Abstract: A threat monitoring and vulnerability management system is disclosed. The system includes one or more sensors configured to scan a frequency spectrum of a project 25 (P25) network and to collect data on the P25 network.

Abstract: A computer-implemented method of generating an augmented electronic text document comprises establishing a directed multigraph where each vertex is associated with a separate language and is connected to at least one other one of the vertices by an oriented edge indicative of a machine translation engine's ability to translate between languages associated with the vertices connected by the oriented edge with acceptable performance. The directed multigraph is then traversed starting at a predetermined origin vertex associated with an original language of the original electronic text document by randomly selecting an adjacent vertex pointed to by an oriented edge connected to the predetermined origin vertex and causing a machine translation engine to translate the original electronic text document from the original language to a language associated with the selected vertex.

Abstract: A computer-implemented method of generating an augmented electronic text document comprises establishing a directed multigraph where each vertex is associated with a separate language and is connected to at least one other one of the vertices by an oriented edge indicative of a machine translation engine's ability to translate between languages associated with the vertices connected by the oriented edge with acceptable performance. The directed multigraph is then traversed starting at a predetermined origin vertex associated with an original language of the original electronic text document by randomly selecting an adjacent vertex pointed to by an oriented edge connected to the predetermined origin vertex and causing a machine translation engine to translate the original electronic text document from the original language to a language associated with the selected vertex.

Abstract: The embodiment herein provides a method for securely transmitting a firmware update image to a device using a key management system. The key management subsystem includes a cellular modem. The method includes (i) configuring a SIM of the cellular modem to update a public key of a server using a key manager module of the Subscriber Identity Module (SIM), (ii) enabling the SIM to receive an encrypted key package from the server, using the cellular modem, (iii) processing the encrypted firmware update image that has to be transmitted to the device using the SIM and (iv) transmitting the decrypted key package to the device to enable implementation of the decrypted key package into the device using the SIM.

Abstract: Security is provided for enterprise local area networks (LANs) by pre-vetting and identifying the security characteristic and actions of any new wireless networks that tries to connect to a secure LAN network. The disclosure herein provides for identification and classification of IEEE 802.11 wireless networks by using monitoring sensor system within and managed by a centralized cloud. The monitoring sensors interrogate the network mimicking the behavior of known platforms, such as an end-user's workstation or mobile device followed by random actions simulating a human person. The response characteristics of the wireless network including the behavior patterns relating to the LAN system and human behavior are collected.

Abstract: A computer-implemented method may comprise receiving an electronic message (such as a legitimate email or malicious phishing email, for example) over a computer network, the electronic message containing a uniform resource locator (URL). The URL in the received electronic message may be parsed and one or more original parameter may be identified therein. The type of the identified original parameter(s) may be determined. The identified original parameter(s) may then be transformed according to a parameter transformation rules, selected according to the determined type. to generate transformed parameter(s). The URL may then be reassembled by substituting the transformed parameter(s) for the original parameter(s). The website pointed to by the reassembled URL may then be accessed, over the computer network, using the transformed parameter(s) only if the reassembled URL meets a predetermined minimum criterion.

Abstract: A computer-implemented method may comprise collecting and storing a plurality of electronic messages and a corresponding plurality of phishing kits, each of which being associated with one or several malicious Uniform Resource Locator (URL) and extracting a set of features from each of the plurality of electronic messages. For each of the extracted set of features, the method may comprise determining a set of optimal scanning parameters using one or more decision trees, trained with a supervised learning algorithm based on programmatically or manually examining or reverse-engineering the source code of the phishing kits, or trained with a supervised learning algorithm based on a function that iteratively requests data from the websites pointed to by the malicious URLs and examines data and codes returned by such requests.

Abstract: A modular EMF/RF shielded enclosure having interconnected walls, floor and ceiling panel members such that passage of EMF/RF form or into the enclosure is blocked or attenuated. Quick-connect, quick-release compressive connector members composed of electrically conductive material are used to join adjacent panel members, such that the connector members carry the common ground between adjacent panels and a continuous shielding envelope in the nature of a Faraday cage is formed.

Abstract: A computer-implemented method of preventing leakage of user credentials to phishing websites may comprise capturing user credentials input to website; updating a stored list of trusted website credentials upon determining that the domain of the URL of the website is present in a stored list of trusted websites; generating a hash of the captured user credentials; determining whether the hashed user credentials matches one of the hashed user credentials in the list of trusted website credentials; and when a match is found, requesting input whether the website is trusted or whether the website is unknown and/or untrusted; sending the URL to a remote computer server when the input indicates that the website is unknown and/or untrusted and disallowing submission of the user credentials to the website; adding the domain of the URL to the stored list of trusted websites, adding the generated hash of the captured user credentials to a stored list of trusted website credentials and allowing submission of the user cred

Abstract: A computer-implemented method of generating an augmented electronic text document comprises establishing a directed multigraph where each vertex is associated with a separate language and is connected to at least one other one of the vertices by an oriented edge indicative of a machine translation engine's ability to translate between languages associated with the vertices connected by the oriented edge with acceptable performance. The directed multigraph is then traversed starting at a predetermined origin vertex associated with an original language of the original electronic text document by randomly selecting an adjacent vertex pointed to by an oriented edge connected to the predetermined origin vertex and causing a machine translation engine to translate the original electronic text document from the original language to a language associated with the selected vertex.

