Raphaela Mettig
@rmettig.com
Researcher and PhD student. Malware, memory forensics, reverse engineering, macOS, ICS/OT. Music nerd and concert junkie. Personal account and opinions my own.
rmettig.github.io/about
rmettig.github.io/about
Pinned
Raphaela Mettig
@rmettig.com
· Dec 5
I'm having #OBTS FOMO, so I decided to go ahead and make my own Apple security starter pack! I'm definitely missing folks on here, so feel free to DM me about anyone else who should be added! 🍎
go.bsky.app/gE3xQq
go.bsky.app/gE3xQq
#OBTS v8.0 - Live stream, October 2025, Ibiza, Spain
YouTube video by Objective-See Foundation
www.youtube.com
October 15, 2025 at 4:11 PM
Reposted by Raphaela Mettig
Coming up the week of October 20th: #FTSCon + TWO in-person #training opportunities!
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
September 29, 2025 at 5:16 PM
Coming up the week of October 20th: #FTSCon + TWO in-person #training opportunities!
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
Learn more here: volatilityfoundation.org/from-the-sou...
#dfir #memoryforensics #hardwarehacking
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices
security.apple.com/blog/memory-...
security.apple.com/blog/memory-...
Blog - Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research
Memory Integrity Enforcement (MIE) is the culmination of an unprecedented design and engineering effort spanning half a decade that combines the unique strengths of Apple silicon hardware with our adv...
security.apple.com
September 9, 2025 at 9:49 PM
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices
security.apple.com/blog/memory-...
security.apple.com/blog/memory-...
Reposted by Raphaela Mettig
Look what they did to Notepad. Shut the fuck up. This is Notepad. You are not welcome here. Oh yeah "Let me use Copilot for Notepad". "I'm going to sign into my account for Notepad". What the fuck are you talking about. It's Notepad.
August 27, 2025 at 1:42 AM
Look what they did to Notepad. Shut the fuck up. This is Notepad. You are not welcome here. Oh yeah "Let me use Copilot for Notepad". "I'm going to sign into my account for Notepad". What the fuck are you talking about. It's Notepad.
Reposted by Raphaela Mettig
I saw an internet post where someone was marvelling at how expensive accessing a journal article was, and how they at least hoped that the authors were being paid well by the journal for their hard work, and oh no I have some terrible news
August 22, 2025 at 2:41 PM
I saw an internet post where someone was marvelling at how expensive accessing a journal article was, and how they at least hoped that the authors were being paid well by the journal for their hard work, and oh no I have some terrible news
Reposted by Raphaela Mettig
Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple's new containerization framework.
Kali Linux can now run in Apple containers on macOS systems
Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple's new containerization framework.
www.bleepingcomputer.com
July 31, 2025 at 6:46 PM
Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple's new containerization framework.
Reposted by Raphaela Mettig
BSidesNYC thanks @gleeda.bsky.social and the rest of the 0x05 Technical CFP Committee, @cyb3rkitties.bsky.social, Cesar Vargas, Jase English, Jamie Williams, Jessica Hyde, @rmettig.com, and Stephanie Aceves for volunteering their time to review talks. Many thanks for curating our programming.
July 31, 2025 at 12:34 PM
BSidesNYC thanks @gleeda.bsky.social and the rest of the 0x05 Technical CFP Committee, @cyb3rkitties.bsky.social, Cesar Vargas, Jase English, Jamie Williams, Jessica Hyde, @rmettig.com, and Stephanie Aceves for volunteering their time to review talks. Many thanks for curating our programming.
Reposted by Raphaela Mettig
The House Homeland Security cyber subcommittee is holding a hearing this morning on the changing threats to operational technology, tied to the 15-year anniversary of the Stuxnet worm: homeland.house.gov/hearing/full...
Fully Operational: Stuxnet 15 Years Later and the Evolution of Cyber Threats to Critical Infrastructure. – Committee on Homeland Security
DETAILS:
homeland.house.gov
July 22, 2025 at 2:13 PM
The House Homeland Security cyber subcommittee is holding a hearing this morning on the changing threats to operational technology, tied to the 15-year anniversary of the Stuxnet worm: homeland.house.gov/hearing/full...
Reposted by Raphaela Mettig
I'll be testifying tomorrow at 10am before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection about Stuxnet and critical infrastructure security. Also on panel will be Rob Lee (Dragos), Tatyana Bolton, and Nate Gleason
Fully Operational: Stuxnet 15 Years Later and the Evolution of Cyber Threats to Critical Infrastructure. – Committee on Homeland Security
homeland.house.gov
July 21, 2025 at 5:27 PM
I'll be testifying tomorrow at 10am before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection about Stuxnet and critical infrastructure security. Also on panel will be Rob Lee (Dragos), Tatyana Bolton, and Nate Gleason
Reposted by Raphaela Mettig
The Call For Speakers for #FTSCon closes tomorrow! Make sure to submit your talks before the deadline! This is a great opportunity to share your DFIR open source tools and investigation tales with leading experts in the field.
