1.i know what you mean by configuration for my router but not for the laptop are you referring to changing my password, recovery questions, and updating the os and browser if not can you clarify? 2.locking down wireless and managment access can you clarify. 3.you say to update the os and web browser, by updating the os it will automatically update the browser right? for me its windows and edge 4.You say malicious ads can take advantage of an unpatched vulnerability does visiting a site activate the ad or do i have to click on it? are you referring to drive by downloads if so does a https/secured website stop drive by downloads? 5.what is bundled web browser? 6.I have no idea how they are getting in? I am wiling, can you provide me with a strategy?? From my understanding the only way they got into my new laptop/router is from the modem but people on here said you can and cant hack a modem so im confused. i read online hackers can scan every ip in less then a day which is how they got into my modem if they did? i was told the default settings on my asus router would block any hack attempts from a hacker from a few of the people on here i guess they were wrong and i assume that was the cause of the breach thats how they got in by not configuring before connecting to the modems wan. do you think that as well, i didnt connect a device with malware again these were new devices recently purchased. I had an incident where the same hacker hacked my brand new phone from a phone store without me logging in an apple id or icloud account and this was my fear when i bought the new pc that it would happen again even tho people say its not possible i saw it happen with my phone so maybe thats how they got into my laptop which again i dont think is possible. Some of you get mad at me saying to show proof but i cant i wish i could please stop commenting if you dont have anything to help me with other then saying im paranoid or im lagging thank you for commenting on this i appreciate your time responding to my post this means a lot to me.
That's a lot of questions.
1. I'm assuming this question is for OS hardening. For a home user, a basic change would be making sure antivirus is running and the firewall is enabled.
2. For wireless, let's say you're being harassed by your neighbor. If you set up a new router and the wireless network does not have a password, that neighbor could gain access to your network before you've finished setup. Their window of opportunity depends on how fast you secure your wireless network, but it's something to keep in mind.
3. It used to be the case for IE, but I can't speak for Edge--it might be handled in the background, and outside of Windows Update. If you're not sure if Edge has been updated yet, you could always check by visiting edge://settings/help
4. For some malicious ads, you do not need to click. Drive-by download is the term, correct. HTTPS does not protect you from ads. Flash is not really a thing these days, but it used to be that a lot of webpages used Flash for media, and users installed a Flash plugin in their browser to view it. For a good bit of Flash's lifetime, Flash wasn't automatically updated, so a malicious Flash ad just being on a visited website was enough to install malware on the user's PC. It was was a legitimate concern if you were visiting less reputable websites.
5. Bundled web browser is the browser that is installed on the PC at the time of purchase. People usually take that to be IE/Edge, but for OEM PCs, they can have Chrome installed too and should also be updated before use.
6. When I respond to an incident, I don't have all the answers from the get go. Still, the strategy will differ depending on what the attack is. I can't be specific unless you're specific. For a new phone though that doesn't have apps ported over, it could be an opportunistic attack like an malicious ad. That's unlikely to be the same attacker as before. For stuff like that, is there a roommate messing with you? I'm curious how you determined how your phone was hacked, because some scammers just say they hacked your phone and try to blackmail you. I get a "I've hacked your webcam" email about once a quarter and have never owned a webcam.
