Firewall Firm is a Managed Cyber Security Company in India
Home » Tag: Indian Cyber Security Solutions

Tag Archives: Indian Cyber Security Solutions

Home » Tag: Indian Cyber Security Solutions

Network Security Audit Company in India

Network Security Audit Company in India

Network Security Audit Company in India

Network Security Audit Company in India

Firewall Firm offers security audit services. These audits include applications, Operating systems, Networks and policy. Details of these audit processes are as below:

Policy Audit

Policy Audit service are deals with auditing of security policies. With our experience in dealing with various diverse systems and policies, we offer a unique combination of audit as well as technology skills. Policy Audits helps clients to recognizes their weaknesses and strengths as formulated in their policies and take adequate measures to reach standards prevalent elsewhere in this area.

Application Security

Firewall Firm looks into applications and audits existing policies on applications keeping in view the objectives of the client organization in terms of security. We also help clients develop secure and state of art applications through our solutions which are indicated elsewhere on this site.

Operating System Security

Operating system is the backbone which provides the platform on which applications are hosted. Firewall Firm has extensive experience in plugging the known vulnerabilities and hardening the operating system for client use. Audit services also help the client in understanding the weaknesses which exist in the system.

Network Security

Network security audit service audits the security of the network. This service looks into the areas of confidentiality, authentication and data integrity. Firewall Firm solutions team is capable of building these features on any network using standard protocols. Firewall Firm also helps clients in proper selection of network security appliances like Firewalls, IDS’s, Antivirus software and PKI solutions.

Vulnerability Assessments Services in India

Vulnerability Assessments are essential to find out the extent to which systems are exposed to threats from internal as well as external users. Firewall Firm provides these tests using the best of breed tools. You can request a sample report of the Vulnerability Assessment here. Firewall Firm conducts Vulnerability Assessment Tests in the following two ways:

Onsite Vulnerability Assessment Tests

Onsite Vulnerability Assessment is done by deploying Firewall Firm’s assessors to the client’s locations. These assessments include:

Assessment of vulnerabilities on Operating Systems ( only for servers on public IP addresses) verifying if the recent patches are applied or not.
Automated vulnerability assessments of routers and Firewalls.
Assessing the vulnerabilities on web servers, RAS, mailservers which are accessible from outside.
A detailed report regarding vulnerabilities found with recommendations for plugging the same.

Remote Vulnerability Assessment Tests

Remote Vulnerability Assessment is done by remotely accessing the Client Servers which are kept on public IP addresses. These tests include:

Assessment of vulnerabilities on Operating Systems ( only for servers on public IP addresses) verifying if the recent patches are applied or not.
Automated vulnerability assessments of routers and Firewalls.
Assessing the vulnerabilities on web servers, RAS, mailservers which are accessible from outside.
A detailed report regarding vulnerabilities found with recommendations for plugging the same.

Cyber-Security-Audit-Review

Cyber-Security-Audit-Review

For more details, please contact us on

Sales :+91 958 290 7788 | Support : +91 96540 16484

Register & Request Quote | Submit Support Ticket

Cyber Security News 1st week Sept 2016

1.      Dropbox hacked: Hackers have obtained credentials for more than 68 Million accounts of online cloud storage platform Dropbox from a known 2012 data breach. Last week, Dropbox sent out emails alerting its users that a large chunk of its users’ credentials that was obtained in 2012 data breach, may soon be seen on the Dark Web marketplace, prompting them to change their password if they hadn’t changed since mid-2012. Dropbox is the latest to join the list of “Mega-Breaches,” which includes LinkedIn, MySpace, VK.com and Tumblr.

 

  1. Kimpton Hotels hit by Point-of-Sale breach: Kimpton Hotels & Restaurants is alerting payment card customers of a payment card breach at more than 60 of its hotels and restaurants that occurred between February 16 and July 7 of this year. The hotel chain said in a message on its website that it first got word of unauthorized charges on guests’ payment cards in mid-July. An ensuing investigation uncovered malware on PoS servers at the front desks and restaurants of some of its hotels. “The malware searched for track data read from the magnetic stripe of a payment card and routed it through the affected server. Kimpton’s POS woes follow that of Eddie Bauer and HEI Hotels & Resorts, which operates Marriott, Hyatt and Sheraton and Westin hotels.

