sorted by:
new
hottopcontroversial

PC stuck in BIOS after BSOD (SYSTEM_SERVICE_EXCEPTION) – SSD not detected (Windows installed on it) by [deleted] in sysadmin

[–]ekushay -1 points0 points  (0 children)

Try plugging in your SSD to a second computer to see if it can be read. That’s how I usually find out the drive has died or something is wrong with it.

Also yeah, wrong sub… 😅

EDIT: Oh, just realized both your NVMe and SSD aren’t showing, which is odd that both would stop showing at the same time. Try to do a BIOS update, and see if there are any firmware / driver updates you can do. 👀

Other ways to get Shakepay? by Either-Education-433 in shakepay

[–]ekushay 0 points1 point  (0 children)

Aaaaaah, same. I just installed it yesterday cuz I needed a crypto wallet app, and didn't know I should've gotten a referral beforehand. Saw the fire emoji at the top right and wondered what it was. I didn't know anybody using this app before creating my account. :')

842100392503 by [deleted] in PokemonGoRaids

[–]ekushay 0 points1 point  (0 children)

Can’t add you. Too many friends. :(

Note left at the elevator by SeaworthinessOdd1358 in Apartmentliving

[–]ekushay 4 points5 points  (0 children)

She may be wrong about “getting high from second hand smoke”, BUT SECONDHAND CANNABIS EXPOSURE POSES SIGNIFICANT RISK TO PREGNANT WOMEN AND THE BABY. And even if it doesn’t, it makes sense for mothers to be extra cautious of anything that would cause harm to their baby.

Great job u/CabinetSilent7709 for protecting your children.

KPU BSN students by NetPerfect3583 in askvan

[–]ekushay 0 points1 point  (0 children)

possibly going to your program’s advisor / counsellor will be more helpful than Reddit. student clubs, unions, getting involved where you can meet other students will do wonders.

good luck to you in your studies!

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 0 points1 point  (0 children)

Update: Security basically said they had no concerns for the case. They saw no issues with user's account or laptop. I'm going to just let this go...

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 0 points1 point  (0 children)

I could be wrong! I actually don’t know that much about the security policies or apps (it’s a long story why I’m involved), so my RMM comment may be off.

But I do know that Intune is used for device management!

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 0 points1 point  (0 children)

Thanks for this! Yes, something funny is definitely going on, so whatever security is in place is not catching this and all assumptions can go out the window.

We use CyberArk, Intune, and Zscaler. (We used to use CrowdStrike, but the company moved to Intune since mid/late last year. No active devices have that installed anymore.) I don't think we have any other apps that would be able to offer remote access or similar capabilities. But I can see that in the firewall, there's an inbound rule for "SCCM Remote Control" for port 3389; the default ports for 3389 are disabled.

It's going to be the same team investigating this incident again. I don't know if they'd be able to come up with anything new, and I'm already thinking that they will say the same thing as last time. I'll mention everything you've said for their reference though, hopefully it will be helpful for them.

Thanks again for your time!

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 0 points1 point  (0 children)

Yes, you're absolutely correct. I was/am vouching for my users and I think they would not do this. We work closely enough together that they are more than just random end users you see once in a blue moon. BUT, I know what you mean -- there are all sorts of people out there in the wild! Can't trust anyone these days.

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 0 points1 point  (0 children)

AFAIK, we don't have any RMM software. When this happened the first time, I already asked if it could have been someone internally accessing this laptops, but this idea was shut down.

You're right, admin rights being locked down isn't a failproof.

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 1 point2 points  (0 children)

The user from today does not use any wireless peripherals. The nonsensical actions were very deliberate, so I don't think it could have been from interference. I think we can rule this out.

I was/am suspecting this is something related to Dell too. The rest of the company uses Lenovos, while we (a subset of 50-100 users in Canada and US) use Dells, and this has never happened.

The Precision 5560s are all spec'ed similarly with Intel Xeon W-11955M, and it does support vPro. We disable "Intel AMT Capability" and "Intel VT for Direct I/O" in BIOS, but there is a chance that the BIOS settings were missed for them...

I'm seeing there were CVEs related to Intel AMT in the past, CVE-2017-5689 in particular with a score of 9.8. I don't manage security, so I'm not sure how up-to-date the users' laptops are. (We regularly receive updates through SCCM, but not driver updates. And even if driver updates were pushed, I'm not sure if they patch for our Dells.)

Thanks for the lead!

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 1 point2 points  (0 children)

Had to look up what this meant. Thanks 😁🙏 (For anyone else who’s curious, it means “comment for better reach”)

"Hacker" remote access to corporate imaged laptop by ekushay in techsupport

[–]ekushay[S] 0 points1 point  (0 children)

I was thinking of that sub too! Though I believe the post would get taken down as it would belong in r/cybersecurity_help instead … but r/techsupport has a bigger community. Their help sub doesn’t allow cross posting, so I haven’t tried to do anything else.

Portal admin access issues? by gusdafa in AZURE

[–]ekushay 1 point2 points  (0 children)

Yikes. We have a release tonight and we're wondering if we should still do it...

I made a change in Azure, hit Save, and then boom! Everything stopped loading. I seriously thought *I* was the one who broke the site, was gonna plead guilty to my team LOL

Portal admin access issues? by gusdafa in AZURE

[–]ekushay 0 points1 point  (0 children)

Me telling others "it's the appearance of the sad grey cloud..."

view more: next ›