Serious Discussion How Does One improve Security ?

Here is one

What is notably different from WannaCry, is the inclusion of additional functionality designed to steal
cached credentials from the compromised local system and then use them to authenticate and run
commands on other remote systems on the local area network, resulting in potential propagation to
patched machines.

I believe we all should know by know that there are still undiscovered vulnerability that are active in the wild, right?

Edit:

The system which was up-to-date last month, had X number of high-risk vulnerabilities that were exploited before being patch the next month 😅
 
  • Like
Reactions: Khushal
By running an executable or just connecting to network?
Have you read the link I posted?

Have you ever heard about "remote execution"?
What about zero-click network exploits?
Fileless malware?

And please let me refresh your memory. In 2017, Piriform servers got hacked (supply chain attack). Hackers injected malicious code into the official version of ccleaner and then they replaced (in 2017) the original version of ccleaner with the compromised one.

Those users who downloaded the "up-to-date" Version trying to stay up to date got jnfected.
You might argue that this required user interaction, but those who were using Ccleaner cloud received the update automatically.

so please read the link I posted and maybe take a look at the other topics I shared.
 
  • Like
Reactions: Khushal
Remote execution requires a footstep on your device you offer by downloading and running an executable.
What I was referring to, is lack of chance to get infected by just connecting to a wifi network in a cafe with one of the connected devices infected.
You asked for a link, you got it. Please feel free to ask if you want me to post links to peer-reviewed studies 😁
 
  • Like
Reactions: Khushal
The man cannot do harm by reading news without logging in or downloading fake installer.
I like the man in the middle 😂
You did post this


Zero excutables needed. Zero user interactions.

I hope when you're enjoying your coffee at the cafe, make sure the cafe is not using one of these Tends devices.
 
You did post this


Zero excutables needed. Zero user interactions.

I hope when you're enjoying your coffee at the cafe, make sure the cafe is not using one of these Tends devices.
I am not using a modem router to read news, only an android phone.
 
drive-by downloads
A history, not with modern browsers.

"Security experts recommend turning off remote web management features to prevent external access to the device’s interface."

The Tenda's vulnerability requires a user who turns on "remote web management".

Reading and your brain is your first defense line, not the promoted security tools.
 
  • Like
Reactions: Khushal
I am not using a modem router to read news, only an android phone.
Good for you. I posted the links for others to read.

Next time please do not make unverified claims. And when you ask for sth and get it, you should reply as a "scholar" Or "academic instead of being smarty pants with those hilarious comments. Enjoy your day scholar.
 
  • Like
Reactions: Khushal
Good for you. I posted the links for others to read.

Next time please do not make unverified claims. And when you ask for sth and get it, you should reply as a "scholar" Or "academic instead of being smarty pants with those hilarious comments. Enjoy your day scholar.
When you picked Trend Micro to use, I warned about its high false postivite rate.
You did not listen.
Days later you came crying after false flagging stuff on your device.
I said to you then "I have warned you"

I carefully pick the data from internet :cool:
 
When you picked Trend Micro to use, I warned about its high false postivite rate.
You did not listen.
Days later you came crying after false flagging stuff on your device.
I said to you then "I have warned you"

I carefully pick the data from internet :cool:
Please stop deflecting. Second, I provided you with links to read and educate yourself so that you never share unverified claims ever again. Instead of educating yourself and reading the articles I sent (God you did not even read the article about Tenda you share yourself), you are here defelcting and trolling.


While TM thing is unrelated to this thread Mr Know-all, when I was using it, I was using the Hypersensitive mode which is knows for generating too much FPs. But anyway, I have always enjoyed testing different products and I will continue to do so when I feel like to. That way when I share my experience, I talk about sth I did use without sharing unverified claims. Hope you're enjoying your coffee at a cafe that is not using one of these vulnerable Tendas.
 
  • Like
Reactions: Khushal
A history, not with modern browsers.

"Security experts recommend turning off remote web management features to prevent external access to the device’s interface."

The Tenda's vulnerability requires a user who turns on "remote web management".

Reading and your brain is your first defense line, not the promoted security tools.
In late 2023


Moreover, feel free to read about V8 Java script engine exploits.

Have you heard about "Pegasus"? Their business model is built entirely on zero-click browser and OS exploits.
 
  • Like
Reactions: Khushal