 

  1. Music website hacked: UK based – Music website called Last.fm, was hacked in March 2012 and three months after the breach, the company admitted to the incident and issued a warning, encouraging its users to change their passwords. Now, four years later the stolen data has surfaced in the public. The leaked records include usernames, hashed passwords, email addresses, the date when a user signed up to the website, and ad-related data. Last.fm stored its users’ passwords using MD5 hashing – which has been considered outdated even before 2012 – and that too without any Salt. (Salt is a random string added to strengthen encrypted passwords that make it more difficult for hackers to crack them.)

 

  1. St. Jude says Muddy Waters, MedSec video shows security feature, not flaw: St. Jude Medical, is a medical device company which makes pacemakers. MedSec is a Cyber security firm that specializes in security flaws in medical devices. Muddy Waters Research is a due diligence based investment firm. After a yearlong research by Medsec, it was found that St Jude’s products had severe issues. Medsec did not responsibly disclose its findings to St Jude but instead joined hands with Muddy waters to profit in the stock market with this information. St. Jude has refuted the allegations and has issued a statement saying the supposed “flaw” was actually a “security feature. If attacked, the pacemakers place themselves into a ‘safe’ mode to ensure the device continues to work.

 

  1. Double Whammy – Ransomware steals data before Encrypting: Betabot, the first known weaponized password-stealing malware that also infects victims with ransomware in a second stage of attack. In many instances it is still able to evade detection, it uses the Neutrino exploit kit, which uses infected documents disguised as CVs to ask the victim to enable macros. If they do, the malware is able to steal login data and passwords from web browsers. The Trojan then downloads and installs the Cerber ransomware onto the victim’s computer, demanding the user pays up in order to regain access to their compromised machine.

 

  1. ‘Guccifer’ gets 52-month Jail term: Romanian hacker “Guccifer,” who pleaded guilty in May this year to hacking and identity theft of around 100 high-profile Americans, has been sentenced to 52 months in prison by a US court. Guccifer hacked the email and social media accounts of his victims between October 2012 and January 2014 and made public confidential emails, photographs and private medical and financial data. Not to confuse with Guccifer 2.0, the hacker behind the DNC hack.

 

  1. Suspect arrested for 2011 Linux Kernel organization breach: In September 2011, kernel.org site that hosts the core development infrastructure behind the Linux kernel was breached. For the last five years, not many details about the attack were revealed and the attacker remained at large—that is, until he was picked during a traffic stop in Miami – last week. The hacker had managed to steal login credentials of one of the Linux Kernel Organization system administrators in 2011 and used them to install a hard-to-detect malware backdoor, dubbed Phalanx, on servers belonging to the organization. Using this backdoor, he installed malware on various Linux installations. He faces a possible sentence of 40 years in prison as well as $2 Million in fines. Threat protection for Linux can help in such situations.

 

  1. California may soon treat Ransomware as extortion: Ransomware may soon be regarded as a form of extortion in California once legislation is approved by governor. The Bill if passed, could land culprits in jail for two to four years. The move has received widespread support from different quarters that want ransomware attacks to be treated as a felony. The state’s law enforcement unit and the tech sector all support the legislation.

 

  1. SWIFT reveals new hacking attempts on member Banks: SWIFT has revealed new hacking attempts on several member banks following its June disclosure of the $81-million Bangladesh Bank heist and is pushing members to comply with new safety features. “The threat is persistent, adaptive and sophisticated – and it is here to stay,” SWIFT told the banks. SWIFT members have been warned that failure to meet a November 19 deadline for installing latest security software would be reported to banking regulatory bodies and partners.

 

  1. India registers 350 percent rise in cybercrime in last three years: According to a study, in India, there has been a surge of approximately 350% in cybercrime cases registered under the Information Technology (IT) Act, from the year of 2011 to 2014. The Indian Computer Emergency Response Team (CERT-In) has also reported a surge in the number of incidents handled by it, with close to 50,000 security incidents in 2015. Bangalore leads in the number of cybercrime cases, the city recorded 1,041 cybercrime cases in 2015, the highest among the country’s 53 mega cities, and a 42% increase over the 2014 figures. State-wise data shows the worst states to be: Maharashtra (2,195 cases) and Uttar Pradesh (2,208). Most cases relate to credit card fraud, email hacking and online cheating, including fake lottery scams. Use of technology and building awareness can reduce cybercrime.
Read More »