How Hackers hack/attack

  I was asked this question recently.

 Great question, how to provide a great answer?

 A very large number of hack attacks are like land mines. The attack is planted and the attacker awaits some/anyone to trip the exploit.            Drive-bys and watering holes are some examples. An exploit is placed in an web site that is not hardened or maintained, a web visitor views the HTML code at the site and becomes infected. The infection will probably go unnoticed while credentials are harvested and sent to the attacker.

 Clicking on links in eMails and/or opening malicious attachments can cause malware infections.

 Phishing - eMails designed to lure the recipient to a malicious web site or provide credentials - are yet another method of attack. There are now phishing tool kits and the increasing use of artificial intelligence to craft the better and better lure in phishing eMails. The use of SMS to deliver these attacks (Smishing) are on the increase.

 Thus far, some of the many ways anyone might be attacked/hacked. Most of these methods rely on vulnerabilities that can be exploited. Vulnerabilities in the hardware, software, applications, network, firmware, default and enhanced setup, the list goes on. Plus the user. The vulnerability is the user wanting to see celebrity gossip, dancing monkeys, any and all of the lures put out every day.

 The next level are script kidiots. Someone finds an exploit script or application on the Internet and decides to use it to attack. They don't write the exploit code, just copy and run. 

 A similar avenue, malware as a service. Ransomware as a service. The attacker buys or leases the attack and provides payment and the victim list. This is increasing as well. Someone takes offence at a social media post and pays to have the financial life of that person destroyed.

 The more interesting method of attack involves finding a vulnerability in anything cyber and pairing that vulnerability with an exploit. This used to be difficult. Then metasploit. A framework that does this pairing for anyone. Just pick a vulnerability from column A, an exploit from column B, a victim list and click. Vulnerabilities are published everyday. How to find a vulnerable victim list? Use Shodan. Shodan is a list of results of Internet wide scans that occur 24x7. When you place a new device on the Internet, it is found and published in a few minutes.

 New vulnerability finding is difficult and takes time, trial, and effort. Most vendors provide bug bounties for vulnerabilities. Bad guys also buy these vulnerabilities at a much larger pay out.

 So how do hackers hack/attack? The method, means and techniques are available. Just point and click.

Messaging Applications

  Recent changes in privacy policies from WhatsApp caused users to access their privacy need in messaging apps. This caused Signal to onboard new customers leaving WhatsApp.

 SMS messaging might be fine for messages. Other means might require more care. Options to consider: WhatsApp, Signal, Telegraph, Threema are a few of the choices. Really more secure methods are used by others with special needs. 

 Options that tout end-to-end encryption require that the provider should be unable to read/see your message. They have the meta data but not the encryption key.

 With the change in privacy policy by WhatsApp security and privacy researchers have given most other options a closer look. 

 Apple's iMessage has changed their privacy policy as well. Using Apple's iMessage with iCloud backup stores the encryption key. Thus law enforcement can warrant the key and thus the iMessage store. That may give you pause. Apple's reason - customers who forget their Apple account passphrases/passwords would not be able to recover their data and messages if they and only they held the encryption key. Apple had the policy that only the customer would hold the key but reverted due to passphrase/password reset concerns.

 If you desire full end-to-end encryption for your iMessage data, consider disabling iCloud access/backup for iMessage data

 You will need to investigate your other message applications to ensure their policy and procedures match your requirements.

If you wish to have your iPhone local backup encrypted via iTunes or Finder

Note: The encryption is data in transit. If someone gains access to your device and/or the recipient's device via theft or spyware they will have access to the message data.

Medical devices and iPhone12 and MagSafe

 Apple has issued another warning:

Keep iPhone 12 and MagSafe "safe Distance" from medical devices like pacemakers, defibrillators, implantable cardioverter defibrillators, etc.

For more information consult your physician and Apple.

MAJOR Android system Update 9-Jan-2021

   January 2021 Android update from Google released this week.

 Updates for Android 8, 8.1, 9, 10, and 11.

Not just Android phones but other Android devices. Tablets, TVs, and others.

As each device may have differing update and notification features, check your owner's manual.

Some manufactures will have their updates available after they apply the patches to their distributions.