This media is not supported in your browser
VIEW IN TELEGRAM
"We need you to come info the office and help us find all the BitLocker keys"
🤣147😁10❤8👍2❤🔥1😢1
This media is not supported in your browser
VIEW IN TELEGRAM
tfw your company doesn't use CrowdStrike
🤣131😁18❤14❤🔥4💯4🥰2
This media is not supported in your browser
VIEW IN TELEGRAM
CrowdStike PR trying to apologize to enraged IT nerds
🤣150😢37❤8😁8💯7😱5🎉3🔥2🤔1
> get phone call
> answer phone
> "hey have you heard about a cyber security company called CrowdStrike?'
> "nope, never heard of her"
> hang up
Don't explain this to non-nerds. They won't understand it and they'll get scared.
> answer phone
> "hey have you heard about a cyber security company called CrowdStrike?'
> "nope, never heard of her"
> hang up
Don't explain this to non-nerds. They won't understand it and they'll get scared.
🤣199👍8🤔7❤5❤🔥2😢2😁1🫡1
Just saw KitKat bars and Duolingo making BSOD jokes.
Wtf CrowdStrike you've ruined everything and it's only getting worse
Wtf CrowdStrike you've ruined everything and it's only getting worse
🤣146🔥13❤7😢6😁4🤓4🤔3🫡3💯2
One of the nerds who popped MGM (a member of Scattered Spider) was arrested in the UK. He was 17.
We posted about it, shared the link, but everyone is still pissing on CrowdStrike so we'll talk about it on Monday or something.
We posted about it, shared the link, but everyone is still pissing on CrowdStrike so we'll talk about it on Monday or something.
😁94🫡26🤣16😢13👍6🥰3❤2🔥2😱1
This media is not supported in your browser
VIEW IN TELEGRAM
We're coming across more and more Threat Actors who are children – some as young as 14 years old.
🤔78🤣23😢21😁17❤9🤯7🔥3💯2
We somehow missed a semi-undocumented CrowdStrike EDR disable* technique that was unveiled in 2022.
It requires administrative access. This makes it more difficult to perform in enterprise environments.
Jonas Lyk discovered the CrowdStrike minifilter did not catch NtCreateFile when the FILE_APPEND_DATA access mask was present. It was possible to open a CrowdStrike driver with FILE_APPEND_DATA and append an additional byte to the driver opened.
When rebooting the machine, the driver signature would not match and CrowdStrike would not load.
It requires administrative access. This makes it more difficult to perform in enterprise environments.
Jonas Lyk discovered the CrowdStrike minifilter did not catch NtCreateFile when the FILE_APPEND_DATA access mask was present. It was possible to open a CrowdStrike driver with FILE_APPEND_DATA and append an additional byte to the driver opened.
When rebooting the machine, the driver signature would not match and CrowdStrike would not load.
🤣108🔥11❤10🤓6😱5🫡3💯2😢1
We have deleted our post addressing the conspiracy theories about the CrowdStrike thing.
We were bombarded with comments and political fighting.
It's Saturday and we're not going to deal with this shit on our weekend. We'll let someone else do it.
We were bombarded with comments and political fighting.
It's Saturday and we're not going to deal with this shit on our weekend. We'll let someone else do it.
🤣105💯19🫡17👍8🤓8❤6🤝3🎉2🥰1👏1😢1
Today Microsoft reported that they believe the CrowdStrike bug has impacted roughly 8,500,000 computers.
https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/
https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/
The Official Microsoft Blog
Helping our customers through the CrowdStrike outage
On July 18, CrowdStrike, an independent cybersecurity company, released a software update that began impacting IT systems globally. Although this was not a Microsoft incident, given it impacts our ecosystem, we want to provide an update on the steps we’ve…
🤣98👏9🔥7🤔2😱2😢2❤1
vx-underground
Today Microsoft reported that they believe the CrowdStrike bug has impacted roughly 8,500,000 computers. https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/
To put that into perspective: that is nearly x3 the amount of the entire Linux user baser.
