Abstract: Described are techniques for cybersecurity incident mitigation. The techniques include detecting, by an Endpoint Detection and Response (EDR) function in a networked environment comprising a plurality of endpoints, a security incident on a first endpoint of the plurality of endpoints. The techniques further include identifying an administrator of the first endpoint and initiating a process requiring Multi-Factor Authentication (MFA) associated with the administrator of the first endpoint by transmitting a push notification to a second device associated with the administrator and receiving a response to the push notification from the second device. The techniques further include characterizing, by the EDR function, a maliciousness of the security incident based on the response.

Abstract: In an approach to attesting control over network devices, responsive to receiving a first signal from a client, wherein the first signal initiates a network connection between the client and a server, a first certificate is sent to the client that contains a common name that is an internet protocol (IP) address. A second certificate is sent to the client that contains a common name that is a uniform resource locator (URL) of the server. Responsive to receiving a second signal from the client that the first certificate and the second certificate are trusted, the client is connected with the server.

Abstract: A user requesting authentication is presented a keypad that includes multiple keys and respective keys include a character that is associated with a shape. Responsive to selection of a key, a first set of attributes is activated for selection. Responsive to determining a selection of an attribute from the first set of attributes, activating one or more additional sets of attributes associated with the first key. Responsive to determining a selection from the one or more additional sets of attributes, determining whether a selection of an additional key is made. Responsive to determining the selection of the additional key, activating for selection a first set of attributes and one or more additional sets of attributes of the additional key, and responsive to determining selections of keys and corresponding attributes associated with the selection of respective keys, determining the validity of the authentication code.

Abstract: In an approach to attesting control over network devices, responsive to receiving a first signal from a client, wherein the first signal initiates a network connection between the client and a server, a first certificate is sent to the client that contains a common name that is an internet protocol (IP) address. A second certificate is sent to the client that contains a common name that is a uniform resource locator (URL) of the server. Responsive to receiving a second signal from the client that the first certificate and the second certificate are trusted, the client is connected with the server.

Abstract: Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: A cookie directive file may include an exclusion directive specifying sub domain names associated with the server specified in disjointed form. A hardware processor may request the cookie directive file from a server computer and store the cookie directive file locally with the hardware processor. Responsive to detecting a browser request to send to the server computer, the hardware processor may cull existing cookies based on cookie setting attributes associated with the existing cookies, and remove from the culled list of existing cookies to be sent with the browser request, a cookie that matches the exclusion directive.

Abstract: A method, system and computer-usable medium are disclosed for identifying product updates tailored to devices according a selection criteria. The selection criteria is implemented through social brokerage, by receiving feedback from trusted users or influencers. A user provides an indications of products, such as software applications or commerce applications to be monitored for changes. Information as to updates to the products are periodically monitored to provide possible candidate updates. The candidate updates are analyzed based on the selection criteria to form an update assessment, and based on the update assessment an action, such as updating the product is performed.

Abstract: A user requesting authentication is presented a keypad that includes multiple keys and respective keys include a character that is associated with a shape. Responsive to selection of a key, a first set of attributes is activated for selection. Responsive to determining a selection of an attribute from the first set of attributes, activating one or more additional sets of attributes associated with the first key. Responsive to determining a selection from the one or more additional sets of attributes, determining whether a selection of an additional key is made. Responsive to determining the selection of the additional key, activating for selection a first set of attributes and one or more additional sets of attributes of the additional key, and responsive to determining selections of keys and corresponding attributes associated with the selection of respective keys, determining the validity of the authentication code.

Abstract: Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: Various methods for detecting a man-in-the-middle (MITM) during HTTPS communications are disclosed including, in some aspects, establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: Various methods for detecting a man-in-the-middle (MITM) during HTTPS communications are disclosed including, in some aspects, establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: A cookie directive file may include an exclusion directive specifying sub domain names associated with the server specified in disjointed form. A hardware processor may request the cookie directive file from a server computer and store the cookie directive file locally with the hardware processor. Responsive to detecting a browser request to send to the server computer, the hardware processor may cull existing cookies based on cookie setting attributes associated with the existing cookies, and remove from the culled list of existing cookies to be sent with the browser request, a cookie that matches the exclusion directive.

