Cisco ASA Under Fire: Urgent Zero-Day Duo Actively Exploited, CISA Issues Emergency Directive

Another nasty exploit which can cause headaches to fellow admins if it is not mitigated on time.

Cisco identified two zero-day issues:

CVE-2025-20333 (CVSS score: 9.9): An improper validation of user-supplied input in HTTP(S) requests that could allow an authenticated remote attacker (with valid VPN credentials) to execute arbitrary code as root via crafted HTTP requests.
CVE-2025-20362 (CVSS score: 6.5): Also stemming from improper input validation, this flaw lets an unauthenticated remote attacker access restricted URL endpoints without authentication, again via crafted HTTP requests.

"According to the agency, the campaign is “widespread” and involves unauthenticated remote code execution and even manipulation of a device’s read-only memory (ROM) to maintain persistence across reboots or firmware upgrades."

Sources:

https://www.cisa.gov/news-events/alerts/2025/09/25/cisa-directs-federal-agencies-identify-and-mitigate-potential-compromise-cisco-devices

https://hoodguy.net/cisco-asa-under-fire-urgent-zero-day-duo-actively-exploited-cisa-issues-emergency-directive/

https://www.reddit.com/r/cybersecurity/comments/1nqf3bw/cisco\_asaftd\_zerodays\_under\_active\_exploitation/

Happy updating everyone!

https://redd.it/1nqu8wa
@r_systemadmin

W10 longer support in EU - any info on enterprise environments?

https://www.bleepingcomputer.com/news/microsoft/microsoft-will-offer-free-windows-10-security-updates-in-europe/

Good news for consumers in Europe.

I'm wondering now what this means for enterprise environments. Will this be extended to Wsus / MECM / WuFB updating? Would the pc need to be hybrid or Entra joined for that?

This won't change our upgrade path and timeline to W11 but it might offer a solution for those problem cases where a bit of extra time would come in handy.

https://redd.it/1nquxtw
@r_systemadmin

Weekly 'I made a useful thing' Thread - September 26, 2025

There is a great deal of user-generated content out there, from noscripts and software to tutorials and videos, but we've generally tried to keep that off of the front page due to the volume and as a result of community feedback. There's also a great deal of content out there that violates our advertising/promotion rule, from noscripts and software to tutorials and videos.

We have received a number of requests for exemptions to the rule, and rather than allowing the front page to get consumed, we thought we'd try a weekly thread that allows for that kind of content. We don't have a catchy name for it yet, so please let us know if you have any ideas!

In this thread, feel free to show us your pet project, YouTube videos, blog posts, or whatever else you may have and share it with the community. Commercial advertisements, affiliate links, or links that appear to be monetization-grabs will still be removed.

https://redd.it/1nqxbli
@r_systemadmin

Too many alerts, hard to know what to prioritize

We have been running vulnerability scans on our container images as part of our CI/CD pipeline, and its generating a ton of alerts. Between high, medium, and low severity findings across base images, dependencies, and custom layers, its hard to focus on what actually needs attention right away. Our team ends up spending more time triaging than fixing, and some critical issues might slip through because of the noise.

We’re using tools like Trivy integrated with our build process, but the volume is overwhelming, especially with frequent image rebuilds for different environments. Im wondering how others structure their monitoring setups to cut down on false positives or irrelevant alerts, and what signals they prioritize for immediate action.

For example, do you filter alerts based on exploitability scores, or tie them to runtime behavior in the cluster? Any tips on integrating this with overall observability to make alerts more actionable? Would appreciate hearing about real world approaches from teams dealing with container heavy workloads.

Thanks in advance.

https://redd.it/1nqykz9
@r_systemadmin

Who broke the internet today?

Looks like CloudFlare is down. Lots of websites not working.

https://redd.it/1nr0pdo
@r_systemadmin

Cloning SSDs that are in a RAID? Possible?

For some reason management wants to get some new computers with RAID1 and we are 100% on prem so that means going old school with Master Image -> Ghost to the rest.

Typically without RAID this is a cake walk.

Is it even possible to do or is the path simply:

Veeam Standalone Worksation Backup
Restore bare metal to each other workstation

?

https://redd.it/1nr0wsq
@r_systemadmin

What is happening with licenses?

I am in IT for almost 30 years but what I am experiencing with licensing is absurd.

Every license that expires and needs a renewal has price increases of 40-100%. Where are the "normal" price increases in the past had been of 5-10% per year. A product we rely on has had an increase from 900 euro a year to 2400 euro in just 3 years. I was used to the yearly MS increases, that also are insane, but this is really starting to annoy me.