Haha just kidding:) we just wanted to make a jab at Linux nerds because they keep spamming "THIS IS THE YEAR OF THE LINUX DESKTOP"
Haha just kidding:) we just wanted to make a jab at Linux nerds because they keep spamming "THIS IS THE YEAR OF THE LINUX DESKTOP"
🤣96😇34😁22😢13🔥9🫡5🤓3👍2❤1
We've updated the vx-underground malware collection. We have decided to include the recent faulty CrowdStrike drivers which caused 'boot-loops' for users. We believe it serves some historic and/or educational value to researchers or students. We have titled it "Win32.CrowdStruck". It is in the families directory.
- VirusSign.2024.07.13
- VirusSign.2024.07.14
- VirusSign.2024.07.15
- VirusSign.2024.07.16
- VirusSign.2024.07.17
- VirusSign.2024.07.18
- InTheWild.0129
- Win32.CrowdStruck
- CryptoMixRansomware
- AsyncRAT
- ClipBanker
- ProLock
- ThanosRansomware
- Redline
- Vidar
- Sality
- StealC
- RhadamanthysLoader
- RecordBreaker
- NjRAT
- LummaStealer
- PureLogStealer
- CobaltStrike
- VirusSign.2024.07.13
- VirusSign.2024.07.14
- VirusSign.2024.07.15
- VirusSign.2024.07.16
- VirusSign.2024.07.17
- VirusSign.2024.07.18
- InTheWild.0129
- Win32.CrowdStruck
- CryptoMixRansomware
- AsyncRAT
- ClipBanker
- ProLock
- ThanosRansomware
- Redline
- Vidar
- Sality
- StealC
- RhadamanthysLoader
- RecordBreaker
- NjRAT
- LummaStealer
- PureLogStealer
- CobaltStrike
🤣63👏29❤10🔥7🤓5👍4❤🔥3😁2🫡2
This media is not supported in your browser
VIEW IN TELEGRAM
POV: you scroll the comment section of literally any Xitter post discussing CrowdStrike (someone is going to make it weirdly political and mention an acronym starting with the letter 'D')
🤣85💯9❤4👍3😢1😎1
Hello, how are you?
Today is the day of rest.
We hope all of you can find some time to relax too — it's been a chaotic week.
We'll see all of you on Monday.
Today is the day of rest.
We hope all of you can find some time to relax too — it's been a chaotic week.
We'll see all of you on Monday.
❤100😇19👏13🫡9👍8😢3🙏3🤣3🤝3
Good morning,
After we took Sunday off we anticipated things would calm down a little. We were wrong. There has been more arrests, the CrowdStrike fire is still burning, and the arguing about CrowdStrike continues.
😭😭😭
After we took Sunday off we anticipated things would calm down a little. We were wrong. There has been more arrests, the CrowdStrike fire is still burning, and the arguing about CrowdStrike continues.
😭😭😭
😁80🫡22🔥14❤2😱2😢2💯2👍1🎉1
This media is not supported in your browser
VIEW IN TELEGRAM
> open xitter
> see long winded rants about kernel mode drivers
> see long winded rants about crowdstrike
> see long winded rants about malware
> see long winded rants about kernel mode drivers
> see long winded rants about crowdstrike
> see long winded rants about malware
👏45🤓21💯6👍1😢1
vx-underground
> open xitter > see long winded rants about kernel mode drivers > see long winded rants about crowdstrike > see long winded rants about malware
More annoyed at the fact CrowdStrike has brought in a surge of 'experts' than the actual computer damage at this point. We're going to hear idiotic schizophrenic rants for months
👍54😁33🤣11💯7🥰2🎉2🔥1😢1
vx-underground
The CrowdStrike C-suite LinkedIn apology post tl;dr
Anyway, unless something profoundly dramatic happens, we are no longer going to actively discuss the current CrowdStrike situation. We're fatigued – and various members are combating the fall out in their own way (organizationally, whatever).
tl;dr moving on
tl;dr moving on
🥰45👍16🤓7🔥4👏3😢1🫡1