Jamie Levy🦉

🚨 Two hours 'til Product Lab LIVE 🚨 Chris. Kyle. All 500+ Huntress employees from Summer Summit. You & other VIPs. We’re talking spicy AI opinions, roadmap reveals, product sneak peeks, and a live Q&A with the builders. Join in the fun: huntress.com/product-lab-ch…

The 13th annual @volatility #PluginContest is now OPEN! This is a meaningful way to contribute to open source forensics & gain community-wide visibility for your work. And, as always, winners get cash prizes! Submission Deadline: 31 December 2025 #dfir #memoryforensics

You can find full details in our latest blog post: volatilityfoundation.org/the-13th-annua…

That’s the best pentest report from the ransomware ops - deploy Huntress agent 💙

The FBI has put out a much more nuanced explanation of what CTI researchers have been tracking for years: ic3.gov/PSA/2025/PSA25… Completely different from what CISA put out in 2023 on “Scattered Spider” here: cisa.gov/news-events/cy… One is holistic, the other is DFIR focused.

Could be us

Black Mass Volume III is available for free as a PDF and for sale as a physical copy on Amazon Locations available: US, UK, DE, FR, ES, IT, NL, PL, SE, JP, CA, AU Subsequent post contains link to US Amazon link. Use your countries Amazon domain to buy the book.

So stoked to be speaking alongside @birchb0y at #OBTS v8 this year. The caliber of speakers on this dais are stellar. Can't wait to hang out in Spain with the Mac security community. Don't miss our Blue's Clues themed talk - featuring Steve and Blue 🐾

im so pumped to be talking through some fun north korean malware with @stuartjash at #OBTS v8 🤠 it's truly a goated lineup and i'm very humbled to be speaking along side so many sick researchers (also dw i will be dressed up in a blues clues onesie for the talk)

The Call For Speakers for #FTSCon closes tomorrow! Make sure to submit your talks before the deadline! This is a great opportunity to share your #DFIR open source tools and investigation tales with leading experts in the field.

Been thinking about this for a while and realised that I technically the Function Fluctuation technique can be used to do almost the same stuff minus the "overwrite previously executed stub" part. Maybe I will implement that next. Ref: github.com/whokilleddb/fu…

Hey @grok what was the best year of the OST offensive security tool debate on X. Who were the biggest players on either side.

After noticing lack thereof any tracking over the cyber domain of the recent attack of Israel against Iran, I started putting together a minimal list of notable cyber attacks (that I've heard of). This is focused, for now, on IL>IR side. The credibility of notes varies of…

Just one day left to submit to the @BSidesNYC CFP. Don't miss out! bsidesnyc.org/cfp/

Even better is that if you just search "putty" in your start menu, the malicious ad is the one that pops up!

We’ve started seeing Crux ransomware, which seems to be related to / affiliated with BlackByte ransomware (maybe?). Since we haven’t really seen anything about them, we wrote up a bit of info: huntress.com/blog/crux-rans…

Red teamers, no need to “pull” clipboard data when Windows already saves it all on disk for you in a neat little file 🗿 (including past clipboard items) inversecos.com/2022/05/how-to…

awesome thread by @4n6lady on AWS DFIR!

Where did this go guy? He always posted funny memes and now he's gone

Only one week left to submit your talk for #FTSCon 2025!