Digital Security Solution Thailand

Name: Digital Security Solution Thailand
Address: 95/1-2 thong lor soi 3 , sukhumvit 55 Road, Klong Toey, 10110, TH
Telephone: +66 99 142 4409

Digital Security Solution (DSS) is one of the foremost computer security companies based in Thailand

Providing consulting services to tackle information security breaches, investigate episodes of hacking, audit websites, conduct computer forensics and offer DDoS protection. In addition, DSS retails specialist security and computer forensics.

31/10/2014

Exploit exchange hub

31/10/2014

Social network interception. Lawful interception services

16/10/2014

Ddos stress test, botnet, dns amp, ntp attack, ssdp attack

16/10/2014

In depth security research and tackle

16/10/2014

Zero day exploit research

30/11/2013

Thailand international gate route was disable, due to political conflict, majority of social network, facebook , twiter , youtube most was unable to route, but we do provide special ssh free route to all social network please visit our website or contact us for the use of free route.

07/11/2013

Zero Day Attack On Microsoft Office

Microsoft warned that attackers are targeting a previously unknown security vulnerability in some versions of Microsoft Office and Windows. There is a tool to blunt attacks on the flaw until Microsoft has time to develop and release a more comprehensive patch. :) According to TECH NET the victim most are from Middle East and South Asia.

The exploit needs some user interaction because it arrives disguised as an email that entices potential victims to open a specially crafted Microsoft Word attachment.
Microsoft Office 2010 uses the vulnerable graphic library, it is only affected only when running on older platforms such as Windows XP or Windows Server 2003, but it is not affected when running on newer Windows families (7, 8 and 8.1),” Microsoft said.

OFFICE 2003 - Affected
OFFICE 2007 - Affected

09/10/2013

News That I Have To Post

Black Hole Exploit Paunch Arrested
Zero Day Exploit,
Internet Explorer Exploit

In Russia arrested paunch - developer Blackhole Exploit-pack .
Rumors about the arrest appeared yesterday.
The researcher Maarten Boon from the company Fox-IT pointed out that a person
under the pseudonym «Paunch», known as the author of the "successful" and profitable
market for cybercrime Blackhole exploit kit arrested.
The expert noted that not only arrested Paunch, but his business partners.
Today, however, this information has been confirmed.
For information about the arrest confirmed Trols Orting (Troels Oerting),
head of the European Centre for the fight against cybercrime at Europol:
Troels Oerting, head of the European Cybercrime Centre, an arm of Europol,
confirmed to TechWeekEurope an arrest HAD Been Made and details through Came
to His organisation yesterday. "I know it is true, we got some information,
but I cannot say anymore," Oerting told TechWeek. He said he Could not Reveal
any more on the nature of the arrest. .
Additionally, information about the arrest unofficially confirmed by several sources,
including the leading expert on security, "Kaspersky Lab" Alex Guest.
However, the Russian Ministry of Internal Affairs to the request for arrest Blackhole creator did not respond. Certainly, the Russian law enforcement agencies will soon publish an official press release to boast such a remarkable success.

05/08/2013

A new attack on browsers with JavaScript

Exploit, zero day exploit.

A group of British security experts warned of a serious vulnerability in how modern browsers work with JavaScript and iFrame. According to them, the problem is deeper than it may at first seem, as the new technique is a combination of JavaScript-timing attacks, allows you to read any information from the browser's memory and sites to which the user is currently connected to. Authors technique say that the attack works on all major browsers and no easy way to get rid of it does not exist.

Technique uses a set of known issues of web browsers and JavaScript, but also involves a number of new elements that can be used with the previously known features to get full access to the source code of the page on which the user is now. In practice, it provides data on online banking person to open his personal data and receive data on bank cards.

Paul Stone, author of the procedure, said that his technique is in principle possible to improve and achieve even more success. "I am confident that it will take time and technology will be improved," - he said. One of the finds of Stone - a trick that allows hackers to view what websites before browsing user. With the help of special equipment Stone managed to slow the process of rendering frames in a browser and see what the user sees.

He also noticed that when the page uses JavaScript-animation, it is even more slow rendering pages. This allows you to measure the frame rate and when the user clicks on the link, there is a change in the rate of processing frame rate and it also allows you to calculate exactly which links are pressed. In the end, the browser draws links as new, but then checks the database, if pressed on them before the user. If a match is, the link is marked as previously pressed.

Stone showed for the technique at the Black Hat 2013. According to him, he created a program that analyzes the process of drawing frames and transmits the data to a potential attacker about what is happening in the user's browser. "When the browser renders a reference for the first time, the first frame is always slow. If all links have not previously been pressed by the user, the second shot will be much faster. If you are pressed, then the second and subsequent frames also will slow rendering," - says Stone.

According to him, the highlight of this attack is the fact that there is nothing to fix. That is, you can not just release a patch to eliminate the problem. All browsers are initially on such algorithm.

The second part of Paul Stone's attack even more dangerous. It relies on the browser used format Scalable Vector Graphics, which is used on web pages. He found that the SVG-filters in browsers allow an attacker to see exactly what the user sees in the current browser window.

Using the features of the filters, Stone created a system that literally draws the contents of the screen pixel.

As part of its report on the Black Hat USA 2013 Stone showed a program that has revolutionized the remote computer, receiving a JavaScript code iFrame content in the victim's browser.

According to experts, a similar technique can get the source code page to the victim computer. In his presentation, he showed hacking closed pages on Google+, which contained the address, phone number and other personal data of the user.

