Abstract: Techniques are disclosed for enhanced crawling of unexposed web applications for vulnerability scanning purposes. A response to a request to a web application is received and a web application framework detection routine is executed on the response. A determination is made that a web application framework is part of the response and the response is loaded in a web browser associated with the web application. A custom web application framework hook for the web application framework is injected into a web page of a web browser and a list of Document Object Model (DOM) elements and corresponding event handlers is received. A determination is made, based on the list, to execute DOM events to discover functionality of the web application. The DOM events are executed, and network activity of the web browser during execution of the DOM events is recorded.

Abstract: The present invention provides an electronic device, an external input device and a method for connecting the electronic device and the external input device. An electronic device according to various embodiments comprises: a camera module; a communication module, a display, a memory; and a processor electrically connected to the camera module, a communication module, a display and memory, wherein the processor displays, on the display, images comprising a left-eye image and a right-eye image, determines whether or not a connectable external input device is present if an event for the connection with the external input device occurs with respect to the images, displays, on at least one part of the display, external images, obtained by means of the camera module, if a connectable first external input device is present, and can perform connection with the first external input device. Moreover, other embodiments are possible.

Abstract: The disclosure extends to methods, systems, and devices for crowdsourcing an outcome to an issue through a platform. The method includes receiving voting data comprising a vote for an election from a user associated with an account facilitated by a voting server. The method includes generating a record for storing the voting data, wherein the record includes: a hashed identifier assigned to the user of the account, a public key assigned to the user of the account, and the voting data. The method includes broadcasting the record to a distributed network and storing the record on a blockchain database.

Abstract: An identity of an email-address utilized by a client device is verified. According to one example, a server receives a request for verifying the identity of the email-address and calculates a first verification token, which is transmitted to the email address to be verified. The first verification token is received by the client device, which in response calculates a second verification token. The second verification token is transmitted to the server. The server verifies the identity of the email-address by verifying that the first and second verification tokens are identical. Other examples are disclosed.

Abstract: Systems, devices, and techniques for service authorization are described. A described device includes a transceiver to communicate with an authorization server, and a processor. The processor can set an authorization timer for a first time period based on obtaining an authorization from the authorization server, and activate device features for a duration of the first time period. The processor can receive from the authorization server an authorization message that includes an authorization key hash based on a shared secret key and a server timestamp, determine a local key hash based on the shared secret key and a local timestamp, set the authorization timer for a second time period based on the authorization key hash matching the local key hash, and maintain an activation of the features for a duration of the second time period.

Abstract: A method includes receiving a data capture event affecting personal data of a user stored in at least one storage device of a computing system and mapped in a privacy graph database. Personal data of the user may be identified in the data capture event and classified into the data categories. In response to the data capture event, a mapping of user-centric nodes associated with the at least one user associated with other users in the privacy graph database is automatically updated using the classified personal data in the data capture event. A request by a requester for personal data of at least one specific user stored in the at least one storage device is received. The privacy graph database is queried to provide the requested personal data and locations of the requested personal data of the at least one specific user in the request stored in the computing system.

Abstract: A computer-implemented method comprising: accessing, at a client device, a first artifact and artifact metadata corresponding to the artifact; creating, at the client device, an artifact cryptographic digest corresponding to the artifact to certify existence of the artifact; transmitting, at the client device, the artifact cryptographic digest and artifact metadata to a server; adding, at the server device, the artifact cryptographic digest to a block chain; and adding, at the server device, the artifact cryptographic digest, the artifact metadata and the first artifact to a data storage device separate and distinct from the block chain to reference the artifact cryptographic digest on the block chain.

Abstract: Software for immutably storing computational determinations using distributed ledgers. The software performs the following operations: (i) receiving an indication that a first computational model is ready to be deployed; (ii) storing a copy of the first computational model in a first distributed ledger; (iii) computing a hash of the first computational model using a cryptographic hash function; (iv) receiving an indication that a second computational model has been used to produce a first computational determination; (vi) receiving a hash of the second computational model; and (vii) in response to determining that the hash of the second computational model matches the hash of the first computational model, storing a record of the first computational determination in a second distributed ledger, wherein the record of the first computational determination identifies the second computational model as being the first computational model and includes the hash of the first computational model.

Abstract: Disclosed are systems and methods for personalized care management. The method includes collecting login credentials of a user. The login credentials are checked and the user is authenticated accordingly. Then, user profile of the user is accessed to determine a specific role of the user. Based on the specific role of the user, a user interface is presented on a user device of the user. The user interacts with the user interface by providing at least one voice input including a request. Further, a notification is generated based on the voice input of the user for at least one user. The at least one user provides at least one voice input including a response for the user via a user interface on at least one user device of the at least one user. The response is presented to the user through the user interface.

Abstract: This invention relates to a process for detecting and mitigating risk generated when a customer's log-in credentials are compromised. A significant majority of stolen credentials and customer's personally identifiable information data eventually make their way to the dark web. By dynamically monitoring the dark web and combining the analysis with related information about the user and their credentials on the deep web and the surface web, through a machine learning model, a service provider pre-emptively or otherwise can act to mitigate the risk arising from such compromise of said customer log-in credentials.

