🔍 Understand APAC threats. Defend with clarity. Meet TeamT5 at FIRSTCon 2026 and learn how Asia-born threat intelligence brings deeper visibility into APT and ransomware campaigns across APAC. 📍 Visit us at our booth 🎯 See how #ThreatVision turns local intelligence into actionable defense. #FIRSTCON26 #ThreatIntelligence #CyberDefense #APT #Ransomware #APAC #TeamT5

Ald1won Alphadrive1 Fancon Transfer Sale sell 6/14 Makcon F1 2nd row Tifo 16 Physical ticket available, can ship immediately On-site transaction Floor 2nd floor Firstcon Midcon F2 F3 F4 F5 F6 section Rio Junseo Arno Gunwoo Sangwon Shinlong Anshin Sanghyeon Po Ka exchange Kacon.

Heading to Denver for #FIRSTCON26 next week? Stop by the @Volexity booth to see a demo of Volcano! We’ll show you how memory analysis with Volcano uncovers advanced threat actors and helps rapidly resolve your investigations. Come find us at Booth 7 to talk threat hunting and triage workflows with our team, including @stevenadair & @attrc! @FIRSTdotOrg #DFIR #FIRSTCON

🎉 We’re proud to sponsor the 38th #FIRSTCon in Denver next month alongside our partner @abuse_ch! Some of the team will be there, joined by colleagues from The @spamhaus Project. 👀 Keep an eye out for a couple of presentations from the team - we’ll share more details closer to the time...

I hope for some ticketing luck in the next round of concerts and popups. The constant firstcon ticketing grind really destroyed my mental. Want a morale boost that my artist doesn’t hate me. I deeply appreciate my moots that have offered me tickets for my current shows.

It’s up! Check it out. It’s not the greatest production in the world. Hope y’all enjoy my con story! #constory #lvfc #lvfc2026 #furry #fursuit #firstcon #story #lasvegasfurcon youtu.be/B27JztTW_f0?si=hxOi…

I think I will go to cheer outside tomorrow. Then leave partway to ensure the ride back. Desperately unsuccessful since presale for firstcon and midcon. I hope all the seats I have failed to capture went to hardworking amis that will make Bangtan happy.

Me and Autumn @AutumnFox841 . Was so awesome meeting you at tff my very first furry convention #tff #furryconvention #texas #firstcon

Caressing blerdcons walls tmrw 😇 #firstcon

Min alasannya aku tulis di notes y. Smg bisa terwujud nonton firstcon mereka di indo. Karena selama ini selalu festival bukan konser sendiri. Makanya pengen banget nonton. Doain y guys biar bisa join @alxturner_ @aritinitiny @atzmigi #ATEEZinJakarta #ATEEZ #WORLDTOUR #JAKARTA

Rich. Rob. Vegas. It’s been a blast. Thanks again for the memories. #spnvegas #karaoke #SPNLV #firstcon

Hack.lu nearly over :) see results on hacklu.firstseclounge.org /cc #FIRSTCON @adulau

Had an amazing time #FirstCon last week. Met a bunch of awesome folks from all over the industry. Around 3 hours of sleep per night and 17 hours of social interactions ^^ Was so done but also super happy on friday 🙂 Cheers to all the awesome folks in our industry ❤️

Copenhagen treating me good #FIRSTCON #FIRST2025

In LT at Annual FIRST Conference, I told "Veteran attendees should help young CSIRT collegue( in my talk "rookies") attend to FIRSTCON, because it's one of ways for FIRST community to be sustainable". #FIRSTCON25

Just arrived to #Copenhagen 🥳 Looking forward to a full week of attending #FirstCon. Please reach out if you are here, I want to meet as many of you as possible. Free #Gi7w0rm stickers and conversations included 😊 @FIRSTdotOrg

I just thought about my old FIRSTCON presentation and the accompanying blog post (N-IOCs to Rule Them All) while reading the HP Threat Insights Report from June this year. The presented malware either created a run-key, placed the binary in the startup folder, or used a scheduled task for persistence - all techniques I covered in my research. Quotes from the report: "The script downloads additional files and makes the malware persistent by adding itself to the startup folder." "XRed is stored in the ProgramData\Synaptics folder and made persistent against system reboots through a Registry Run key. Meanwhile, LodaRAT is stored in the AppData\Roaming\WinData folder and is made persistent on the PC through a Registry Run key as well as the Startup folder." "So that the malware can continuously access new data, it installs a persistence mechanism using the Windows Startup folder." "To launch the malware after a system restart, the PowerShell script also takes care of persistence. In this attack, the malware uses two techniques. First, it creates a Registry CurrentVersion\Run key. An mshta.exe command is written as its value, which downloads and executes the malware again. Second, it registers a scheduled task that executes the same action as the Registry key every 116 minutes. The PowerShell script also creates a second Registry Run key to trigger the scheduled task each time Windows starts." dfir.ch/posts/n-iocs/

Maybe heading to our first convention? 🎉 What tips would you share for a newbie diving into the con scene? Spill your best stories and advice! #FirstCon #ConventionTips

My first ever furry con — Confuzzled 2025! 🐾🔥 Years of waiting and dreaming… and now I’m finally here. Massive love to everyone making it unforgettable so far. Mad Lad has officially landed. 💥 #Confuzzled2025 #FurryFandom #FirstCon