Abstract: Systems and methods for account security are provided. In one example embodiment, a first login request including a username and a password is analyzed to identify a first internet protocol (IP) address and a first request time associated with the first login request. A login history comprising login request data for the server computer is analyzed to identify a plurality of usernames, wherein each username of the plurality of usernames is associated with a corresponding login request from the first IP address within a threshold time period of the first request time. In response to determining a login success ratio is below a threshold login success ratio and a number of unique usernames in the analyzed data is above the unique username threshold, the system automatically performs a security action.

Abstract: Systems and methods include: collecting digital event data for the digital account; using a trained machine learning model to extract account takeover (ATO) risk features from the collected digital event data; evaluating the extracted ATO risk features of the collected digital event data of the digital account against a plurality of ATO risk heuristics; identifying one or more of the plurality of ATO risk heuristics that is triggered by the extracted ATO risk features, wherein one or more of the plurality of ATO risk heuristics may be triggered if at least a subset of the extracted ATO risk features matches requirements of the one or more ATO risk heuristics; and generating an ATO risk assessment for the digital account using the one or more triggered ATO risk heuristics.

Abstract: Private information is frequently made public or semi-public, often without foresight as to the consequences of such a divulgence. Additionally, intentionally divulged information that is intended to be maintained as private is routinely sold to advertisers and information brokers. Example embodiments of the present invention relate to a method, an apparatus and a computer-program product for encrypting privacy-related information in a data stream. The method includes receiving a data stream transmitted from a source. A contextual analysis is then performed on the content of privacy-related portions of the data stream. The privacy-related portions of the data stream are then encrypted according to the contextual analysis before being forwarded to the intended destination.

Abstract: A method and a network node device run Push-Button Configuration sessions within a heterogeneous network, IEEE 1905.1, using a push button configuration mechanism that ensures that only one single new network node device is registered for a single push button key press event and thus overlapping Push-Button Configuration sessions within a heterogeneous network are prevented. After finishing the push button configuration mode, the number of new nodes is checked. If more than one node has been added, a configuration roll-back is performed. Preferably, the push button configuration roll-back is performed as soon as the authentication of more than one distinct node has been detected. The roll-back includes the deletion or deactivation of credentials established by the push-button configuration.

Abstract: A computer-implemented method includes: generating a first list of uniform resource locators (URLs) available on a page when accessed using privileged credentials; storing one or more first URL outputs associated with the first list of URLs including the content of webpages accessed using the privileged credentials; generating a second list of URLs when accessed using non-privileged credentials; generating a third list of URLs, wherein the third list of URLs includes URLs included in the first list of URLs and not included in the second list of URLs; storing a second URL output including content of a webpage mapped to a particular URL in the third list of URLs when the particular URL is accessed using the non-privileged credentials; determining that the second URL output matches a particular first URL output associated with the particular URL; and outputting an alert identifying that the webpage is accessible by an unauthorized user.

Abstract: An apparatus for use in a digital messaging system includes a storage device and a processor coupled to the storage device. The storage device storing software instructions for controlling the processor that when executed by the processor configured the processor to: generate a first message comprising a payload portion; encrypt the payload portion of the message; derive a first session key from a domain-specific key; and sign the message using the first session key.

Abstract: A first instruction to store an entity identification (ID) in a memory of a device may be received. The entity ID may be stored in the memory in response to receiving the first instruction. Furthermore, a second instruction to store a value based on a key in the memory of the device may be received. A determination may be made as to whether the value based on the key that is to be stored in the memory corresponds to the entity ID that is stored in the memory. The value based on the key may be stored in the memory of the device when the value based on the key corresponds to the entity ID.

Abstract: Embodiments for rendering content by a processor are provided. A request to render content is received. A rendering browser to render the content on a computing device is selected from a plurality of rendering browsers. The selecting of the rendering browser is based on security information associated with at least one of the content and the plurality of rendering browsers.

Abstract: Techniques for credentials enforcement using a firewall are disclosed. In some embodiments, a system, process, and/or computer program product for enforcement using a firewall includes storing a plurality of user credentials at a network device; monitoring network traffic at the network device to determine if there is a match with one or more of the plurality of user credentials; and performing an action if the match is determined.

