Firewall Firm is a Managed Cyber Security Company in India
Home » Tag: vapt companies in india

Tag Archives: vapt companies in india

Home » Tag: vapt companies in india

Penetration Testing Providers in India

Penetration Testing Providers in India

Penetration Testing Providers in India

Penetration Testing Providers in India

Penetration Testing Providers in India

Firewall Firm offers security audit services. These audits include applications, Operating systems, Networks and policy. Details of these audit processes are as below:

Policy Audit

Policy Audit service are deals with auditing of security policies. With our experience in dealing with various diverse systems and policies, we offer a unique combination of audit as well as technology skills. Policy Audits helps clients to recognizes their weaknesses and strengths as formulated in their policies and take adequate measures to reach standards prevalent elsewhere in this area.

Application Security

Firewall Firm looks into applications and audits existing policies on applications keeping in view the objectives of the client organization in terms of security. We also help clients develop secure and state of art applications through our solutions which are indicated elsewhere on this site.

Operating System Security

Operating system is the backbone which provides the platform on which applications are hosted. Firewall Firm has extensive experience in plugging the known vulnerabilities and hardening the operating system for client use. Audit services also help the client in understanding the weaknesses which exist in the system.

Network Security

Network security audit service audits the security of the network. This service looks into the areas of confidentiality, authentication and data integrity. Firewall Firm solutions team is capable of building these features on any network using standard protocols. Firewall Firm also helps clients in proper selection of network security appliances like Firewalls, IDS’s, Antivirus software and PKI solutions.

Vulnerability Assessments Services in India

Vulnerability Assessments are essential to find out the extent to which systems are exposed to threats from internal as well as external users. Firewall Firm provides these tests using the best of breed tools. You can request a sample report of the Vulnerability Assessment here. Firewall Firm conducts Vulnerability Assessment Tests in the following two ways:

Onsite Vulnerability Assessment Tests

Onsite Vulnerability Assessment is done by deploying Firewall Firm’s assessors to the client’s locations. These assessments include:

Assessment of vulnerabilities on Operating Systems ( only for servers on public IP addresses) verifying if the recent patches are applied or not.
Automated vulnerability assessments of routers and Firewalls.
Assessing the vulnerabilities on web servers, RAS, mailservers which are accessible from outside.
A detailed report regarding vulnerabilities found with recommendations for plugging the same.

Remote Vulnerability Assessment Tests

Remote Vulnerability Assessment is done by remotely accessing the Client Servers which are kept on public IP addresses. These tests include:

Assessment of vulnerabilities on Operating Systems ( only for servers on public IP addresses) verifying if the recent patches are applied or not.
Automated vulnerability assessments of routers and Firewalls.
Assessing the vulnerabilities on web servers, RAS, mailservers which are accessible from outside.
A detailed report regarding vulnerabilities found with recommendations for plugging the same.

Cyber-Security-Audit-Review

Vulnerability Assessment and Penetration Testing ( VAPT ) Service Providers in India
For more details, please contact us on
Sales :+91 958 290 7788 | Support : 0120 2631048
Register & Request Quote | Submit Support Ticket

‘Fake Stake’ attacks vulnerability found in 26 low-end cryptocurrencies

  • The flaws could enable attackers to take control over a currency’s entire blockchain transactions and conduct fraudulent operations.
  • The research team claims that the two issues were discovered in August 2018.

Two extremely dangerous security flaws have been discovered in 26 Proof-of-Stake (PoS) cryptocurrencies. The flaws dubbed as ‘Fake Stake’ attacks can allow an attacker to crash rival network nodes and gain remote access of the same up to 51 percent.

Side-effects of the flaws

The flaws were discovered by a group of four academics from the University of Illinois at Urbana-Champaign in the US. The researchers found that the flaws could enable attackers to take control over a currency’s entire blockchain transactions and conduct fraudulent operations.

PoS cryptocurrencies are particularly based on chain-based PoSv3 (Proof-of-Stake version 3). They draw the basic codes from Bitcoin’s codebase, with the PoS functionality grafted in them. However, some of these design codes are copied inappropriately, thus leading to new vulnerabilities.

“We call the vulnerabilities we found ‘Fake Stake’ attacks. Essentially, they work because PoSv3 implementations do not adequately validate network data before committing precious resources (disk and RAM). The consequence is that an attacker without much stake (in some cases none at all) can cause a victim node to crash by filling up its disk or RAM with bogus data. We believe that all currencies based on the UTXO and longest chain Proof-of-Stake model are vulnerable to these “Fake Stake” attacks,” the researchers wrote on Medium.

Impacted cryptocurrencies

The research team claims that the two issues were discovered in August 2018. Upon discovery, it started contacting the development teams of the affected cryptocurrencies in October.

However, some of the development teams could not be informed as their GitHub accounts appear to have become inactive. Demo code for reproducing the two vulnerabilities is available on GitHub.

The list of impacted cryptocurrencies includes the names of NavCOIN, Qtum, Emercoin, HTMLCOIN, ReddCoin, CloakCoin, BitBay, Linda, Phore, PotCoin and more.

Although some cryptocurrencies have deployed mitigations for the reported bugs, researchers believe that these mitigation processes are not fool-proof. Hence, they are looking out for better ways to address the problem.

Read More »