Abstract: Embodiments for enforced registry of cookies through a theme template in a computing network by at least a portion of a processor. A theme template associated with an application may be downloaded. Cookie registration information may be obtained from a registry such that the registry enables an enforcement proxy downloaded with the theme template to enforce compliance with the cookie registration information for each cookie requesting access to the application.

Abstract: Embodiments for enforced registry of cookies through a theme template in a computing network by at least a portion of a processor. A theme template associated with an application may be downloaded. Cookie registration information may be obtained from a registry such that the registry enables an enforcement proxy downloaded with the theme template to enforce compliance with the cookie registration information for each cookie requesting access to the application.

Abstract: An invention that pre-fetches virtual content in a virtual universe is provided. In one embodiment, there is a pre-fetching tool, including a ranking component configured to rank each of a plurality of members belonging to a social network of an avatar according to predefined ranking criteria. The pre-fetching tool further includes a pre-fetching component configured to pre-fetch a virtual content within a proximity of each of the plurality of members belonging to the social network of the avatar based on the ranking.

Abstract: The present invention pre-fetches objects, textures and scripts (collectively referred to herein as items) through analysis of the communications of an avatar. Furthermore, if an object, texture or script is not pre-fetched upon arrival to a region the virtual universe's object, texture and script download system is augmented to prioritize objects the user may be interested in based on the avatar's communications and previously stated priorities. The present invention may improve user experience of virtual world by prioritizing the download and caching of objects, textures, and scripts that are likely to interest the user. Such a prioritization enhances the user experience by reducing wait times for the rendering of objects of interest.

Abstract: After a change of location of an avatar in a virtual universe, an avatar is encouraged to remain at that location and avoid an immediate further or return change of location (e.g. by teleportation) by prioritizing rendering of objects such that objects most likely to be of interest to the avatar is performed prior to rendering of objects less likely to be of interest. Prioritization is performed by comparing metadata concerning objective(s) of the avatar and metadata of preferences of the avatar and objects in the avatar's inventory and/or implied from the avatar's activity history with metadata corresponding to objects at the location to which the avatar moves. Preferably, the metadata corresponding to the avatar is ranked in order of the number of occurrences of metadata terms and synonyms in metadata of the avatar.

Abstract: Approaches for prioritized rendering of objects in a virtual universe are provided. In one embodiment, there is a prioritization tool containing a plurality of components configured to: determine a priority of each of a set of objects in a commercial area of the virtual universe, the commercial area having a plurality of virtual retail stores; assign a priority to each of the plurality of virtual stores in the commercial area based on the priority of each of the set of objects in the virtual universe; and download and cache each of the objects from the set of virtual stores from the plurality of virtual stores in the virtual universe, that are outside a rendering radius of the avatar, based on the relative priorities of each of the set of the plurality of virtual stores in the virtual universe.

Abstract: The present invention pre-fetches objects, textures and scripts (collectively referred to herein as items) through analysis of the communications of an avatar. Furthermore, if an object, texture or script is not pre-fetched upon arrival to a region the virtual universe's object, texture and script download system is augmented to prioritize objects the user may be interested in based on the avatar's communications and previously stated priorities. The present invention may improve user experience of virtual world by prioritizing the download and caching of objects, textures, and scripts that are likely to interest the user. Such a prioritization enhances the user experience by reducing wait times for the rendering of objects of interest.

Abstract: The present invention pre-fetches objects, textures and scripts (collectively referred to herein as items) through analysis of the communications of an avatar. Furthermore, if an object, texture or script is not pre-fetched upon arrival to a region the virtual universe's object, texture and script download system is augmented to prioritize objects the user may be interested in based on the avatar's communications and previously stated priorities. The present invention may improve user experience of virtual world by prioritizing the download and caching of objects, textures, and scripts that are likely to interest the user. Such a prioritization enhances the user experience by reducing wait times for the rendering of objects of interest.