I’m gonna re-image and flash literally everything

Hi all,

So, my computers have been a lil whacky for about a month. Not just my PCs but my internet connection too. Bit of background I work in infosec, on the defensive side of things, as a 1st/2nd line SOC Analyst. I do a lil bit of engineering too.

So, it all seemed to start about a month ago. I’m chatting with someone on reddit. We’re vibing getting along, but somewhere down the line he all but confesses to me that he’s full on black hat. I was new to reddit, had made an ‘anonymous’ account (yeah righttt), but I shit myself. At this point we had exchanged lengthy conversation and images of various things. Nothing sexual if that’s what you may think, reddit is as funny old place, just cool stuff. We had also moved the convo over to discord. It’s dawning on me that my opsec had been absolutely pants, and that I had given this person more than enough to go on to begin to piece the puzzle of who I am together, not least of which my IP address, and exact geo location and mobile models and possibly PC models and OS’s in the EXIF data for the images and stuff I’ve sent. It’s also dawned on me that he could have sent malicious files, that I’ve opened naively.

Then it dawned on me that a couple hours or so into our conversation my internet connection had started playing up. Like it was being seriously overworked, busy. This had then been a consistent nuisance the whole time.

It’s also dawned on me that my ‘anonymous’ profiles are not as anonymous as I would have liked, and that there are links between those and my legitimate accounts, here and there.

Both my laptop and my desktop, running Mint, have slowly but surely deteriorated over this time. They crash and they crash more often, and are often otherwise very sluggish and slow. Checking the system monitor doesn’t show anything untoward, very low level usage of some modest resources. I know that many malicious programs can hide their use of resources, though. My laptop is BURNING through the battery when it’s on, and also itself. It gets unbelievably hot.

Internet connection has been very poor and patchy. I have a half gig fibre connection and it is usually very reliable. I can tell when it’s being hammered, because the percentage connection strength will drop significantly. It has been almost consistently lower than it should have been, and very low at times. It’s only me in the house at the moment, and I’m rarely streaming things. Just on reddit and also various other curiosity quenching ventures.

To begin with my web browsers (alternate etween firefox and brave) were remembering things they shouldn’t be. History and authentication info and the likes. Then, as is the case now, they’re gone amnesic.They don’t seem to be remembering anything.

[EDIT: Also, firefox warned me that an admins made changes to it’s settings, a policy called ‘DisableAppUpdate and the value was true. Looking online ppl are saying oh no worries your organisation will have don it for you! My machines are not managed by an organisaiton, as far as I’m aware. However is it the case that ‘root’ could be the admin/organisation in a similar scenario?

My instagram account has been locked up and won’t allow any real actions to be taken. It just sayd: ‘Try again later. Whe restrict certain activity to protect our community.’ Which is kinda weird, since I rarely use it. I’m thinking maybe someone has tried brute forcing it and ended up locking it up.

I’ve done some basic checks on the machines to see who is logged on and what processes are running etc but not found anything concerning. Done some virus scans with CLamAV and such but again, nothing untoward.

I could just be being totally paranoid but I’m going to wipe evrything and reainstall clean images anwyay.

If you have any thougts on this I’ve love to hear them!

Amd let me know you need any logs and such to assist.

Many thanks in advance, Comparison Own3335

submitted by /u/ComparisonOwn3335
[link] [comments]

Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]

The post Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers appeared first on Security Affairs.

Am I going crazy

I don’t know how this is possible but Facebook account was just logged into from a military base near me I don’t know any from there and pictures from my camera roll that I took today were posted on my story. Im very certain I did not post them myself….

Did we get hacked?

I am currently out travelling with my girlfriend, and we booked the hotel, we are currently staying at using the booking.com app. After one day we extended the stay manually with an extra day. By coincidence we noticed on our final day, that someone had made a great review of the hotel on our behalf.

The review said: “Great room, great staff, great location” 10/10 Travelling with husband/partner
Exceded all expectations

We suspect the hotel submitted this review on our behalf, but how? They don’t seem all that tech savy….

My best guess: They intercepted a URL with our access token, and used that to create the fake review.

We will be using our VPN on all WiFi from now on!

submitted by /u/Ebbemonster
[link] [comments]

Getting an IP without clicking any links?

I was on a website (chat.poo.com) and someone somehow got my IP, I didn’t click any links, and there were no voice calls so I don’t think they used wireshark. How could this of happened? submitted by /u/hathamster001 [link] [comm…

Google dorks legality

Very stupid question: if I accessed a printer with google dorks and the print something would that be illegal? submitted by /u/PutYourNameHereNow [link] [comments]

Collection #1

I’m trying to solve an internet mystery, and that means getting a hold of an old email from 2006. I found out yesterday that the password was leaked in Collection #1, but I have no idea how to access the Collection #1 leaks. (I found one site that had them, but a membership costs several thousand dollars, which is money I can’t afford to spend right now.) Is there a way to access the leaked passwords without spending an arm and a leg (and not having my credit card stolen)?

(I apologize if I sound kinda stupid, it’s just that technology is not my strong point.)

submitted by /u/_spooktoon_
[link] [comments]