatility 3, and all the material and labs are updated to cover the latest threats & analysis techniques
memoryanalysis.net/courses-malw...
memoryanalysis.net/courses-malw...
Malware and Memory Forensics Training - Memory Analysis
Malware and memory forensics training courses offered by the Memory Analysis Team.
memoryanalysis.net
September 3, 2025 at 5:11 PM
The next in-person offering of our Malware and Memory Forensics Training will be held in Arlington, VA from Oct 21st-24th. This course has converted to Volatility 3, and all the material and labs are updated to cover the latest threats & analysis techniques
memoryanalysis.net/courses-malw...
memoryanalysis.net/courses-malw...
Reposted by Kristel Faris
I am very happy to announce that @volexity.com will be well represented at @bsidesnyc.org! David McDonald will be speaking on his latest automated Powershell Deobfuscation research & I will present the latest Volatility 3 advancements against sophisticated Windows malware:
bsidesnyc.org/schedule/
bsidesnyc.org/schedule/
Event Schedule
BSides NYC is an Information / Security conference that’s different. We’re a 100% volunteer organized event put on by and for the community, and we truly strive to keep information free.
bsidesnyc.org
September 8, 2025 at 3:19 PM
I am very happy to announce that @volexity.com will be well represented at @bsidesnyc.org! David McDonald will be speaking on his latest automated Powershell Deobfuscation research & I will present the latest Volatility 3 advancements against sophisticated Windows malware:
bsidesnyc.org/schedule/
bsidesnyc.org/schedule/