Abstract: A distributed access control system is disclosed. A payload is received at a voted principal from the client. The voted principal is selected from the plurality of minors. The payload is passed to the minors, and the user is verified by a consensus of the minors. A response packet, which includes an authentication unit, is prepared via a consensus of minors. The response packet can be provided to the client via the voted principal. The ledger is updated to include the authentication unit.

Abstract: Provided are a computer program product, system, and method for offloading processing of writes to determine malicious data from a first storage system to a second storage system. Write data for a first storage is cached in a first cache in the first storage system and copied to a second cache in the second storage system. The second storage system determines whether the copy of the write data comprises random data according to a randomness criteria. The second storage system returns a message to the first storage system indicating that the write data comprises malicious data if random or not malicious data if not random. The first storage system destages the write data in the first cache if the message indicates not malicious data or processes the write data in the first cache as malicious data if the message indicates malicious data.

Abstract: A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication via a backchannel to reduce the potential for malicious third-party impersonation of the client prior to transfer of the call to the customer call center. Pre-authorized customer support calls may be intelligently and efficiently routed directly to call center agents, without incurring further delay. During call handling, call center agents may initiate further client authentication processes, including contactless card authentication requests, over one or more different communication channels for authorizing access to sensitive information or to allay suspicion.

Abstract: Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.

Abstract: An always-listening-capable decoupled cap for a computing device having a communication module is disclosed, comprising an electronic sensor and a gatekeeping module. All data received by the communications module based on data from the electronic sensor passes through the gatekeeping module while a gatekeeping function is disabled, no data based on data from the electronic sensor passes through the communications module while the gatekeeping function is enabled, all data input to the gatekeeping module is received via an exclusive input lead from the electronic sensor, and all data output from the gatekeeping module is transmitted via an exclusive output lead to a component other than the electronic sensor. The cap interferes with a function of the computing device, determines that user input recorded by the first electronic sensor comprises a first input content, and changes a nature of interference with the function of the computing device.

Abstract: A transmitting device and a receiving device independently generate shared encryption keys by exchanging a ternary datastream composed of trits encoded by polarized photons generated and measured using one of two polarization orientations. The first orientation defines two mutually-orthogonal polarization axes and a mixed polarization state formed by a combination of the two axes for that orientation. The second orientation also define two mutually-orthogonal polarization axes and a mixed polarization state formed by a combination of the two axes for that orientation. The mutually-orthogonal axes of one orientation are combinations of the mutually-orthogonal axes of the other orientation. The sender and receiver independently choose an orientation for each trit and use trits where each party's polarization orientations agree to determine addresses in separate cryptographic tables belonging to each party.

Abstract: A method and a computer for protecting a computer, particularly an industrial automation component, against cybercriminal threats, wherein application programs are installed on the computer, different application programs being required for different functions of the computer, where at least two security stages are defined, such that for each security stage, functions are defined that are either undeactivatable in the event of cybercriminal threats to the functions and/or deactivatable in the event of cybercriminal threats to the functions, where identified functions and modules are selected which are allowed to be deactivated, and where selected modules are blocked, and functions are deactivated such that it is possible to dynamically deactivate optional software modules depending on cybercriminal threats and security stage of the computer to thereby constantly and optimally adapt the usable functional scope of the computer to a threat location and applicable respective operating conditions.

Abstract: A selection of data types is defined from available log data for an evaluation of events associated with an entity. One or more evaluations associated with the entity are defined and reference data is generated from the selection of data types based on the one or more defined evaluations. The one or more evaluations are grouped into a pattern. A three dimensional (3D) score diversity diagram visualization is initialized for display in a graphical user interface, where a point representing the entity in the visualization is localized in 3D space at a coordinate based on two-dimensional (2D) coordinates in a 2D coordinate system of a centroid of the calculated area of a polygon placed to into the 2D coordinate system and defined by the values of each evaluation associated with the entity.

Abstract: Methods and apparatus for evaluating collected data relating to online activity, and modification of services within a service provider network. In one embodiment, a service provider collects data relating to the online activity of users of third-party services and correlates the data with subscribers of the service provider to generate useful products and analytics (e.g., classifications, behavioral models, etc.) containing information relating to the subscribers' online activity. The generated products may be used to determine whether and how to modify services provided to individual subscribers, exported for use by third parties, or for other purposes.

Abstract: System and methods are disclosed for organizations to run a test against an active directory list to see if any user-provided passwords have been part of an existing data breach. Utilizing information from such a test identifies users that have weak passwords, reused passwords or shared passwords that have been associated with an earlier breach. With this information, the organization can seek to reduce risk by training staff for this specific issue in a timely and appropriate manner to significantly reduce the risk of a future breach by those identified users. Training can be customized and targeted at those users who attempt to use passwords that have been associated with a breach (either of their own account or of another account on the same or related domain.