Abstract: There are provided systems and methods for injecting computing code for detection of malicious computing attacks during suspicious device behavior. A service provider, such as an electronic transaction processor for digital transactions, may detect activities of a computing device when using computing services. The service provider may determine that those activities are suspicious or high risk. In order to determine if the computing device is being used by a malicious user, such as to perform an automated computing attack against the service provider, the service provider may determine one or more probes that may be inserted to a corresponding user interface displayable by the computing device. The probe may attempt to differentiate between real human users and automated and/or malicious users. Computing code for the probe may be injected into the computing code for the user interface and may be provided when the user interface is output.

Abstract: There are provided systems and methods for protecting from directory enumeration using honeypot pages within a network directory. A service provider, such as an electronic transaction processor for digital transactions, may have an internal network that is utilized by employees, developers, and other end users within the organization of the service provider. When internal devices become compromised or internal users act maliciously, they may attempt to enumerate a directory to find hidden pages that have secret or sensitive data. The service provider may therefore detect a scan of an internal directory having files paths to files and pages and may deploy honeypot pages that change an error status. Further, the service provider may add a process or operation to log additional data on these honeypot pages and/or change a byte size of the corresponding pages to confuse the enumeration attempt and obtain true source information.

Abstract: Methods and systems are presented for detecting and dynamically rate limiting unauthorized attempts to obtain user account information from an online service provider. An online system is configured with a request rate limit and a list of user identifiers associated with accounts at risk of being compromised. The system receives requests, each associated with a user identifier, from one or more devices. The system determines what amount of user identifiers associated with the requests match user identifiers on the list over a period of time. If the amount meets or exceeds a threshold, the system reduces the request rate limit for devices that made a request associated with user identifiers matching those on the list.

Abstract: Techniques are disclosed relating to determining characteristics associated with attempts to request access an online system. A security test that changes one or more parameters associated with accessing the online system may be implemented for a determined time interval. The parameters changed may include user interface parameters, security threshold parameters, and addresses of servlets in the online system. Access requests received during the security test may be compared to access requests received before and after the security test to determine characteristics of scripted access requests (e.g., automated attacks by one or more malicious users) and legitimate access requests to the online system. The present techniques enhance computer system security and can bolster network bandwidth by allowing malicious access requests to be more easily identified and filtered out.

Abstract: Client-side attack detection via simulation for detecting and mitigating cross-site script code client-side attacks is disclosed. A system can receive, through a network interface from a web server, a first response having a first payload that includes an action based on a request to the web server and a second response having a corresponding payload that is received concurrently with the first response on a signal path from the web server that is different from that of the first response. The system can invoke the action from the first payload and detect malicious activity in the invoked action. The system can verify the detecting of the malicious activity and issue a message indicating a security incident relating to the malicious activity. The system can either allow or restrict passage of the second response to a network based on a mode of the system when the malicious activity is verified.

Abstract: A pharmaceutical composition comprising Compound I: Methods of treating cystic fibrosis comprising administering one or more of such pharmaceutical compositions to a patient.

Abstract: Techniques are disclosed relating to dynamically routing network traffic between defense layers. For example, in various embodiments, a server system may implement a traffic distribution module that is operable to distribute a particular type of network traffic across multiple different defense layers. The traffic distribution module may receive a first set of requests that have been identified as being indicative of that particular type of network traffic and then route this first set of requests across the different defense layers based on a set of distribution weightage values. In various embodiments, the disclosed techniques include determining an updated set of distribution weightage values based on an effectiveness of the defense layers in mitigating the particular type of network traffic. In such embodiments, the traffic distribution module may then use this updated set of distribution weightage values to route a second set of network traffic across the various defense layers.

Abstract: A power distribution unit includes a circuit protection device having output terminals and a current transformer board connected to the output terminals of the circuit protection device. The power distribution unit further includes a signal board connected to the current transformer board and a measurement board connected to the signal board.

Abstract: Techniques are discussed for grouping access requests made to a computer system using a log of access requests that includes a plurality of log entries of that include (a) a plurality of traffic indicators of the corresponding access request and/or (b) a plurality of identity indicators of a respective remote computer system that made the corresponding access request. The plurality of log entries is analyzed using a plurality of network analysis rules that are useable to group log entries according to traffic and/or identity indicators. Based on the analyzing, a plurality of groups of log entries are identified, and each group of log entries is assigned a corresponding common actor identifier (common actor ID). The determination of whether to grant a particular access request uses one or more assigned common actor IDs.

Abstract: Techniques are disclosed for mitigating network-based attacks, brute-force attacks, enumeration account takeover type attacks, and generally attacks that might result in unauthorized access to user accounts, denial-of-service, loss of functionality to users, etc. Authenticating a user at an end-point of a network may occur using an activator. In some instances, an authentication module (e.g. on a server) receives and validates a key activator. If the key activator is valid, the authentication module is activated. After the authentication module is activated, the authentication module may receive and authenticate a security credential, such as a password, that is associated with the user. If the authentication module receives the security credential without being activated, the authentication module may not authenticate the security credential, even if the security credential is a valid credential.

