This type of unpatched vulnerability could have serious implications for any organization running MS components in the Azure cloud. The compromise of a domain controller could lead to the complete infiltration of an environment, providing bad guys with the ability to touch and review hundreds of servers, create unknown numbers of hidden accounts with elevated privileges, and lay the groundwork for data ex-filtration and ransomware-style infections. Please review your environments and patch accordingly.
This is a good, straight-forward video clip with sound advice on password and passphrase creation. Enjoy!
Here are two different articles with two very different conclusions as to the severity of the Petya / NotPetya outbreak that began yesterday. One common thread is that all sources agree on the root cause / distribution method. It is very scary to consider the implications of a compromised, yet trusted software vendor and the update processes that take place everyday from and with these vendors.
For this author’s perspective, I tend to see this outbreak as less devastating than WannaCry simply because of the lack of an active Internet worm component. It is certainly more harmful in any given LAN that it infects, but the number of potential LAN’s to be infected is limited.
Here is some additional info concerning the latest global ransomware attack making the rounds through Europe and other parts of the world today. As always, please verify your backups and patch, patch, patch!!
Please take the time to review these linked articles and protect yourself and your children from the exploitation of leaked location data and the evil that comes with that practice.