#Oops. The #Crowdstrike crash was caused by having a function with 21 input parameters but the integration code only checked 20. This worked for a while until the fatal update used the 21st parameter for the first time and all went wrong.

"Therefore, the attempt to access the 21st value produced an out-of-bounds memory read beyond the end of the input data array and resulted in a system crash." Page 2 of https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf

@thekileen best of luck! Should be good but agree the grammar is unsettling

@thekileen sure it’s legit?

The latest episode of Only Malware in the Building from @thecyberwire is live! In it we discuss Operation Endgame and the law enforcement strategy of trolling the criminals. Tune in wherever you get your podcasts!

https://thecyberwire.com/podcasts/only-malware-in-the-building/2/notes

New episode of DISCARDED featuring @Myrtus! We dive into Operation Endgame, the malware impacted, and what it means for the cybercrime landscape. Tune in wherever you get your podcasts!
Apple: https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000660211918
Spotify: https://open.spotify.com/episode/3AuQ0UZ8DvTyCWjkeC6WDT?si=2fccb8c32bd6434d
Spreaker: https://www.spreaker.com/episode/checkmate-breaking-down-operation-endgame--60504565

Published my first blog post today detailing a LummaStealer infection chain - take a look at https://www.0x1c.zip/0001-lummastealer/

New video: Why antivirus software detects cracks as malware or PUP 🦔📹

#MalwareAnalysisForHedgehogs #cracks #antivirus
https://www.youtube.com/watch?v=KA7R9rt5r40

@GossiTheDog thanks for the visual

A company paid a ransomware group.. then had their info leaked by the same ransomware group anyway. Not isolated at all, eg UnitedHealthcare paid $20m and then got extorted again by the same person.

Stop paying ransomware groups. You are directly funding serious organised crime. https://www.bleepingcomputer.com/news/security/pandabuy-pays-ransom-to-hacker-only-to-get-extorted-again/

For the late crowd: check out my new podcast with my friends at @thecyberwire

Only Malware in the Building!

https://thecyberwire.com/podcasts/only-malware-in-the-building/1/notes

@bittner @selenalarson Love it!

@bittner @selenalarson Loved the new ‘Only Malware in the Building’ podcast I listened to today! Great concept and a nice way to learn more about these threats. Can’t wait for the next one!

https://podcasts.apple.com/us/podcast/hacking-humans/id1391915810?i=1000657788081

👀 https://operation-endgame.com/

We are proud to announce that we assisted the joint international law enforcement operation #OperationEndgame, targeting the notorious botnets #IcedID, #Smokeloader, #SystemBC and #Pikabot 🔥

abuse.ch has provided key infrastructure to LEA and internal partners to disrupt these botnet operations 🛑

More information on the operation is available here:
👉 https://operation-endgame.com/

Huge cybercrime news here. Authorities say "Operation Endgame" has disrupted six types of botnets/loaders/cybercrime infrastructure: IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot. To put this into context, these malware programs are some of the most common ones that end up infecting machines at businesses, schools, governments and health care organisations. They can steal login credentials from infected machines, and then they're often used to install other malware, such as ransomware. They're distributed on an industrial scale by long-known crime gangs in spam and via other means, causing economic loss, data breaches and much more. Four people were arrested, 100 servers were taken down and 2,000 domains were seized. Additionally, Troy Hunt writes that some 16.5M email addresses and 13.5M unique passwords that were stolen by these malware applications have now been loaded into Have I Been Pwned. This is a really important facet, as it means users who are registered with HIPB will get notified if their email is in the malware data. Intel 471 will be monitoring. #infosec
https://www.europol.europa.eu/media-press/newsroom/news/largest-ever-operation-against-botnets-hits-dropper-malware-ecosystem

🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏

As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.

👉 For more information, read our write-up here: https://www.spamhaus.org/resource-hub/malware/operation-endgame-botnets-disrupted-after-international-action/

#OperationENDGAME

Sweet new category in the NahamCon2024 CTF: challenges on Machine Learning! Call it AI or ML or whatever, but call upon the oracle for @kkevsterrr 's "Feeling Tense" challenge at #NahamCon2024 CTF: https://jh.live/nahamcon-ctf (5/23-5/25)

NAHAMCON 2024 CTF STARTING IN THREE HOURS
GET IN HERE
https://jh.live/nahamcon-ctf

@wdormann what a disaster…

@leerayl True!