Abstract: A method of determining a probability that a received email comprises a phishing attempt may comprise analyzing a link therein to determine whether the link comprises a phishing attempt. This determination may comprise comparing features of the link with records stored in a remote database to determine whether the link comprises a phishing attempt. It may be determined that the link comprises a phishing attempt if there is a match. If the compared features do not match the records stored in the remote database, a multi-dimensional input vector may be built from features of the link, which input vector may then be input into a phishing probability engine. The probability that the link comprises a phishing attempt may be computed by the phishing probability engine. Thereafter, the received email may be acted upon according to the computed probability that the link comprises a phishing attempt.

Abstract: A method of authenticating a network client to a relying party computer via a computer server comprises the computer server receiving a transaction code from a token manager via a first communications channel. The network client is configured to communicate with a token manager which is configured to communicate with a hardware token interfaced therewith. The network client is also configured to communicate with the relying party computer and the computer server. The computer server also receives a transaction pointer from the relying party computer via a second communications channel that is distinct from the first communications channel. Preferably, the transaction pointer is unpredictable by the computer server. The computer server transmits an authorization signal to the relying party computer in accordance with a correlation between the transaction code and the transaction pointer. The authorization signal facilitates authentication of the network client to the relying party computer.

Abstract: A method for detecting an attack in a computer network includes monitoring communication traffic transmitted over connections on the network that are associated with a stateful application protocol so as to detect respective states of the connections, and analyzing a distribution of the states so as to detect the attack.

Abstract: A system has a plurality of transceiver units, including a parent unit and one or more portable and wearable child units, for generating an alarm when a child transceiver unit is more than a predetermined distance away from a parent transceiver unit. The distance is determined by the difference in the phase of a reference signal from the time it is transmitted on an rf signal by a parent unit, received and retransmitted by a child unit, and then received again by the parent unit.

Abstract: A system generates an alarm at one unit of the system when a second unit of the system is more than a predetermined distance from the first unit. The system has a first transceiver unit with a first transmitter for transmitting a first reference signal having a phase with respect to a reference source, and a first receiver for detecting a second reference signal having a phase which bears a relationship to that of the first reference signal. There is a second, portable, transceiver unit with a second transmitter for transmitting the second reference signal after receipt of the first reference signal. The first transceiver unit includes a distance resolver for determining the distance between the two transceiver units from the phases of the first and second reference signals, and an alarm, responsive to the distance resolver, for generating an alarm signal if the distance between the two transceiver units is more than a predetermined amount.

Abstract: A cover for a cabinet of the kind having an exposed portion to which access is to be controlled in which the cover has a panel to be attached to the cabinet; the panel has an opening corresponding to the exposed portion; a movable door is arranged to obstruct access to the exposed portion when the door is in a first location, and to permit access to the portion through the opening when the door is in a second location; and a locking mechanism is provided both for locking the panel to the cabinet and for locking the door in the first location. In another aspect, there are a plurality of doors arranged to obstruct access to the exposed portions; the cover has a first state in which a locking mechanism locks only one door in a first location and another state in which the locking mechanism locks at least another door. In another aspect, the doors, when not obstructing access via openings in the panel, lie in parallel planes adjacent to the panel in an area spaced away from the opening.