Petya Ransomware – The Attack method and Preventing it

Todays News is all about Petya - but the way it gets onto PCs and spreads across the network is actually old news. In short, Petya does 3 things: Encrypt your files, Steal credentials, spread to other machines. It takes advantage of the "Shadow Broker Vulnerability" MS17-010. If you have patched your machine, you will not be hit with the SMB exploit. How ever it also use Mimikatz like capabilities to steal credentials from the local machine and copy it self to other machines $Admin share. A kill-switch has been described as simple as creating a file called C:\Windows\perfc (without [...]

Primary Site Fault Tolerance makes it in TP1706

Not sure if the ConfigMgr team ever sleeps, month after month new features are released in ConfigMgr Technical Preview. June is no exception, and I must confess this is truly the month I have been waiting for. Among many of the new features we now have support for active/passive site servers. A passive primary site server adds fault tolerance to your site by creating a copy of your primary site server and keeping it in sync. If a disaster occurs, you can manually make the passive site server active. There are a couple of things you need to consider before [...]

By | 2017-08-22T09:33:56+00:00 June 25th, 2017|Configuration Manager (SCCM)|2 Comments