Patents Assigned to Cloud Linux Software Inc.
-
Patent number: 12475230Abstract: Disclosed herein are systems and methods for automatic detection, fixing, and monitoring of vulnerabilities. In one aspect, an exemplary method comprises receiving as an input an artifact, when the received artifact is vulnerable, building the artifact for a new release, scanning a library containing the new release of the artifact to determine whether the library is safe for publishing, and publishing the library to an accessible artifact depository when the library is safe for publishing. In one aspect, the building of the artifact for the new release includes, scanning a dependency tree, replacing the vulnerable version by a safe version of the artifact when a safe version is available, fixing the vulnerable version of the artifact using known patches when a safe version of the artifact is not available, adding a postfix to a group ID of the artifact for distinguishing the fixed version from prior versions of the artifact.Type: GrantFiled: October 23, 2023Date of Patent: November 18, 2025Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Evgenii Frolikov, Andrei Popov, Dmitry Turmyshev
-
Patent number: 12432251Abstract: Disclosed herein are systems and method for detecting and resolving account compromise, the method comprising: configuring a web application firewall (WAF) to monitor events in a web application following a successful login into a user account of the web application; collecting, by the WAF, event data of a user session on the web application; determining whether the collected event data comprises malicious activity by comparing the collected event data to historic event data indicative of the malicious activity; in response to determining, by the WAF, that the collected event data corresponds to the historic event data: storing an indication that the user account is compromised in a database; generating an alert indicating that the user account is compromised, wherein the alert comprises a prompt to reset a password of the user account; and blocking, by the WAF, further access to the user account in the user session.Type: GrantFiled: May 11, 2023Date of Patent: September 30, 2025Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Serhii Polishchuk, Marat Sataiev
-
Patent number: 12430434Abstract: Disclosed herein are systems and method for blocking malicious script execution. In one exemplary aspect, the method includes determining, on a first computing device of a plurality of computing devices, that a first script on the first computing device is malicious. The method includes identifying a plurality of operations in an execution flow of the first script and generating a first hash value of attributes associated with the plurality of operations in the execution flow, wherein the attributes omit a name of the first script and a location of the first script on the first computing device. The method includes generating a first rule that prevents execution of any script whose generated hash value would match the first hash value of the first script and transmitting the first rule to a second computing device that subsequently blocks scripts based on the first rule.Type: GrantFiled: January 6, 2023Date of Patent: September 30, 2025Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Aleksei Berezhok, Evgenii Vodilov, Grigorii Zemskov
-
Patent number: 12273385Abstract: Disclosed herein are systems and method for automated malicious code replacement. In one exemplary aspect, a method may comprise scanning for malicious content in a file comprising a script written in an interpretable programming language, wherein the malicious content triggers malicious activity on a computing device that stores the file. The method may comprise detecting a malware injection in the file based on the scanning, wherein the malware injection comprises at least one operator that enables the malicious activity. The method may comprise identifying a benign operator that can replace the at least one operator to prevent execution of the malicious activity without causing a syntax error. The method may comprise updating the file by replacing the at least one operator with the benign operator.Type: GrantFiled: January 24, 2022Date of Patent: April 8, 2025Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Andrey Kucherov
-
Patent number: 12184679Abstract: Aspects of the disclosure describe methods and systems for detecting malicious entities using weak passwords for unauthorized access. In one exemplary aspect, a method may comprise intercepting, using a WAF, a password input during a login attempt to a web application by an entity. In response to determining that the password is in a database of weak passwords, the method may comprise generating for display, using the WAF, a web page prompting for a password reset for the web application, storing, in a database, an IP address of the entity and information about the login attempt, retrieving information about a first plurality of login attempts made by the entity in the web application for different user profiles. In response to determining that at least a first threshold number of login attempts have been performed by the entity, the method may comprise storing the IP address in a black list.Type: GrantFiled: September 13, 2021Date of Patent: December 31, 2024Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Dmitrii Sidorov, Sergey Polischuk
-
Patent number: 12101315Abstract: Disclosed herein are systems and methods for rapid password evaluation. A method may include: configuring a web application firewall (WAF) to monitor login credentials for one or more web applications; intercepting, using the WAF, a password input during a login attempt to a web application by an entity; calculating a hash value of the password input; transmitting the hash value to a dedicated server configured to: determine whether the hash value is in a database of hashes corresponding to weak passwords; and in response to determining that the hash value is in the database of hashes, transmit a message to the WAF indicating that the password input corresponds to a weak password; and generating for display, using the WAF, a web page prompting for a password reset for the web application.Type: GrantFiled: July 25, 2022Date of Patent: September 24, 2024Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Serhii Polishchuk, Marat Sataiev
-
Patent number: 12099565Abstract: Disclosed herein are a system and method for caching shortcodes and database queries, a method including: detecting a request to load a webpage from a web browsing application on a first computing device, wherein the webpage includes a shortcode; determining a first amount of time spent executing the shortcode to load the webpage; determining whether the first amount of time is greater than a threshold amount of time; in response to determining that the first amount of time is greater than the threshold amount of time, identifying the shortcode as a cache candidate; determining a time-to-live (TTL) value for the shortcode; and storing content of the shortcode in a cache of a server hosting the webpage until the TTL value expires.Type: GrantFiled: April 8, 2022Date of Patent: September 24, 2024Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Dmitriy Leonov, Ivan Zhmud
