Abstract: A system, method, and computer-readable medium are disclosed for providing enhanced security to a wireless monitor, comprising: establishing a connection between the wireless monitor from a first device; generating a session identification for a human interface design (HID) input after the connection is established, the session identification enabling activities of an I/O device to be accepted by the wireless monitor; encrypting the activities of the I/O device to provide encrypted I/O device activities; providing the encrypted I/O device activities to the first device; and, decrypting the encrypted I/O device activities at the first device.

Abstract: Systems and methods for processing log data are provided. A set of data chunks is determined. Each data chunk is associated with a set of events, which are grouped according to a primary time dimension field of each event of the set of events. A metadata structure is determined for each of the data chunks. The metadata structure includes comprises a range of the primary time dimension field of all of the events in the data chunk and a range of a secondary time dimension field of all of the events in the data chunk. A subset of the data chunks is selected. A data chunk associated with at least one event of the plurality of events is generated according to the secondary time dimension field of the at least one event.

Abstract: Anti-malware process protection techniques are described. In one or more implementations, an anti-malware process is launched. The anti-malware process is verified based at least in part on an anti-malware driver that contains certificate pairs which contain an identity that is signed with the trusted certificate from a verified source. After the anti-malware process is verified, the anti-malware process may be assigned a protection level, and an administrative user may be prevented from altering the anti-malware process.

Abstract: Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.

Abstract: This disclosure relates generally to enterprise software management, and more particularly to systems and methods for determining digital degrees of separation for digital program implementation. In one embodiment, a digital degrees of separation determination system is disclosed, comprising a hardware processor, and a memory storing instructions executable by the processor for obtaining user credentials, and determining a user classification based on the user credentials. The processor may execute the instructions for identifying a user digital need based on the user classification, and querying a database for market-available software applications related to the user digital need. Further, the processor may execute the instructions for obtaining a list of user-accessible software applications related to the user digital need, and comparing characteristics of the market-available software applications to the user-accessible software applications.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to identify priorities of compliance assessment results of a virtual computing environment. An example method disclosed herein to identify priorities for defects includes associating, with a processor, a first defect with an asset class and a repair action, the first defect indicative of a computing resource being out of compliance with a policy, determining, with the processor, a priority for the defect based on past repair actions performed to correct past defects corresponding to the same asset class, and displaying the defect in rank order with a plurality of other defects based on the priority.

Abstract: Provided is a processing apparatus that authenticates a requestor in response to a request for performing predetermined processing. The processing apparatus executes the predetermined processing upon the authentication succeeding. Whether or not authentication is performed is set individually for each of the processing apparatus and an external apparatus of the processing apparatus that serve as the requestor. The authentication is performed in the case where authentication is set to be performed on the requestor that made the request.

Abstract: Methods, devices, systems, and non-transitory process-readable storage media manage unwanted tracking by evaluating conditions encountered by a browser application during sessions with websites. Embodiment methods performed by a processor of a computing device may include operations for identifying predefined browsing execution conditions encountered by the computing device during a session with a website, determining whether unwanted tracking of the computing device likely exists based on the identified predefined browsing execution conditions, and performing a corrective action in response to determining that the unwanted tracking of the computing device likely exists based on the identified predefined browsing execution conditions. Embodiment methods may also include operations for identifying a type of condition for each of the predefined browsing execution conditions and determining whether a number of each type of condition exceeds a predefined threshold for each type of condition for the session.

Abstract: Techniques for remediating an infected file are disclosed. In one embodiment, a method may have the steps of maintaining a plurality of file identities within a remediation repository each associated with a file, wherein for each file identity one or more regions of interest of the associated file are selectively identified, the one or more regions of interest for each file collectively representing less than all of the file; in response, selecting a file associated with a file identity from the remediation repository that matches the infected file; selectively comparing the one or more regions of interest of the matching file with one or more corresponding regions of the infected file; and based on comparing the regions, replacing at least one portion of the one or more regions of the infected file with at least one corresponding portion of the one or more regions of interest of the matching file.

Abstract: A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.

Abstract: The present specification discloses an improved method of encrypting a file and distributing the encrypted file over a network from a user computer to a remote computer, which includes providing an interface to a file encryption application to a user; receiving an input designating an encryption option from among a plurality of encryption options; based upon said input designating an encryption option, and based upon a format of said file, causing a separate application specific to said format to encrypt said at least one file, wherein said encrypted file is adapted to be decrypted using a passcode and wherein said passcode is transmitted to the user via at least one message type.