The Call for Presentations for From the Source 2025 is open! Our Makers Track is aimed at developers of open source DFIR tools and the Hunters track covers the best Threat Intel research of the past year.
See the full details in our blog post: volatilityfoundation.org/announcing-f...
See the full details in our blog post: volatilityfoundation.org/announcing-f...
July 22, 2025 at 2:58 PM
The Call For Speakers for #FTSCon closes tomorrow! Make sure to submit your talks before the deadline! This is a great opportunity to share your DFIR open source tools and investigation tales with leading experts in the field.
Reposted by Raphaela Mettig
REMINDER: The Call for Speakers for #FTSCon is open! The deadline is July 23.
See the full details in our blog post: volatilityfoundation.org/announcing-f...
#dfir #FTSCon
See the full details in our blog post: volatilityfoundation.org/announcing-f...
#dfir #FTSCon
July 8, 2025 at 2:32 PM
REMINDER: The Call for Speakers for #FTSCon is open! The deadline is July 23.
See the full details in our blog post: volatilityfoundation.org/announcing-f...
#dfir #FTSCon
See the full details in our blog post: volatilityfoundation.org/announcing-f...
#dfir #FTSCon
Reposted by Raphaela Mettig
If you want to share tech ideas, please don't write them on medium. I get so sad every time I see folks linking there, and then I realise I have to pander to a paywall.
July 4, 2025 at 8:49 PM
If you want to share tech ideas, please don't write them on medium. I get so sad every time I see folks linking there, and then I realise I have to pander to a paywall.
Reposted by Raphaela Mettig
BSidesNYC is on October 18, 2025. The CFP is still open. Submit a topic today! bsidesnyc.org/cfp/
July 3, 2025 at 12:54 PM
BSidesNYC is on October 18, 2025. The CFP is still open. Submit a topic today! bsidesnyc.org/cfp/
What do you mean it's already July 😭
July 3, 2025 at 4:22 AM
What do you mean it's already July 😭
Reposted by Raphaela Mettig
#LSU cyber students will teach new ways to fight malware at the world’s largest and longest-running hacking conference @defcon.bsky.social
www.lsu.edu/blog/2025/06...
#ScholarshipFirst #WBTTW @lsu.bsky.social @lsuengineering.bsky.social @attrc.bsky.social @volexity.com @volatilityfoundation.org
www.lsu.edu/blog/2025/06...
#ScholarshipFirst #WBTTW @lsu.bsky.social @lsuengineering.bsky.social @attrc.bsky.social @volexity.com @volatilityfoundation.org
June 30, 2025 at 5:00 PM
#LSU cyber students will teach new ways to fight malware at the world’s largest and longest-running hacking conference @defcon.bsky.social
www.lsu.edu/blog/2025/06...
#ScholarshipFirst #WBTTW @lsu.bsky.social @lsuengineering.bsky.social @attrc.bsky.social @volexity.com @volatilityfoundation.org
www.lsu.edu/blog/2025/06...
#ScholarshipFirst #WBTTW @lsu.bsky.social @lsuengineering.bsky.social @attrc.bsky.social @volexity.com @volatilityfoundation.org
Reposted by Raphaela Mettig
📣 New OT Blog
The Mandiant OT team wrote about how attackers might target microprocessor relays that protect electric grids and their components. This blog is intended to help relay and substation automation engineers harden and defend their systems.
#OTSecurity
cloud.google.com/blog/topics/...
The Mandiant OT team wrote about how attackers might target microprocessor relays that protect electric grids and their components. This blog is intended to help relay and substation automation engineers harden and defend their systems.
#OTSecurity
cloud.google.com/blog/topics/...
Protecting the Core: Securing Protection Relays in Modern Substations | Google Cloud Blog
Protection relays are prime targets for cyber-physical attacks targeting substation automation systems and grid management systems.
cloud.google.com
July 1, 2025 at 12:36 AM
📣 New OT Blog
The Mandiant OT team wrote about how attackers might target microprocessor relays that protect electric grids and their components. This blog is intended to help relay and substation automation engineers harden and defend their systems.
#OTSecurity
cloud.google.com/blog/topics/...
The Mandiant OT team wrote about how attackers might target microprocessor relays that protect electric grids and their components. This blog is intended to help relay and substation automation engineers harden and defend their systems.
#OTSecurity
cloud.google.com/blog/topics/...
Reposted by Raphaela Mettig
The BSidesNYC call for papers is still open. Submit your topic today! bsidesnyc.org
June 27, 2025 at 3:30 PM
The BSidesNYC call for papers is still open. Submit your topic today! bsidesnyc.org
Undisputedly the best training on memory forensics. Highly technical, information-dense, and in depth. If you're a malware analyst, reverse engineer, DFIR professional, or just another sys internals nerd, I cannot recommend it enough.