Abstract: A protection system, method, and a security device can protect an operational technology (OT) system having connected hardware equipment, including at least an interface that can receive a control communication and an industrial control device (ICD) for controlling at least one industrial device. They feature tasks/steps that receive control communication from the communication interface, determine whether the received control communication contains an undesirable control command, and either pass or block the received control communication to the ICD depending on whether the received control communication contains an undesirable control command. The security device can be disposed between a source of communication in an OT network and the ICD for protection.

Abstract: A computer-implemented method of unsubscribing a recipient of an electronic message may comprise identifying and extracting an unsubscribe Universal Resource Indicator (URI) from the electronic message and carrying out a dynamic unsubscribe scenario if the extracted unsubscribe URI matches a known unsubscribe URI. The dynamic unsubscribe scenario may comprise instructions that are selectively executed depending on contents of a single unsubscribe form in a webpage pointed to by the extracted unsubscribe URI. These instructions may comprise finding and filling in a single input field in the webpage that is relevant to unsubscribing with an electronic address of the recipient or finding and updating a user interface element that is relevant to unsubscribing. The single unsubscribe form with the filled in single relevant input field or updated user interface element may then be submitted and a determination may be made whether an unsubscribe confirmation message was generated.

Abstract: A computer-implemented method of preventing leakage of user credentials to phishing websites may comprise capturing user credentials input to website; updating a stored list of trusted website credentials upon determining that the domain of the URL of the website is present in a stored list of trusted websites; generating a hash of the captured user credentials; determining whether the hashed user credentials matches one of the hashed user credentials in the list of trusted website credentials; and when a match is found, requesting input whether the website is trusted or whether the website is unknown and/or untrusted; sending the URL to a remote computer server when the input indicates that the website is unknown and/or untrusted and disallowing submission of the user credentials to the website; adding the domain of the URL to the stored list of trusted websites, adding the generated hash of the captured user credentials to a stored list of trusted website credentials and allowing submission of the user cred

Abstract: A computer-implemented method of detecting an email spoofing and spear phishing attack may comprise generating a contact model of a sender of emails; determining, by a hardware processor, a statistical dispersion of the generated contact model that is indicative of a spread of a distribution of data in the generated model and receiving, over a computer network, an email from the sender.

Abstract: A system and method are provided that enable identifying and trapping cyber security attacks via wireless connectivity on enterprise and corporate networks. A deceptive network emulation of a specific customer network is used to invite and draw in possible attackers. The attacker is also enticed to initiate attack on the emulated deceptive network. Packet header inspection and deep packet evaluation of the attack are used for generating possible signatures of the attacker and the attack. The information from deep packet inspection combined with the understanding of attack modality derived from enablement of attack on the deceptive network are used to generate detailed defensive methodologies, response capabilities and attack signatures, so that various types of cyber attacks including zero-day attacks from the attacker can be identified, prevented or addressed and responded to.

Abstract: An overlay cyber security networked system and method that includes one or more devices configured to monitor physical-level signal information to determine a cyber security threat or breach event based on activity occurring with physical signals present at one or more components of a Process Control Network (PCN), enabling forensic analysis. The overlay cyber security networked system also provides information needed for real-time incident management by capturing logs of relevant events at various points in the network hierarchy starting at the analog signaling from the sensors to detect unauthorized variances in operational parameters, thereby providing a defense in depth security architecture for PCN-based systems.

Abstract: A cyber signal isolator system and a cyber signal isolator method for protecting a component of an Industrial Control System are described. The cyber signal isolator system includes one or more devices configured to monitor physical-level signal information to determine a cyber security threat or breach event based on activity occurring with physical signals present at one or more components of an Industrial Control System.

Abstract: A computer-implemented method of unsubscribing a recipient of an electronic message may comprise identifying and extracting an unsubscribe Universal Resource Indicator (URI) from the electronic message and carrying out a dynamic unsubscribe scenario if the extracted unsubscribe URI does not match a known unsubscribe URI pattern. The dynamic unsubscribe scenario may comprise instructions that are selectively executed depending on contents of a single unsubscribe form in a webpage pointed to by the extracted unsubscribe URI. These instructions may comprise finding and filling in a single input field in the webpage that is relevant to unsubscribing with an electronic address of the recipient or finding and updating a user interface element that is relevant to unsubscribing. The single unsubscribe form with the filled in single relevant input field or updated user interface element may then be submitted and a determination may be made whether an unsubscribe confirmation message was generated.

Abstract: A computer-implemented method may comprise receiving an electronic message (such as a legitimate email or malicious phishing email, for example) over a computer network, the electronic message containing a uniform resource locator (URL). The URL in the received electronic message may be parsed and one or more original parameter may be identified therein. The type of the identified original parameter(s) may be determined. The identified original parameter(s) may then be transformed according to a parameter transformation rules, selected according to the determined type. to generate transformed parameter(s). The URL may then be reassembled by substituting the transformed parameter(s) for the original parameter(s). The website pointed to by the reassembled URL may then be accessed, over the computer network, using the transformed parameter(s) only if the reassembled URL meets a predetermined minimum criterion.

Abstract: A cyber security system and method that includes one or more devices configured to determine a cyber security threat or breach event based on analysis of operational information of a protected system.