Abstract: A system for detecting phishing includes a phishing detection system that generates census of login pages received in different computers of different end users. An end user computer receives a login page and retrieves census information of the login page, such as from the phishing detection system. The census information indicates a number of different end users who employed the login page to log into their respective online accounts. The end user computer reports the census information to the end user of the end user computer. The end user computer reports the census information in numerical, graphical, or other format. The census information of the login page allows the end user to make an informed decision on whether or not to use the login page.

Abstract: A system and method for bypassing secondary user authentication based at least in part on the detection of a whitelisting deviation from a user pattern are disclosed. In one implementation, the system includes a pattern determination module, a fraudulent login identifier module, a whitelisting deviation detection module and a user authentication generation module. The pattern determination module determines a user pattern. The fraudulent login identifier module identifies a potentially fraudulent login and triggers a secondary authentication challenge. The whitelisting deviation detection module compares user information to the user pattern and determines based on the comparison whether a whitelisting deviation from the user pattern has occurred.

Abstract: A user request to display an application while the device is locked is received. In response to this user request, one or more images generated by the application are obtained and displayed while the device is locked. Additionally, an indication of an application to be displayed upon resuming operation from a power-saving mode can be received, and an image generated by the application is displayed in response to resuming operation from the power-saving mode.

Abstract: Generating a seed and/or a key from live biometric indicia, such that all the information necessary for generating the seed and/or the key is not stored, is provided. A method comprises receiving and enrolling a biometric template from a user; assigning an optimization value to the enrolled biometric template; encrypting an item of test data using the optimization value, such that the optimization value is an encryption seed; storing the encrypted item of test data on the storage medium; destroying the encryption seed after encrypting the item of test data; receiving a live biometric template; comparing the templates and determining an interval based on a probability that the templates are specific to the same user; iteratively testing values within the interval to identify the value in the interval for decrypting the encrypted item of test data; and generating the key using the seed.

Abstract: The disclosed computer-implemented method for classifying security events as targeted attacks may include (1) detecting a security event in connection with at least one organization, (2) comparing the security event against a targeted-attack taxonomy that identifies a plurality of characteristics of targeted attacks, (3) determining that the security event is likely targeting the organization based at least in part on comparing the security event against the targeted-attack taxonomy, and then in response to determining that the security event is likely targeting the organization, (4) classifying the security event as a targeted attack. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Computer systems and methods are provided for authenticating a user seeking to conduct at least one interaction with a secured capability provided by a computer. The method includes accessing a first identifier corresponding to the secured capability and sending a second identifier to an electronic device being used by the user. The second identifier corresponds to the secured capability. The method further includes receiving a signal from the electronic device being used by the user. The method further includes using a processor to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability.

Abstract: In a method for securely collecting sensitive information, a first key entry made via a user interface is detected. Moreover, information is received via a secure communication channel from a remote server, where the information includes at least a current value of a first layer identifier. Using the current value of the first layer identifier, a bit string corresponding to the first key entry is determined. Using the bit string, at least a portion of a data string is generated. The data string is caused to be stored in a local memory and/or transmitted to another device via a network.

Abstract: An information sharing system according to an embodiment includes an information processing system and a terminal and display device connected to the information processing system via a network. The information processing system is composed of one or more information processing apparatuses. The display device is equipped with a display unit on which an image is displayed. The display device includes a first identification-information acquiring unit that acquires identification information for identifying the display device on the network. The terminal acquires the identification information from the display device, and accesses a storage service and acquires access information, and transmits the acquired identification information and access information to the information processing system.

Abstract: A method for controlling a transparent tunnel mode operation in a Wireless Dockee (WD) in a communication system supporting a wireless docking protocol is provided. The method includes performing a group join process and a provisioning process for security keys with a Wireless Docking Center (WDC); accessing services of a Wireless Docking Environment (WDN); selecting an operating mode between the WD and the WDC as a transparent tunnel mode; performing a process of getting information related to a peripheral with the WDC; requesting the WDC to enable a monitor mode and a promiscuous mode; and transmitting/receiving a data packet using the information related to the peripheral with the peripheral if a Miracast connection and a docking session are established between the WD and the peripheral.