Memory-Only Malware: The Threat You’re Probably Missing
Description
In episode 39, host Josh Nicholson is joined by memory forensics expert Andrew Case, co-developer of the Volatility framework and co-author of The Art of Memory Forensics. Together, they explore the critical role of memory analysis in modern incident response—uncovering hidden malware, insider threats, and ransomware techniques invisible to traditional disk forensics or EDR tools.
Andrew breaks down what’s new in Volatility 3, how memory-only malware operates, and why CISA now recommends memory imaging in its emergency directives. Whether you're a responder, analyst, or just curious about advanced DFIR, this episode is packed with practical insight and real-world experience.
🎧 Stay secure—and subscribe for more expert cyber content.
United States