Another move I see if from perpetual with yearly maintenance fees to subnoscription based. Besides the fact that if you decide not to invest in the maintenance fee anymore you can still use the older version, now the software will stop working. Lets not forget the yearly subnoscription is a price increase compared to the maintenance fees (sometimes the first year is at a reduced price, yippie).

Same for SaaS subnoscriptions. Just yesterday I receive a mail from one of our suppliers. Your current subnoscription is no longer an option we changed our subnoscription model. We will move you to our new license structure. OK fine. Next I read on, we will increase the price with 25% (low compared to other increases) but then I read further, and we will move you from tier x to tier y which is 33% lower.

(I am happy we never started with VMware though)





https://redd.it/1nr2ywh
@r_systemadmin

Sysadmin, 35, newly diagnosed with ADHD and wow a lot suddenly makes sense

Posting because maybe it helps one person.

Ops for 12 years, two speeds, 0 or 200. I can rip through an incident at 3am then freeze at 9am on a three line purchase order email. Twenty tabs open, three timers running, one notebook half scribbles half boxes. Some days the starter motor just won’t catch, other days I glue to a log line and forget lunch.

Numbers so it’s not just vibes. Ballpark 5–10% of people have ADHD, tons of adults got missed as kids because we didn’t fit the cartoon version. My waitlist was \~10 months. Since diagnosis my “stack” is dumb simple, 25 minute timers, externalized checklists, calendar alerts x3, tiny playbooks for repeat pain. Not discipline, scaffolding.

Work stuff. Queues and automation keep me afloat, context switching wipes me out. I can noscript for hours, then miss a renewal because my brain swapped projects and the pointer fell on the floor. If that sounds familiar, hi, same boat.

Big reframe I grabbed today from an AMA in a mental health community I lurk in, not IT, still useful. ADHD in adults isn’t “pay attention harder”, it’s planning, switching, starting, finishing. Once you name those four, you can pick tools that map to them. It's discussed here if you want to skim while your build runs https://chat.whatsapp.com/ESPGi3N9Opq3JY1AkWps2d?mode=ems\_copy\_t

Anyway, if you’ve got questions I’ll answer what I can. Not an expert, just a tired admin who finally has a label for why simple things felt uphill while the hairy stuff felt like play.

https://redd.it/1nr3mg5
@r_systemadmin

Reason # 100,999 Why Open Areas Suck For IT Work Spaces

Currently on a Zoom call and it sounds like the presenter is in a call center. The background chatter is annoying and distracting from the presentation.



https://redd.it/1nr4ehw
@r_systemadmin

US Jobs for Mid-Level Sys Admins Pay Nearly Double Compared to Canada

I don't know if it's just my Linkedin Feed making me feel bad..but something I’ve noticed with US IT job listings:

1. They actually post the salary range up front.
2. The pay difference is insane. I’ll see a mid-level (\~5-7 yeo) Sys Admin (internal IT) role in the US (Seattle, NYC, Chicago) listed at $120K–$180K USD, with the same day-to-day stuff: managing O365, MDM, servers, networking, user support, automations, security tools, etc. Then I’ll look at a Canadian (Toronto) posting with literally the same requirements, same responsibilities, same “must wear 10 hats” expectations, and the range is like $80K–$90K CAD

So yeah, it’s frustrating seeing how undervalued IT (especially internal IT/sysadmin work) is in Canada compared to the US. Would be great to hear some feedback from US Folks

https://redd.it/1nr6stq
@r_systemadmin

Startups Basic Info Security Tools

We are a 15 person startup with 10 of us being eningeers and 5 being other things like CEO, Chief Of Staff, Product, etc. About 3 of the engineers are remote but we are looking for a general device management/security solution. Right now we use SecureFrame and their basic agent to meet SOC2 but we want a real device management and security solution for our workers. What tools are light weight and more modern? I dont want to go back to the old like crowdstrike and others unless they truly are great for this size company and giving us the ability to make sure laptops are more secure, provide audit logs and general need you think an early stage startup needs.

https://redd.it/1nr7l0d
@r_systemadmin

Disabling IPv6 breaks mirrored networking for WSL2

Not sure if anyone is still doing this in 2025, but for anyone getting heaps of developers saying WSL2 won't work on the company network this might be why.