Abstract: A method comprises creating a word vector from a message, wherein the word vector comprises creating a word vector from a message stored in a database, wherein the word vector comprises an entry for each word of the plurality of words and each entry indicating a number of occurrences in the message of the word for that entry. The method further comprising calculating a cosine difference between the word vector and each group vector of a plurality of group vectors and assigning the word vector to a group for a group vector of the plurality of group vectors based on the calculated cosine difference between the word vector and the group vector for the group. The method may also comprise reformatting the message to include a phrase and assigning the phrase to the same group that the word vector is assigned to. The method may also comprise notifying the user.

Abstract: Provided is authentication and authorization without the use of supplicants. Authentication and authorization includes generating a profile for a device based on at least one characteristic observed during a successful attempt by the device to access an 802.1X network infrastructure. Expected characteristics for a next attempt to access the infrastructure by the device are determined. A characteristic of the next access attempt is matched to the expected characteristic and access to the network is selectively controlled as a result of the matching. This is achieved without a supplicant being installed on the device.

Abstract: A blockchain configuration may be used to store a distributed ledger for information security and accessibility. One example method of operation may include one or more of logging an asset in a blockchain, identifying a sub-asset linked to the asset, creating a use constraint for the sub-asset, logging the use constraint associated with the sub-asset, and during an access attempt of the sub-asset, prohibiting access to the sub-asset based on the use constraint.

Abstract: Protection from malware download is provided. A first input is received to access one of an email attachment or a web site link using an application. A newly generated secure virtual machine is obtained from one of a network server or a cloud computing service. The one of the email attachment or the web site link is sent to the newly generated secure virtual machine for processing.

Abstract: Encryption of a BIOS using a programmable logic device (PLD) is described. A PLD may include a static random-access memory area including programmable logic in a Lookup Table to receive a request to authenticate a basic input/output system (BIOS) executing on a processor coupled to the PLD. The PLD may calculate a hash value of a message associated with the BIOS using a Secure Hash Algorithm (SHA). The PLD may also include a random-access memory area including a first embedded random access memory block (EBR) to store a first portion of a 256-bit message digest associated with the message, a fifth portion of the 256-bit message digest, and second, third, fourth, sixth, seventh, and eighth EBRs to store second, third, fourth, sixth, seventh, and eighth portions of the 256-bit message digest, respectively.

Abstract: A system for filtering electronic messages includes a client machine that includes a security module, wherein the security module has access to at least one message sent by a sender identified in the message through respective identification data and received by the client machine, wherein the security module is configured for reading the sender's identification data from the header of the message, finding and storing any potentially harmful contents of the body of the message, verifying if said potentially harmful contents satisfy validation conditions which are specific for the sender having the identification data specified in the header of the message, allowing or denying access to at least part of the body of the message, in which the potentially harmful contents are present, based on the result of the verification.

Abstract: An electronic device has a lower power state in which power to a storage device is disabled. Predetermined information stored in a memory is useable to unlock the storage device during a procedure to transition the electronic device from the lower power state to a higher power state. The predetermined information is different from a credential for use in unlocking the storage device.

Abstract: In one embodiment, a device in a network receives traffic metrics for a plurality of applications in the network. The device populates a feature space for a machine learning-based anomaly detector. The device identifies a missing dataset in the feature space for a particular one of the plurality of applications. The device adjusts how traffic is sent in the network, to capture the missing dataset.

Abstract: A system for performing authorization of a user in a virtual reality environment includes a virtual reality user device. The virtual reality user device includes a display configured to display a virtual environment. The user device receives a virtual authentication object comprising a virtual representation of an object that the user can manipulate to enter an authentication code. The user device detects gestures performed by the user on the displayed virtual authentication object and forms an authentication request, which includes the virtual authentication object, the detected gestures; and an identifier of the user. The user device sends the authentication request to an authentication server. The authentication server determines an authentication code using the virtual authentication object and the detected gestures.

Abstract: Aspects of the subject technology relate to systems and methods for remote storage security. An encryption key is generated based at least on data stored locally by a computing device. The encryption key is bound to a context of the computing device. Data is encrypted using the encryption key. The encrypted data and information associated with the binding of the encryption key are provided for transmission to another computing device.

Abstract: A method and device for constructing an apk virus signature database and an apk virus detection system. The method comprises: obtaining a given sample set, the sample set being composed of N normal apk file samples and N virus-infected apk file samples; for any sample in the given sample set, separately obtaining M signature values of the sample according to M preset signatures; for any sample in the given sample set, separately obtaining M signature values of the sample according to M preset signatures; for any sample subset i (i=1, . . .