He also noted that the Firefox vulnerability with SVG already been eliminated, but in other browsers it is still present.

05/08/2013

Bypass SecureBoot / UEFI
Bootkit, rootkit, ring3 ring0

Information security specialists say that the new security mechanism of Windows 8 Secure Boot can be avoided, though not 100%, but only on some computers that manufacturers use "special" technology extension UEFI (Unified Extensible Firmware Interface).

Independent researchers Andrew Furtak, Alexander Bazhanyuk and Yuri Buligin at Black Hat USA conference demonstrated two attacks that bypass Secure Boot, to install on your computer UEFI-bootkit, which is located in the boot sector of a disk and actually puts an end to the concept of Secure Boot.

Recall that Secure Boot is a technology that uses a previously developed UEFI specification and enables to place the boot sector of the computer codes, and only programs with a special digital certificate publisher, ie viruses out there way, in theory, is closed.

However, according to the researchers, their exploits puts this statement into question, and the matter is not in the Secure Boot itself, but in how it uses UEFI technology, some equipment manufacturers.

First, the exploit works as a result of the fact that some manufacturers do not properly protect the boot sector, allowing the attacker to modify the code responsible to translate Secure Boot to the active state, says working in the McAfee Yuri Buligin.

Exploit modifies the key platforms - root key, located at the heart of all the security checks Secure Boot, but to accomplish this code should be executed in the kernel mode of the operating system (the highest privilege level).

This somewhat limits the attack, as the potential hacker must first figure out how to get such a low-level access to the victim machine. Experts have shown an example of the exploit notebook Asus VivoBook Q200E, but according to them, some desktop motherboards also exposed the problem.

The second exploit runs in user mode, that is, the attacker need only the very right to execute code in the system as such. Typically, such access is and Java, and Flash, and Microsoft Office and many others.

Experts do not disclose the technical features of the second exploit and did not name the affected vendors, because they said the problem "is very common." Bulygin said that the problem they had notified vendors almost a year ago, but it was closed a few.

In Microsoft said that in the course of the problem and are working with our partners on this issue. "Despite the mistakes, we generally agree that Secure Boot - is a good technology and a step forward. To install the bootkit attacking you first need to find a vulnerability that avoided Secure Boot, and then, if they are dealing with old platforms, they do not interfere "- says Buligin.

31/07/2013

Microsoft and the FBI eliminate botnets Citadel

Microsoft and the FBI jointly eliminated 88% of botnets Citadel.

From Citadel cleared 40% of the infected computers that were part of a botnet.

As reported by Microsoft, 88% of botnet infected with malware Citadel, were destroyed as a result of the operation carried out by experts corporation jointly with the FBI and our partners in the field of technology and financial services.

Since then cleared from the Citadel 40% of infected computers that were part of a botnet. Microsoft has not said if what the clearing systems and how many computers are still infected.

The director of the legal department at Microsoft Cybercrime (Microsoft's Digital Crimes Unit) Richard Dominguez Boskovic (Richard Domingues Boscovich) announced that the company's experts examined nearly 1.3 million unique IP-addresses, resulting sinkholinga in which were replaced by C & C servers, Citadel, used by attackers. According Boskovic, were part of a botnet of 1.9 million computers.

According to data provided by the expert, the largest number of infected systems in the period from June 2 to July 21 of this year, it has been found in Germany (15%), Thailand (13%), Italy (10%), India (9%), Australia and Poland (6%) and the United States (5%).

Boskovic praised the cooperation between public and private organizations to eliminate botnet Citadel.

"By combining our collective knowledge and to take coordinated steps to eliminate botnets, we were able to significantly improve the operation Citadel. We have secured the victims from the threat of cyber crime and made the business more expensive for the attackers, "- said the expert.

keyword: citadel botnet, botnet, botnet investigation.

31/07/2013

A critical vulnerability in SAP Router

For the first time in the history of the world's largest information security conference Black Hat 2013 vulnerabilities discovered by Russian scientists, was nominated for best server-side vulnerabilities of software, 2013.

Critical vulnerability found by the researcher of Digital Security Gregory Nosenko, related to a buffer overflow in the SAP-router and allows any attacker from the Internet to get full access to the system and to internal servers SAP-systems of most organizations.

This is the first and only such a level of criticality vulnerability has been identified in SAP-router.

This application has long been virtually unstoppable. Given the fact that the SAP-router uses a huge number of corporate clients and SAP is designed to gain remote access via the Internet to the internal SAP-systems, this vulnerability is particularly dangerous.

That is why the corporation SAP, having been informed of it, it promptly removed by releasing the appropriate update and timely notice to its customers in May 2013. Digital Security Company recommends to eliminate this vulnerability as soon as possible.

Further details will be published in August in conjunction with the annual safety study SAP.

Digital Security is an authorized service partner of SAP AG, as well as product developer ERPScan Security Monitoring Suite.
keyword: router hacking, router exploit, zero day exploit

ที่อยู่

95/1-2 Thong Lor Soi 3 , Sukhumvit 55 Road
Klong Toey
10110

เบอร์โทรศัพท์

+66 99 142 4409

เว็บไซต์

https://dss.in.th/

แจ้งเตือน

รับทราบข่าวสารและโปรโมชั่นของ Digital Security Solution Thailandผ่านทางอีเมล์ของคุณ เราจะเก็บข้อมูลของคุณเป็นความลับ คุณสามารถกดยกเลิกการติดตามได้ตลอดเวลา