https://github.com/microsoft/WSL/issues/11002#issuecomment-1934119518


https://redd.it/1nr4v3w
@r_systemadmin

High Priority Tickets

Dear users, if you put in a Critical or High ticket, consider yourself chained to your desk or glued to the phone. If you put in a high ticket and ghost me, I don't care if the whole building is on fire and I can see it from my house, your ticket is now closed.

https://redd.it/1nrg6id
@r_systemadmin

Friend got replaced by a vCTO

I don't know if you remembered but I posted here a couple of months ago about my friend (1-man IT team) who doesn't want to just give the keys to the kingdom to the manager (limited IT knowledge) due to lack of competency from the manager which only meant 1 thing, they're preparing to replace him. Turned out his gut feel was correct. He just got laid off a day after sharing the final set of creds to this MSP offering vCTO services that the manager went with without much consulting my friend.

Don't really know how to feel about virtual CTOs but I'm thinking it's going to be a bumpy ride for them to learn how the whole system and apps work with each other without any knowledge transfer at all.

I'm thinking this incompetent manager made a boneheaded decision without as much foresight with what could go wrong. Sorry just ranting on behalf of my friend but also happy for him to get out of that toxic workplace.

https://redd.it/1nrhx0i
@r_systemadmin

New leadership chipping away at security

So we got new leadership late last year at our org, and this year they have started to issue functionally decrees in spite of strenuous objection from myself and my direct boss. They're overriding security policies for convenience, functionally, and at this point I'm getting nervous knowing that it's just a matter of time until something gets compromised.

I've provided lengthy and detailed objections including the technical concerns, the risks, and the potential fixes - some of my best writeups to be honest - and they're basically ignoring them and pushing for me to Nike it. A matter of just a few months and this has completely exhausted me.

Yes, I'm already looking at leaving, but how do you handle this kind of thing? I'm not really very good at "letting go" from a neurodiverse standpoint, so while I want to be like "Water off a duck's back" I can't. Pretty sure it'll bother me for a while even if I leave soon, just because we're the kind of org that can't afford to be compromised, so ethically this bothers me.

https://redd.it/1nrcd0r
@r_systemadmin

Creating a Super Restricted Windows User - Browser Profile + Printer Only Access

Hey everyone! I need to set up a Windows user account with very specific limitations and hoping someone has experience with this.
What I'm trying to achieve:

1.User can ONLY access one specific browser profile (Chrome)
2.User can ONLY use one specific invoice printer installed on that PC
3.User has NO access to anything else on the computer (no other apps, no file explorer, no settings, etc. and can't install anything new either)

Basically looking to create a "kiosk mode" type setup where the user is completely locked down except for these two specific functions. Does anyone have experience with that?

https://redd.it/1nrpscm
@r_systemadmin

Are there any windows 11 certification for IT Support role?

Are there any windows 11 certification for IT Support role?

I am looking to do a certification course for windows 11 but I can’t find any. Well are there no certification yet for windows?

Are there any certification for windows operating system? How do IT Support staff learn windows if there no certification for windows operating system?




https://redd.it/1nrz44a
@r_systemadmin

Confused about Microsoft Server License renewal

Hi Everyone,

Hope all is going well.

Hope all is going well. I’m assisting our management team with renewing our Microsoft server licenses for the first time, and I want to make sure we understand the licensing rules correctly.

From what I’ve read, and based on discussions with our sales representative (who seemed a bit unsure), here’s my understanding:



Microsoft server licenses are counted based on physical cores of the hosts.
For example, if we have 5 hosts, each with 20 physical cores, we need to license based on the number of cores per host.
There is a minimum license requirement of 16 cores per physical host.
The number of virtual machines running on those hosts does not directly affect licensing, as long as the physical hosts have the required core licenses.



So, theoretically, we could run 50 VMs on these hosts with Microsoft Server Standard license, as long as the physical cores are properly licensed.

I want to make sure this is accurate before presenting it to our vendor.

Does anyone have a proper Microsoft link or documentation confirming this?


Let me know your thoughts

https://redd.it/1ns05z9
@r_systemadmin

Not learning much at the internship

Finally, after applying for a few years I've gotten a job in IT. The role is a Student role as an IT support. Took me so long to finally land one role, had to go back to school, make projects, work on my resume so much.

Now, the problem is that I was already having the imposter syndrome and this job is gonna intensify that. We have like 4-5 people in the team, some taking care of tickets (including hardware & software issues), some doing lifecycle projects for devices and some managing assets etc. I think I'm supposed to do a lil bit of everything in the next 4 months of this internship/co op role. However, no one is training me for anything.

