Abstract: The present disclosure provides generally for systems and methods of authenticating one or more aspects of electronic communication. According to the present disclosure, authenticable communications may allow for authentication of at least a portion of the content of the electronic communication, which may limit potential damage caused by fraudulent communications. In some aspects, an authenticable communication may allow a recipient to confirm that the indicated source is the actual source of the authenticable communication. In some embodiments, the authentication may not require an exchange of encrypted communications or an exchange of communications solely within the same communication system. Authenticable communications may provide a separate layer of security that may allow a recipient to review the contents with confidence that the communication is not fraudulent. Further, authenticable communications may provide the additional security without requiring specialized software.

Abstract: A system and method is described that sends multiple simulated phishing emails, text messages, and/or phone calls (e.g., via VoIP) varying the quantity, frequency, type, sophistication, and combination using machine learning algorithms or other forms of artificial intelligence. In some implementations, some or all messages (email, text messages, VoIP calls) in a campaign after the first simulated phishing email, text message, or call may be used to direct the user to open the first simulated phishing email or text message, or to open the latest simulated phishing email or text message. In some implementations, simulated phishing emails, text messages, or phone calls of a campaign may be intended to lure the user to perform a different requested action, such as selecting a hyperlink in an email or text message, or returning a voice call.

Abstract: One variation of a method for verifying email senders includes: intercepting an email addressed to a target recipient within an organization, the email received from a sender at an inbound email address and including an inbound display name; accessing a whitelist including a verified display name and a set of verified email addresses corresponding to an employee within the organization; characterizing a display name difference between the inbound display name and the verified display name; in response to the display name difference falling below a threshold difference, comparing the inbound email address to the set of verified email addresses; in response to identifying the inbound email address in the set of verified email addresses, authorizing transmission of the email to the target recipient; and, in response to the set of verified email addresses omitting the inbound email address, withholding transmission of the email and flagging the email for authentication.

Abstract: A system and a method are disclosed for detecting an unacceptable HTTP requests by scanning the headers of the HTTP requests.

Abstract: A micro data capture device can be configured to operate as a unidirectional connection from a first computing device to a second computing device. The micro data capture device can include a data capture side comprising a first universal serial bus (USB) interface configured to connect to the first computing device so as to extract data from the first computing device. The micro data capture device can further include a monitoring apparatus comprising an interceptor configured to copy data from the data capture side so as to define the unidirectional connection. Further, the micro data capture device can define a data storage side comprising a second USB interface configured to connect to the second computing device so as to transfer data to the second computing device. The data storage side can be configured to receive data from the data storage side via the monitoring apparatus. In some cases, the data capture side has only volatile memory, and the data storage side includes non-volatile memory.

Abstract: A method includes receiving, by a data processing apparatus and from a content distribution system, a message comprising a probabilistic data structure representing a set of content items that should not be provided to a user device, content item data for content items available to be provided, and a request to determine whether any content item data is invalid, determining that the content item data for a given content item is invalid because the given content item may be in the set of content items represented by the probabilistic data structure, including removing the content item data for the given content item that was determined to be invalid; and preventing distribution of content items including the given content item.

Abstract: Embodiments secure data on a cloud based network that comprises one or more machine learning (“ML”) notebooks. Embodiments monitor activity on each of the ML notebooks, the activity including one or more commands. Embodiments classify each of the commands, the classifying including generating input parameters. Based on the input parameters, embodiments determine a risk score for each of the ML notebooks. When the risk score exceeds a predetermined threshold, embodiments generate an alert.

Abstract: Described herein are systems and methods for a distributed Java Keystore, in accordance with an embodiment. This KeyStore can provide a secure place for a distributed queue to persist credentials, private keys, and other sensitive information. Such a KeyStore can be utilized within other distributed systems that require scaling (in and out) in runtime.

Abstract: A system for real-time authenticated obfuscation of electronic data provides real-time visual obfuscation of the data by transforming displayed data into undecipherable data when viewed by an unauthorized user while maintaining access for an authorized user. The system may further provide application-level obfuscation of electronic data via cryptographic keys such that only authorized applications may decrypt the encrypted data. In this way, the system provides secure access control of electronic data within a networked environment.

Abstract: Systems and methods of the disclosure include: receiving, by a node of a distributed ledger network, first transaction data, wherein the first transaction data comprises an alert derived from a state of a computer system; storing the first transaction data in a first block of the distributed ledger network; receiving, by the node, second transaction data, wherein the second transaction data comprises an identifier of a remedial action performed on the computer system in response to the alert and a result of performing the remedial action; and storing the second transaction data in a block of the distributed ledger network, wherein the block is provided by one of: the first block or a second block.

Abstract: Systems and methods are described for receiving at an intermediary entity a token from a data provider that enables access to a user's data at a data provider, where the token is received without an intermediary entity receiving user credentials. A request is received from a data recipient to receive data from the data provider, where the token is required to access the data. Data may be received from the data provider using the token, and the received data may be filtered based on a data directive associated with the data provider, to identify which data the data recipient is permitted to access. The identified data may be provided to the data recipient.

