Jump to content
Login with your Gmail HERE and start posting in seconds! ×

High alert over global cyber-attacks

rooster59

By rooster59
in Thailand News

 Share

Recommended Posts

ThailandLOS Senior Member

ThailandLOS

Posted
Posted
2 hours ago, cyberfarang said:

Does anyone have faith in the security of the Thai banking system. I sure don`t. I have been searching online to find any reports on what the major banks are doing to safeguard their systems against these kinds of outrages, but so far can`t find any

 

Nobody can receive or keep a bank license in Thailand unless there are proper measures in place for security and recovery. It might not be published openly on the web - but I can assure you that this is very real.

 

This is how Big 5 corporations like IBM and PriceWaterhouse earn the majority of their revenue in Thailand and elsewhere - since they accredited to perform these type of audits and IT projects.

 

Link to comment
Share on other sites
cyberfarang Senior Member

cyberfarang

Posted
Posted
29 minutes ago, ThailandLOS said:

 

Nobody can receive or keep a bank license in Thailand unless there are proper measures in place for security and recovery. It might not be published openly on the web - but I can assure you that this is very real.

 

This is how Big 5 corporations like IBM and PriceWaterhouse earn the majority of their revenue in Thailand and elsewhere - since they accredited to perform these type of audits and IT projects.

 

Hope you are right friend. I do have faith in my British banks, but as for the Thai systems, only wish I had your confidence.

Link to comment
Share on other sites
khunPer Diamond Member

khunPer

Posted
Posted
11 hours ago, carstenp said:

 

Well time for Win XP to end in thailand then, and welcome to win 10 :smile:

 

 

WinXP and Server2003 has actually extraordinary been upgraded free by Microsoft to protect them from this malware.

The important security update to check for MS17-010 of March 14th this year (20174).

Link to comment
Share on other sites
ThailandLOS Senior Member

ThailandLOS

Posted
Posted
1 hour ago, khunPer said:

WinXP and Server2003 has actually extraordinary been upgraded free by Microsoft to protect them from this malware.

The important security update to check for MS17-010 of March 14th this year (20174).

How fortunate - NSA probably already had the patch ready for them. I wouldn't be surprised if the attack was a false flag to demonstrate how dangerous it is to expose the US gov dirty little secrets.

 

This is not the end of it however - there is much more to come from the same source. Stay tuned.

Link to comment
Share on other sites
ThailandLOS Senior Member

ThailandLOS

Posted
Posted
4 minutes ago, wakeupplease said:

Don,t worry guys this happened 3 days ago and you have not been hit yet, the hackers do not have the skills or even want to mess about with old computers running windows 95 and XP

I believe you're missing the point - the tools were not developed by some hobby hackers in a dark basement - this was produced by the US gov:

 

https://en.wikipedia.org/wiki/The_Shadow_Brokers

Link to comment
Share on other sites
wakeupplease Rookie Member

wakeupplease

Posted
Posted
1 hour ago, ThailandLOS said:

I believe you're missing the point - the tools were not developed by some hobby hackers in a dark basement - this was produced by the US gov:

 

https://en.wikipedia.org/wiki/The_Shadow_Brokers

Sorry I am not missing the point but you may be

 

Do not click on emails sent to you from people you do not know or do not download emails or attachments from the same even though they claim to be from PayPal or ITunes or banks. Look at the address its sent from and its a give away

As I own a rather large web company I think I am right in this as we do not get hit. Also update websites if you have a CMS like Wordpress as they get hit often.

 

Here is an example sent to us and we get 20 to 100 every day this email is supposed to be fro PayPal telling us our account is suspended and click on button to rectify the problem if you do all hell brakes loose and you loose any money in the account and they will use the account to buy what they can b4 its discovered

 

This is the address it was sent from

[email protected]

 

but if it had come from paypal it should have come from

https://www.paypal.com or https;//www.paypal.co.uk

 

just copy address but be-careful

 

notice.alibaba.com

 

paste in browser and it will come up Server not found

 

But please careful with all emails as we have seen

 

[email protected] and many other like itunes.apple.co

 

On websites taking money online look for

 

https:// this means its secure

 

An good example is here on TV look at the top of your page now in the browser address window and you will see a green padlock followed buy https://www.thaivisa.com

This means its secure and as good as it gets.

 

Microsoft computers are not so good as many use them Macs are better but still not exempt from viruses

Motto

Be-careful what you download

Hope that helped

Link to comment
Share on other sites
cyberfarang Senior Member

cyberfarang

Posted
Posted
34 minutes ago, wakeupplease said:

Sorry I am not missing the point but you may be

 

Do not click on emails sent to you from people you do not know or do not download emails or attachments from the same even though they claim to be from PayPal or ITunes or banks. Look at the address its sent from and its a give away

As I own a rather large web company I think I am right in this as we do not get hit. Also update websites if you have a CMS like Wordpress as they get hit often.

