Abstract: A computer-implemented method, program-code, web-client device and computer system to realize and guard over a secure input routine based on their behavior.

Abstract: The present disclosure describes systems and methods for detection and mitigation of malicious encryption. A security agent on an infected computing device may monitor data writes to disk, memory, or network transmission buffers for strings that may represent encryption keys or moduli. The security agent may apply one or more techniques to decode and parse the string to either identify or extract the keys, or rule out the string as containing an encryption key or modulus. If a key is identified, or its presence cannot be excluded, then the security agent may generate an alert and take mitigation actions.

Abstract: MRC training can include providing a hot add notification to a UEFI BIOS FW, receiving, at an MRC agent of the FIMC and from the UEFI BIOS FW, the MRC training request, and performing, at the MRC agent in response to the MRC training request, an MRC training independent of an SMM associated with the apparatus.

Abstract: A messaging system in one embodiment includes a messaging app and one or more sticker extension apps configured to create a sticker image and render a sticker image that is displayed in a view hosted by the messaging app. The messaging app can launch, from a browsable view that includes one or more sticker extension apps, one or more of the sticker extension apps, and a sticker image created by one of the sticker extension apps can be communicated between the sticker extension app and the messaging app through an interprocess communication.

Abstract: A system of authenticating an account user includes an electronic device having a processor and a non-transitory computer-readable storage medium. The system causes an interface to be outputted by the electronic device that includes a graphical element via which a user of the electronic device who is attempting to access an electronic account can initiate a digital history verification process. The system receives a selection of the graphical element, accesses an indication of one or more electronic sources of digital history information and receives digital history information of the user that has been collected by the electronic sources. The system receives one or more verification questions that are based on at least a portion of the digital history information. The system receives from the user answers to the verification questions. In response to determining that every answer is correct, the system grants the user access to the electronic account.

Abstract: An intended signatory receives an electronic signature request that includes instructions for accessing both an unsigned document and server functionality that enables the intended signatory to electronically sign the document. To gain such access, the intended signatory must pass username and password authentication, which serves as a first authentication factor. After the intended signatory is authenticated, he/she can access the unsigned document. However, once the intended signatory is initially authenticated, it can be assumed that his/her work session is subject to being misappropriated by an unauthorized user. Thus, when a command to apply an electronic signature to the document is invoked, the would-be signatory must pass keystroke biometrics authentication, which serves as a second authentication factor.

Abstract: One embodiment is related to a method for encrypting a block based backup image file, comprising: preparing an unencrypted block based backup image file; determining whether a region of the unencrypted block based backup image file to be streamed to a backup medium corresponds to a block allocation table (BAT) region; streaming regions of the unencrypted block based backup image file determined as not corresponding to the BAT region unchanged to the backup medium; and encrypting regions of the unencrypted block based backup image file determined as corresponding to the BAT region before streaming the regions determined as corresponding to the BAT region to the backup medium.

Abstract: Systems, methods, and computer-readable storage media for intrusion protection on autonomous vehicles. As threats are detected, the nature of the threat is analyzed. A tiered response to the threat is then implemented, with an ultimate implementation including putting the autonomous vehicle in a “turtle” mode, and intermediate implementations including isolation of various subsystems. As the threats are identified and the autonomous vehicle implements the tiered responses, the autonomous vehicle records data regarding the efficiency the responses in diminishing the threat, then modifies the code which forms the autonomous algorithms such that, over time, the autonomous vehicle improves how it recognizes and responds to threats.

Abstract: Disclosed are system and method for detecting malicious code in files. One exemplary method comprises: intercepting, by a processor, one or more application program interface (API) calls during an execution of a process launched from a file of a computing device; determining and detecting, by the processor, a presence of an exit condition of the process; in response to detecting the exit condition, identifying one or more signatures of a first type and transferring one or more saved memory dumps of the computing device to an emulator for execution; and determining and identifying a malicious code in the file in response to detecting one or more signatures of a second type based at least upon execution results of the transferred memory dumps of the computing device.

Abstract: In one embodiment, a device in a network determines a set of lattice points in a multi-dimensional space constructed using message characteristics of messages exchanged between endpoint nodes in the network. The device uses the lattice points to derive vector representations of communication channels in the network with each of the communication channels being associated with one or more of the exchanged messages. A vector representation of an application in the network is based on one or more of the derived vector representations of one or more channels used to exchange messages associated with the application. The device identifies the application as associated with a first one of the channels by determining a measure of similarity between the first channel and the vector representation of the application that approximates a maximum mean discrepancy (MMD) distance between the message characteristics for the vector representations of the first channel and the application.

Abstract: In one embodiment, a browser operating on a host device receives, from a user, a request to access a web server that includes a Uniform Resource Locator (URL) associated with the web server. In response, the browser sends, to a Domain Name System (DNS) server, a request for an Internet Protocol (IP) address correlated with the domain hosting the URL, and receives, from the DNS server, a response that comprises a block policy IP address and an appropriate error code. Based on this IP address and the error code indicated in the response, the browser renders an access denied page indicating that access to the web server associated with the URL is not permitted, wherein at least a portion of the access denied page is stored in memory accessible to the browser prior to sending the request for the IP address correlated with the domain that is hosting the URL.

Abstract: An individualized software container is provided. The software container may be created by a remote entity. The software container may be located on a computer of a local entity. The software container may provide an entity separation between the local entity and at least one other entity. The software container may encompass a plurality of containers. The software container may communicate with a plurality of other software containers. The plurality of other software containers may be associated with at least one other entity. The software container may host its own database. The software container may include a plurality of security features associated with the remote entity. The software container may include a container-encrypted fingerprint (“CEF”). The CEF may enable encrypted end-to-end connection between the software container and the remote entity. The CEF may leverage fingerprinting and/or tokenization of the software container.