2 min read
Understanding Memory Forensics with Volatility 3
A practical guide to analyzing Windows memory dumps using Volatility 3 for incident responders and forensic analysts.
DFIRForensicsIncident Response
~/security_
Esteban Rojas Villar
Senior Cybersecurity Incident Responder
Senior cybersecurity professional with 12+ years of experience in banking and enterprise environments, specialized in incident response, digital forensics, threat hunting, and blue/purple team operations. Founder and organizer of BSides Costa Rica.
Core Capabilities
Areas of deep expertise and impact.
Incident Response & Forensics
Lead enterprise IR engagements including endpoint and memory forensics, containment, eradication, and recovery for complex security incidents at Experian.
Threat Hunting & Detection
Proactive threat hunting, investigation, and forensic analysis across enterprise environments. Improved detection and response processes within SOC operations.
Blue / Purple Team Ops
Build and operate security monitoring programs combining defensive operations with simulated attack testing. OSCP and CRTO certified with both offensive and defensive perspectives.
Cloud & AI Security
Leverage machine learning for behavioral anomaly detection and predictive threat intelligence. CCSK v5 certified. AI Engineering Bootcamp graduate.
Latest from the Blog
Cybersecurity articles and technical writeups.
3 min read
AI-Powered SOC Automation: Practical Use Cases for 2026
How modern SOC teams are using large language models and machine learning to automate alert triage, threat hunting, and incident reporting.
AI SecuritySOCAutomation
Latest Cybersecurity News
Auto-aggregated from trusted sources.
CISA|
CISA Warns of Actively Exploited Vulnerability in Palo Alto Networks PAN-OS
CISA has added CVE-2026-0001 to its Known Exploited Vulnerabilities Catalog. The vulnerability in PAN-OS allows unauthenticated remote code execution and is being actively exploited in the wild.
VulnerabilitiesThreat Intel
BleepingComputer|
New Ransomware Group 'DarkVault' Targets Healthcare Sector with Double Extortion
A new ransomware operation dubbed 'DarkVault' has been observed targeting healthcare organizations with a double-extortion model, threatening to leak patient data unless ransom demands are met.
RansomwareThreat Intel
Microsoft Security Response Center|
Microsoft Patches Critical Azure AD Token Validation Flaw
Microsoft has released an emergency patch for a critical vulnerability in Azure Active Directory that could allow attackers to forge authentication tokens and gain unauthorized access to cloud resources.
CloudVulnerabilities
Google Project Zero|
Google Project Zero Discloses Exploited Zero-Day in Chrome V8 Engine
Google Project Zero researchers have disclosed a zero-day vulnerability in the Chrome V8 JavaScript engine that was exploited in targeted attacks. The flaw allows arbitrary code execution through crafted web pages.
VulnerabilitiesThreat Intel
NIST|
NIST Releases Updated Zero Trust Architecture Guidelines for Federal Agencies
NIST has published SP 800-207 Rev. 2, providing updated guidance on implementing zero trust architectures in federal information systems, with new sections on AI-driven access control and continuous verification.
Zero TrustPolicy
CrowdStrike|
CrowdStrike Reports Surge in AI-Powered Phishing Campaigns
CrowdStrike's latest threat intelligence report reveals a 300% increase in AI-generated phishing campaigns that use large language models to craft highly convincing social engineering attacks at scale.
AI SecurityThreat Intel