With all the AV's, AntiExploits, SRP's, HIPS, and everything in between, do you think that people like "us", at Wilders can really get infected? I mean, what are the chances? Like in my case, I've been running samples against my setup, nothing gets by. Not that I'm a professional or advanced as others on here, but I'm not a newbie. If Chrome doesn't block it, then uBlock or Adguard does. If they don't, then "1806" does. Plus other security measures, DNS and such. And my Windows is completely updated. If you're not specifically targeted by a hacker, what are the chances?
Realistically, I think that security conscious users like ourselves would only get caught if it were something new yet completely different. Something never seen before. This would have to be a completely new attack vector. Likely coming through something widely used and trusted, like Chrome, for example. Personally, the only time that I was ever caught was Blaster worm.
With a decent security setup, you are immune to most automated threats. If you were targeted it would be a different matter. I doubt most of us would be targeted and much less be high value targets. We've had some really good examples of high value targets having their supposedly good security breached recently. Kaspersky and Hacking Team.
It's very unlikely, because most of us are quite paranoid and also know what to look for and how to use the security tools. I think that's the biggest problem, it's the lack of knowledge, it's not a matter of security tools that are not good enough.
To clarify, that doesn't mean that we are not at risk, you always need to keep your guard up. Even "expert users" might get hit. The way I see it, there are 2 ways to get infected: - Automated exploit - Direct user install The first one is quite easy to mitigate, with anti-exploit, anti-exe and sandboxing. The second one is a bit trickier. Normally you will download apps from trusted sources, and you will scan the app with local and cloud AV. But that's still no guarantee that the app is truly legit, and hasn't been modified with malicious code, so that's why I'm also using HIPS/behavior blockers and system monitoring tools.
When there's a real good target, the tricks and con artistry of social engineering come into play. Time and time again, that has proved to be the easiest way to get into a well secured target.