Everyone seems to be busy with their own work and not taking the responsibility to train me. The supervisor and manager are already not very nice (I sensed during the interview) and they're busy with meetings and high level stuff so I don't wanna bother them. I accepted the role because I wanted to get my foot in the door but there's no formal training of any sort.

One of the co workers just asked me to start looking at tickets and working on the easy ones but I have no related experience before and as a student I'm supposed to learn. There's no job shadowing or anything like that. They're not really giving me any other tasks.

Is this how internships are supposed to be or this company is just disorganized? They have hired students before so this isn't their first time but they are acting like they don't know how to train me or they don't care for it. They have given me very simple tasks related to imaging laptops but that's all they gave me in 2 weeks.

Am I thinking too much and should wait or there's something wrong? Am I supposed to learn everything on my own by doing it or I was supposed to get training for at least a week?

https://redd.it/1ns1fjv
@r_systemadmin

Looking for MDM solution for 200 Lenovo Android 15 tablets in a school environment

Hi everyone,

I work as IT support in a primary school. We are planning to introduce around 200 Lenovo Android 15 devices for student use in classrooms. I’m looking for a reliable MDM solution that can meet the following requirements:

Bulk app installation, with support for pushing custom APKs directly (not only through Google Play).
Lock down the status bar (so students cannot swipe down and change settings).
Force automatic WiFi connection, disallowing custom WiFi changes.
Customizable and locked home screen layout.
Real-time device monitoring (battery, volume, storage, etc.).
Remote power management (e.g., control battery use, remotely shut down devices).

# What I’ve tried so far:

1. Azure Intune
Covers most of the requirements.
Big problem: It doesn’t allow direct APK upload/push. For non-Play Store apps, you must use Google Play private app publishing.
Issue: If the app is available in other regions but not in the current Play Store region, uploading it as a private app will trigger Google Play’s package name conflict check. If the package name already exists anywhere in the global Play Store, the upload is rejected.
I’ve tried renaming/re-signing the APK to bypass this, but some apps have network auth and anti-tamper checks tied to the original package name. That breaks functionality.
So I’m stuck: keeping the original package name = can’t upload; changing it = app breaks.
Question: Am I missing something? Is there any way to push APKs directly with Intune?
2. Google Endpoint Management
Very basic compared to Intune.
Same limitation with Play Store private apps and package name conflicts.
3. Other commercial MDMs
Many look feature-rich but expensive.
Not sure which ones are truly worth considering for education use at this scale.
4. Open-source MDMs
Example: Headwind MDM.
Haven’t tested yet. Curious if anyone here has hands-on experience.
5. ADB + Intune hybrid
Idea: Use wireless/USB ADB to batch install APKs, then rely on Intune for policy enforcement.
Feels hacky and technical, but could be a backup plan.

Questions:

Has anyone deployed a similar setup (large scale, education, Android 15) and found a working MDM solution that supports direct APK distribution?
Are there any workarounds for Intune to bypass the Google Play package name conflict problem?
Is Headwind MDM (or any other open-source MDM) mature enough for production in a school with 200+ devices?
Any commercial MDMs you’d recommend that balance cost vs. functionality?

Thanks in advance for any advice or real-world experiences!

https://redd.it/1ns2ve7
@r_systemadmin

What’s the going hourly rate for a Jr. Technical Support / Help Desk role in California?

Hey folks,

I’m looking for some input from hiring managers and IT pros in California (Chino Hills/Carson area). Looking to fill a help desk role and want to make sure the compensation that was approved by leadership is competitive for the market.

Here’s a quick snapshot of the role:

* **Type:** Full-time, entry-level jr. role
* **Location:** California (initially in-office with possibility of hybrid once they are fully trained up), with frequent travel in a 50-mile radius, all travel expenses paid for, etc.
* **Responsibilities:**
* Primarily help desk and end-user support (Windows, M365, Intune, etc.)
* Hardware setup & troubleshooting (computers, printers, mobile devices)
* User provisioning and de-provisioning, workstation setup, etc.
* Occasional on-call rotation for after-hours support (one week every 2-3 months)
* **Experience:** 1–3 years, relevant IT certs a plus
* **Physical Requirements:** Valid DL, some lifting (up to 50 lbs.), frequent local travel

Given these details, **what’s the typical hourly rate (or annual equivalent) you’re seeing for similar roles in California** in 2025?

Anyone out there recently filled similar roles in the area, would love to get your insight.

https://redd.it/1ns6aqp
@r_systemadmin