 

Here is an example sent to us and we get 20 to 100 every day this email is supposed to be fro PayPal telling us our account is suspended and click on button to rectify the problem if you do all hell brakes loose and you loose any money in the account and they will use the account to buy what they can b4 its discovered

 

This is the address it was sent from

[email protected]

 

but if it had come from paypal it should have come from

https://www.paypal.com or https;//www.paypal.co.uk

 

just copy address but be-careful

 

notice.alibaba.com

 

paste in browser and it will come up Server not found

 

But please careful with all emails as we have seen

 

[email protected] and many other like itunes.apple.co

 

On websites taking money online look for

 

https:// this means its secure

 

An good example is here on TV look at the top of your page now in the browser address window and you will see a green padlock followed buy https://www.thaivisa.com

This means its secure and as good as it gets.

 

Microsoft computers are not so good as many use them Macs are better but still not exempt from viruses

Motto

Be-careful what you download

Hope that helped

That`s all fine, but only for our own computers and our online activities, but we have no controls as to how secure the banks and other important services protect their online and internal E database computers, especially as it seems many are using antiquated outdated systems. 

Link to comment
Share on other sites
wakeupplease Rookie Member

wakeupplease

Posted
Posted
1 minute ago, cyberfarang said:

That`s all fine, but only for our own computers and our online activities, but we have no controls as to how secure the banks and other important services protect their online and internal E database computers, especially as it seems many are using antiquated outdated systems. 

Sorry I cannot help you there as Banks are Banks and do it there way, but here in the UK there are laws for fraud on credit cards and banks and they have to pay you back if they mess up.

 

Is it not like that there?

Link to comment
Share on other sites
ThailandLOS Senior Member

ThailandLOS

Posted
Posted (edited)
3 hours ago, wakeupplease said:

hackers do not have the skills or even want to mess about with old computers running windows 95 and XP

I don't know what you are on about and what your reply has to do with this thread on the current WinXP attacks - but have no intention to enter some sort of flame war on this - so here is my final reply.

 

Anyone with half a brain doesn't click on attachments from unknown/unverified sources and avoids sending sensitive information to web servers lacking encryption (not that SSL is entirely secure either - which has been proven by NSA for one). The point that is that out of maybe 5000 employees in a large organization, there will always be at least one weak (ignorant) link - this is exactly what happened in this weeks attack. You simply can't protect a large company with good advice - they need to be current on their patches and have sufficient anti-virus protection.

 

What made this (WinXP) attack succesful was that Microsoft didn't know about the security loophole (but NSA obviously did) and the emergency patch came far too late for everyone concerned to react.

 

Clearly you don't understand that the released pack of NSA tools was indeed exactly targeting outdated systems - and that there are plenty of tools out there left in the open for anyone with malicious intent to use. There are most certainly also such NSA tools targeting modern system - those have not been released (yet) by Shadow Brokers.

 

Hope that helped

 

 

Edited by ThailandLOS
Link to comment
Share on other sites
wakeupplease Rookie Member

wakeupplease

Posted
Posted
7 hours ago, ThailandLOS said:

I don't know what you are on about and what your reply has to do with this thread on the current WinXP attacks - but have no intention to enter some sort of flame war on this - so here is my final reply.

 

Anyone with half a brain doesn't click on attachments from unknown/unverified sources and avoids sending sensitive information to web servers lacking encryption (not that SSL is entirely secure either - which has been proven by NSA for one). The point that is that out of maybe 5000 employees in a large organization, there will always be at least one weak (ignorant) link - this is exactly what happened in this weeks attack. You simply can't protect a large company with good advice - they need to be current on their patches and have sufficient anti-virus protection.

 

What made this (WinXP) attack succesful was that Microsoft didn't know about the security loophole (but NSA obviously did) and the emergency patch came far too late for everyone concerned to react.

 

Clearly you don't understand that the released pack of NSA tools was indeed exactly targeting outdated systems - and that there are plenty of tools out there left in the open for anyone with malicious intent to use. There are most certainly also such NSA tools targeting modern system - those have not been released (yet) by Shadow Brokers.

 

Hope that helped

 

 

You say I do not understand, well you did not see the funny side for a moment to which I later went on to say how to stop it happening to your own computers. This virus attacks XP and 10+ and many other Microsoft operating systems. 

 

Its a scam and fingers are pointing in one direction right now.

 

most anti virus will not stop it.

 

The only thing that will is education and teaching staff and owners how to deal with a scam email and not to download it.

 

PS none of my companies got it, as my staff where trained, but I guess the crew are web designers and programmers, so they should know better.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.










×
×
  • Create New...