Our highly popular and technical training, "Malware and Memory Forensics with Volatility", has been fully converted to @volatilityfoundation.org 3 and significantly updated, including many new sections and 8 new, in-depth labs. Available online & in VA in October
memoryanalysis.net/courses-malw...
memoryanalysis.net/courses-malw...
Malware and Memory Forensics Training - Memory Analysis
Malware and memory forensics training courses offered by the Memory Analysis Team.
memoryanalysis.net
June 11, 2025 at 5:08 PM
Undisputedly the best training on memory forensics. Highly technical, information-dense, and in depth. If you're a malware analyst, reverse engineer, DFIR professional, or just another sys internals nerd, I cannot recommend it enough.
Reposted by Raphaela Mettig
The Call for Presentations for From the Source 2025 is open! Our Makers Track is aimed at developers of open source DFIR tools and the Hunters track covers the best Threat Intel research of the past year.
See the full details in our blog post: volatilityfoundation.org/announcing-f...
See the full details in our blog post: volatilityfoundation.org/announcing-f...
June 5, 2025 at 4:03 PM
The Call for Presentations for From the Source 2025 is open! Our Makers Track is aimed at developers of open source DFIR tools and the Hunters track covers the best Threat Intel research of the past year.
See the full details in our blog post: volatilityfoundation.org/announcing-f...
See the full details in our blog post: volatilityfoundation.org/announcing-f...
Reposted by Raphaela Mettig
We are excited to announce FTSCon 2025 on October 20, 2025, in Arlington VA! Registration is now OPEN + we have a Call for Speakers.
Following FTSCon will be a 4-day Malware & Memory Forensics Training course with Volatility 3.
See the full details here: volatilityfoundation.org/announcing-f...
Following FTSCon will be a 4-day Malware & Memory Forensics Training course with Volatility 3.
See the full details here: volatilityfoundation.org/announcing-f...
Announcing FTSCon 2025 & In-person Malware and Memory Forensics Training!
Mark your calendars for Monday, October 20, 2025! We will again be hosting FTSCon in Arlington, Virginia.You can read more event details here. Registration is now open!
volatilityfoundation.org
May 23, 2025 at 6:00 PM
We are excited to announce FTSCon 2025 on October 20, 2025, in Arlington VA! Registration is now OPEN + we have a Call for Speakers.
Following FTSCon will be a 4-day Malware & Memory Forensics Training course with Volatility 3.
See the full details here: volatilityfoundation.org/announcing-f...
Following FTSCon will be a 4-day Malware & Memory Forensics Training course with Volatility 3.
See the full details here: volatilityfoundation.org/announcing-f...
Reposted by Raphaela Mettig
I will be showing off Volatility 3 during my talk on Wednesday afternoon at RVASec. Be sure to attend and come say hello if you will be around!
rvasec.com/rvasec-14-sp...
rvasec.com/rvasec-14-sp...
RVAsec 14 Speaker Feature: Andrew Case - RVAsec
Andrew Case is the Director of Research at Volexity and has significant experience in incident response handling, digital forensics, and malware analysis. Case is a core developer of Volatility, the m...
rvasec.com
May 19, 2025 at 5:06 PM
I will be showing off Volatility 3 during my talk on Wednesday afternoon at RVASec. Be sure to attend and come say hello if you will be around!
rvasec.com/rvasec-14-sp...
rvasec.com/rvasec-14-sp...
For those who missed it, Volatility 3 is officially out! #DFIR
We are very excited to announce that Volatility 3 has reached parity with Volatility 2! With this achievement, Volatility 2 is now deprecated. See the full details in our blog post: volatilityfoundation.org/announcing-t...
Announcing the Official Parity Release of Volatility 3!
Visit the post for more.
volatilityfoundation.org
May 21, 2025 at 5:24 PM
For those who missed it, Volatility 3 is officially out! #DFIR
Arch Echo - Aluminosity (feat. @JordanRudessKeys)
YouTube video by Arch Echo
www.youtube.com
April 2, 2025 at 6:04 PM
ChatGPT is now using emojis to convey emotion? 🧐
March 20, 2025 at 1:58 PM
ChatGPT is now using emojis to convey emotion? 🧐
Reposted by Raphaela Mettig
Jessica Hyde shares updates on Hexordia, DFIR training, CTFs, and the importance of community collaboration in digital forensics. #digitalforensics
Jessica Hyde, Founder, Hexordia
Jessica Hyde shares updates on Hexordia, DFIR training, CTFs, and the importance of community collaboration in digital forensics.
www.forensicfocus.com
March 18, 2025 at 2:06 PM
Jessica Hyde shares updates on Hexordia, DFIR training, CTFs, and the importance of community collaboration in digital forensics. #digitalforensics