Abstract: This application describes methods of treating cystic fibrosis or a CFTR mediated disease comprising administering Compound I or a pharmaceutically acceptable salt thereof. The application also describes pharmaceutical compositions comprising Compound I or a pharmaceutically acceptable salt thereof and optionally comprising one or more additional CFTR modulating agents.

Abstract: Techniques are disclosed relating to detecting data leaks using targeted scanning. For example, in various embodiments, a scanner module may monitor communications between a user device and a server system, where the user device requests access to a resource provided via the server system. The scanner module may perform various data loss prevention operations to detect the leaking of sensitive data associated with an organization. For example, the scanner module may perform an initial scan of the resource to capture an initial version of the resource at an establishment of a connection between the user device and the server system. The scanner module may perform a subsequent scan that captures a subsequent version of the resource. Based on the initial and subsequent versions of the resource, the scanner module may determine whether any data loss prevention rules have been violated and, if so, initiate one or more corrective actions.

Abstract: Techniques are disclosed relating to detecting and prevent phishing attacks (such as man-in-the-middle attacks) related to multi-factor authentication (MFA) or two-factor authentication (2FA) processes. A system is described that makes a determination of whether to permit or deny a subsequent authentication step (e.g., a 2FA authentication step) based on a level of trust determined between the computing device making the initial authentication request to a service computer system and the computing device being asked to implement the subsequent authentication step (such as a mobile device). The computing device associated with the subsequent authentication step assesses the trust between the devices and makes the determination of whether to permit or deny the subsequent authentication step. The present techniques enhance computer system security against phishing attacks while maintaining a satisfying user experience for legitimate users.

Abstract: There are provided systems and methods for a proxy and navigation code injection to prevent malicious messaging attacks. One or more proxy servers may reside in a perimeter network and be used to remove malicious links from messages transmitted to devices protected by the proxy server(s). The proxy server(s) may detect links to external (e.g., Internet-based) resources, such as websites and databases, and may extract data from the external resources. The proxy server(s) may generate static data that prevents processes on the external resources from being executed by devices protects by the proxy server(s). The proxy server(s) may further generate a link to the static data by adding a proxy server network address to the original link. Once the link is generated, it may be used to replace the original link to the external resource to prevent navigation to malicious data.

Abstract: Systems and techniques for providing security data points from an electronic message are presented. A system can determine a first interne protocol (IP) address of a computing device in response to a user of the computing device opening an email sent to an email address corresponding to a particular electronic account of the user, the email comprising an IP address tracking mechanism. The system can also compare the first IP address with one or more second IP addresses corresponding to one or more electronic accesses of the particular electronic account. Furthermore, the system can determine if an account access anomaly exists in regard to the particular electronic account based on a result of the comparing. The system can also implement a security measure impacting an ability of the particular electronic account to conduct one or more transactions in response to the account access anomaly existing for the particular electronic account.

Abstract: Compounds of Formula (I): pharmaceutically acceptable salts thereof, deuterated derivatives of any of the foregoing, and metabolites of any of the foregoing are disclosed. Pharmaceutical compositions comprising the same, methods of treating cystic fibrosis using the same, and methods for making the same are also disclosed.

Abstract: A method includes determining, based on login information corresponding to a plurality of login attempts, that a set of password spray criteria have been satisfied. The method also includes generating respective scoring patterns corresponding to one or more password lengths and based on the respective scoring patterns, generating a common digital signature for a set of common passwords. The method further includes generating a spray digital signature for a set of potential spray passwords based on the respective scoring patterns. Additionally, the method includes comparing the spray digital signature with the common digital signatures to determine a number of matching components between the spray digital signatures and the common digital signature. Based on the number of matching components, the method includes determining whether a password spray has been attempted.

Abstract: Compound I of the formula (formula) A pharmaceutically acceptable salt of Compound I. Pharmaceutical compositions containing at least Compound I and methods of treating cystic fibrosis comprising administering at least Compound I. Pharmaceutical compositions containing a pharmaceutically acceptable salt of at least Compound I and methods of treating cystic fibrosis comprising administering a pharmaceutically acceptable salt of at least Compound I.

Abstract: This application describes methods of treating cystic fibrosis or a CFTR mediated disease comprising administering Compound I or a pharmaceutically acceptable salt thereof. (I) The application also describes pharmaceutical compositions comprising Compound I or a pharmaceutically acceptable salt thereof and optionally comprising one or more additional CFTR modulating agents.

Abstract: There are provided systems and methods for a dynamic pixel display in electronic communications to enhance data security. Electronic network communications by a service provider, such as an electronic transaction processor for digital transactions, may be compromised by malicious computing attacks or other actions that compromise the security of the communications and corresponding data within the communications. To increase security of the data within a communication, such as text or images in an email, the service provider may utilize a pixel arrangement within a field of the communication that has corresponding identifiers and weblinks to backend pixel data that have randomized so that each pixel's location is variable between different communications. When the email is opened, code for the email may request the backend pixel data using the weblinks. A malicious party listening to the communication does not receive the data without having to reconstruct the randomized layout.