Abstract: Network traffic collectively associated with a set of communications made between a client device and a respective first and second resource during a usage of a program executed on the client device is monitored. At least of the monitored traffic associated with the second resource is encrypted. The encrypted traffic is categorized. A respective first and second policy to apply to the respective first and second communications is determined. The second policy is based at least in part on the categorization of the encrypted traffic.

Abstract: A process of filtering a wireless service provided to at least one wireless device from a wireless network includes receiving identification of the at least one wireless device in a filtering server from an administrator and receiving filtering instructions from the administrator in the filtering server. The process further including receiving a request for an internet resource from at least one wireless device, comparing the request for the internet resource to the filtering instructions to determine whether the requested internet resource is allowable in view of the filtering instructions or not allowed based on the filtering instructions. The disclosure also provides a system as well.

Abstract: Data that includes user data and application data that is generated during a remote desktop session to a cloud computing system is stored in cloud storage according to a risk level of the remote desktop session. The storage device has provisioned therein a plurality of storage containers, including first and second storage containers, where the first storage container stores less percentage of the user data than the second storage container. The first storage container is selected for storing the user data if the determined risk level of the remote desktop session is at a first level and the second storage container is selected for storing the user data if the determined risk level of the remote desktop session is at a second level that is lower than the first level.

Abstract: In one embodiment, a method for operating a system for management of implantable medical devices (IMDs), comprises: conducting communications sessions with a plurality of clinician programmer devices, wherein some of the communication sessions occur while the plurality of clinician programmer devices are engaged in respective programming sessions with IMDs; conducting communications sessions with a plurality of patient controller devices, wherein he communication sessions with the patient controller devices include communication of data pertaining to offline programming of IMDs; reconciling programming session data received from the plurality of clinician programmer devices with programming session data received from patient controller devices to identify instances of unauthorized IMD programming; and distributing revocation data to patient controller devices to be downloaded to corresponding IMDs, wherein the revocation data identifies cryptographic keys that are no longer trusted.

Abstract: The disclosed subject matter relates to systems, methods, and media for media session concurrency management with recurring license renewals. More particularly, the disclosed subject matter relates to using recurring license renewals for concurrent playback detection and concurrency limit enforcement for video delivery services and managing server resources for handling such recurring license renewals.

Abstract: This disclosure provides systems, methods and apparatus, including computer programs encoded on computer storage media, to mitigate a denial of service attack to a power line communication (PLC) network. A first node of the PLC network may activate a countermeasure that enables the PLC network (including the first node and a second node) to continue to communicate when one or more transmissions associated with a denial of service attack are injected onto the communication medium. This disclosure includes several techniques to detect a denial of service attack and several countermeasures that may be implemented. For example, a countermeasure may include the use of a custom preamble or a custom priority resolution symbol that is specific to the PLC network. The first node and the second node may disregard transmissions that do not conform to the custom preamble or custom priority resolution symbol.

Abstract: A method, apparatus, and system provide the ability to act on cyber risks and reduce cyber attacks. System characteristics and system information for a cyber system are gathered. The system characteristics and system information are pre-processed to identify vulnerabilities that are relevant to the cyber system. A system model of a cyber environment is generated for the cyber system. One or more features are converted from cyber threat reports to one or more semantically relevant queries over the system model. The system model is reasoned over to generate one or more answers relevant to the one or more semantically relevant queries. Attack models are executed over the system model to generate actionable intelligence and reduce cyber attacks.

Abstract: Systems and methods for decentralized application (dApp) discovery and scanning. A method for scanning includes performing tests by extracting calls from dApps and analyzing the extracted calls for potentially malicious behavior. To this end, calls made by a dApp are extracted by impersonating wallet addresses. More specifically, transactions are generated based on sample transactions from one or more known wallet addresses, and the generated transactions are broadcast to websites. Calls such as remote procedure calls (RPCs) are extracted from responses to those transactions. The extracted calls are analyzed in order to determine whether the behavior represented in those extracted calls is anomalous. Calls requesting anomalous transactions may be determined to be malicious or potentially malicious, and websites which requested anomalous transactions may be flagged as malicious or potentially malicious.

Abstract: There are provided systems and methods for a database synchronization system in networked zones using blockchain. An electronic service provider may maintain data stores across different zones that may need to synchronize data across these zones. As such, the subject technology provides for data storage using interplanetary file system (IPFS) technology according to some embodiments with blockchain technology to create a secure and reliable data synchronization system. IPFS may be implemented as a data storage layer and blockchain as a transaction management system, where the IPFS address of data files and synchronization points are stored in a distributed ledger. Integration of the IPFS network with a fabric network can enhance IPFS with the fabric network to create a more secure file sharing platform to improve the transfer of data and database synchronization between different zones.