-
Patent number: 12032693Abstract: Disclosed herein are systems and method for detecting malware signatures in databases. In one exemplary aspect, a method may comprise identifying a plurality of entries of the database, wherein each entry represents a record stored on a computing device and selecting at least one suspicious entry in the plurality of entries. The method may comprise retrieving a record associated with the suspicious entry and applying a transformation to original contents of the record. The method may comprise scanning the transformed contents of the record for a malware signature. In response to detecting a portion of the transformed contents that matches the malware signature, the method may comprise executing a remediation action that removes a corresponding portion from the original contents of the record and updating the database by replacing the at least one suspicious entry with an entry of the record on which the remediation action was executed.Type: GrantFiled: August 5, 2021Date of Patent: July 9, 2024Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Alexey Parfenov
-
Patent number: 12032689Abstract: Disclosed herein are systems and method for preventing zero-day attacks. A method may include receiving a first report including information about an execution of a first script of an application that modifies a file on a first computing device, and receiving a second report including an indication that the file includes malicious code. In response to determining that an identifier of the file is present in both the first report and the second report, the method may include generating and transmitting, to the first computing device, a first rule that prevents execution of any script that shares at least one operation of the first script. The method may include, in response to determining that a vulnerability detected by the first rule is not present in a vulnerability database, generating an entry in the vulnerability database for the vulnerability as a zero-day vulnerability and transmitting an alert to the application developer.Type: GrantFiled: December 14, 2021Date of Patent: July 9, 2024Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Serhii Brazhnyk
-
Patent number: 11936685Abstract: Disclosed herein are systems and method for blocking novel attack vectors. In one aspect, a detected security incident and a consequential event are correlated such that the combination of the security incident and the consequential event are identified as an attack vector. A method may comprise generating and executing a rule that blocks the consequential event in response to detecting the security incident.Type: GrantFiled: October 13, 2021Date of Patent: March 19, 2024Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Marat Sataiev
-
Patent number: 11762987Abstract: Systems and methods are provided for data randomization using live patching. A method may comprise generating a plurality of randomization live patches, wherein each randomization live patch comprises a respective technique for swapping data values within a data structure. The method may comprise identifying software comprising at least one of: an operating system and an application, identifying a first data structure associated with the software, and selecting a first randomization live patch from the plurality of randomization live patches. The method may comprise modifying, during runtime and without restarting the software, the software using the first randomization live patch such that data values within the first data structure are swapped or shifted in accordance with a first technique.Type: GrantFiled: January 24, 2022Date of Patent: September 19, 2023Assignee: Cloud Linux Software Inc.Inventor: Kirill Korotaev
-
Patent number: 11663012Abstract: Disclosed herein are systems and method for detecting coroutines. A method may include: identifying an application running on a computing device, wherein the application includes a plurality of coroutines; determining an address of a common entry point for coroutines, wherein the common entry point is found in a memory of the application; identifying, using an injected code, at least one stack trace entry for the common entry point; detecting coroutine context data based on the at least one stack trace entry; adding an identifier of a coroutine associated with the coroutine context data to a list of detected coroutines; and storing the list of detected coroutines in target process memory associated with the application.Type: GrantFiled: November 29, 2021Date of Patent: May 30, 2023Assignee: Cloud Linux Software Inc.Inventors: Igor Seletskiy, Pavel Boldin
-
Patent number: 11550899Abstract: Systems and methods are provided for reducing attack surface of a software environment by removing code of an unused functionality. A security hardening module may identify a portion of code of a software, the software comprising at least one of: an operating system and an application. The security hardening module may determine whether the portion is being utilized, and in response to determining that the process is not being utilized, the security hardening module may generate a live patch that removes the portion from the code and may modify, during runtime, the software using the live patch without restarting the software.Type: GrantFiled: October 14, 2019Date of Patent: January 10, 2023Assignee: Cloud Linux Software Inc.Inventor: Kirill Korotaev
-
Patent number: 11409862Abstract: A variety of methods are provided for an application or operating system (OS) kernel intrusion detection and prevention, based on verification of security invariants and legitimacy of security state transitions from the past historical state. Methods are provided for an application or OS kernel intrusion detection and prevention for unknown attack vectors and vulnerabilities based on additional security checks added to the software by means of live patching.Type: GrantFiled: July 22, 2019Date of Patent: August 9, 2022Assignee: Cloud Linux Software Inc.Inventor: Kirill Korotaev
-
Patent number: 11263295Abstract: A variety of methods are provided for an application or operating system (OS) kernel intrusion detection and prevention, based on usage of existing vulnerability fixes and their transformation into honeypot detectors. A honeypot patch may be generated for a computing system associated with a software vulnerability in software installed on the computing system. The honeypot patch, when used to modify the installed software, can convert the computing system into a honeypot system configured to detect attempts to exploit the software vulnerability of the software, and in response, generate a security event associated with the software vulnerability.Type: GrantFiled: July 8, 2019Date of Patent: March 1, 2022Assignee: Cloud Linux Software Inc.Inventor: Kirill Korotaev