Olivia
Online
Peter Richardt
@RichardtPeter
Dad of a girl, dad of twins, husband, bicycle and IT enthusiast, master of Labrador, gardener out of necessity
Oberaula, Deutschland
Joined October 2011
225 Following
14 Followers
189 Posts
Folks, MDE In Depth 2nd Edition which we've been working on for a while is now available for order in May.
UK: https://t.co/bFhKSHncKt
USA: https://t.co/fWnzP1U8CB
3 new chapters one tuning + situational optimisations, mobile threat protection, and safely rolling out to prod. All others refreshed + updated since the 1st edition 3 years ago.
@rucam365 @WelkasWorld Do you maybe know how to license mde on windows 11 intune shared devices? There seems nothing official?
@Mister_MDM There were also issues with vuln scanners just looking for build numbers. Vuln tool was not build already to detect hotpatch devices as up to date. Canceled hotpatch feature for this reason.
@xenappblog @dhoody82 @MSIntune Could you give us more details on what you design different for VMs? πβ₯οΈ
@Mister_MDM @PatchMyPC @MisterMDM Knock, knock βΊοΈ happy new year. Did you had already time to look at our must have feature?
@buckleyplanet Yes, now it works
During a recent incident response case, we observed the following file access: \\localhost\C$\@ GMT-2025.06.21-10.53.43\Windows\NTDS\ntds.dit
This is a clever method of accessing a Volume Shadow Copy (VSS) snapshot. Many EDR and detection systems typically monitor for commands such as 'vssadmin list shadows', and may trigger alerts based on their use.
However, by leveraging the "Previous Versions" feature in Windows (see screenshot), attackers can select a snapshot, view its properties, and enter the '@ GMT' path directly in Explorer. This allows them to browse the snapshot's contents without needing to use the command line.
Because this technique doesn't rely on typical shadow copy commands, it may evade detection by your EDR or SIEM solution. You might want to test it in your environment to identify and close this potential detection gap π¦ΈββοΈπ¦ΈββοΈ
@djammmer Dell Support Assist OS recovery is good enough for bare metal.
You need to lower your demands on perfection π
@byteben @PatchMyPC A Consultant meant, that 1.000 would be a magical maximum.
But even with 200 products activated in Pmp assigned to All devices, this can have Performance impacts?
Last Seen Users on Sotwe
YalaX π§π΄ππΌ
Deity Demeter - Findom ποΈπΊπΎ 
Seen from Algeria
Alex.kras
Seen from Germany
nikmat
Seen from Singapore
Kingabdi
Seen from Singapore
Lil Joeππ₯
Seen from Turkey
reversecowgirl69
Seen from United States
Χ¦ΧΧΧ§Χ ΧΧΧΧ‘
Seen from United Kingdom
Cinnamon
AYΕE SΓMBΓL
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers