Abstract: Trap data is stored in a mobile computing device. A lightweight engine monitors outgoing communications in the mobile computing device for the trap data. Data leakage is deemed to have been detected in the mobile computing device when an outgoing communication includes the trap data. A cloud service hosted by a backend system may also be monitoring for the trap data. In the case where the trap data is a trap e-mail address, the cloud service may monitor for an e-mail that is addressed to the trap e-mail address. In response to receiving the e-mail, the cloud service may consult a database to determine that the trap e-mail address is stored in the mobile computing device. Receiving the e-mail indicates that data leakage is occurring in the mobile computing device.

Abstract: A low resource mobile device, such as a smart phone or a tablet running a mobile operating system, requests a cloud computer system to inspect a mobile application for malicious content. The cloud computer system downloads the mobile application from a mobile application source, and installs the mobile application in a virtual machine sandbox. The cloud computer system inspects the mobile application for malicious content while the mobile application executes in the virtual machines sandbox. The result of the inspection is sent to the user in accordance with a setting that may be indicated in a cloud sandbox agent running on the mobile device.

Abstract: Methods and apparatus for detecting cross-site request forgery (CSRF) attacks include a CSRF detector that analyzes HTTP communications for information indicative of a CSRF attack. The CSRF detector may analyze HTTP responses from a website for CSRF code that automatically performs unauthorized access of an online account of a user of a user computer upon receipt and execution of the CSRF code in the user computer. The CSRF detector may also analyze HTTP requests from a web browser for information indicative of a CSRF attack.

Abstract: A computing device capable of instant messaging (IM) contains IM anti-malware software for preventing the transmission of malware-created IMs and opening potentially harmful IMs that it receives. When transmitting an IM, the software checks to ensure that the message being sent was created by the user (a human being) and not by IM malware, such as an IM BOT. This is done by copying details of a message as it is being typed by a user into a database and searching for that data before an IM is transmitted from the device. The software also ensures that when it receives an IM from an outside source, that the message contains a special encrypted signal that was inserted into the message by the source when the source has determined that the message was created by a human being. If the special signal is not found, it is presumed that the message was created by malware and may be discarded.

Abstract: Any number of mobile devices each execute an application allowing them to subscribe to a group. Alternatively, the devices subscribe at a Web server. A percentage of the group and a distance threshold from a target device are defined. Each device sends its GPS data to a Web server or to one of the designated mobile devices. Alternatively, the target device calculates its distance to the other devices using wireless signals. The designated device or the Web server calculates the distance from the target device to the other devices. If the distance is over the threshold then an alert is generated and sent from the Web server to designated recipients, or sent from the designated device to the recipients. Distance from the target device to the group members may be calculated based upon a majority, a percentage of the group, or a special cluster of the group.

Abstract: A data access policy is configured and stored on a computing device, including a list of secure gateway IP addresses and optionally secure geographic regions. A time parameter defines how long a digital file will remain not in use before deletion and a degree parameter defines how fast the file will be deleted. Once a digital file is downloaded to the computing device the device is checked periodically to determine whether or not it is in a secure location. If not in a secure location then a data deletion process is initiated which begins by checking whether or not the digital file is currently being used on the computing device. If the file is being used, then no deletion is performed. If the file is not in use (or has not been used after a certain amount of time) then the file is deleted. The file may be deleted gradually.

Abstract: A trap is dynamically created in a computing device to detect a malicious application. The trap may be a fake e-mail address created in response to detecting running of an application in the computing device. The fake e-mail address includes a local-part that identifies the application and identifies the mobile computing device (e.g., by user identifier). A backend system receives e-mails that are addressed to fake e-mail addresses. The backend system parses a recipient address of a received e-mail to identify an application associated with the e-mail and the computing device where the fake e-mail address was generated. The backend system informs a user of the computing device of a data leakage occurring in the computing device and the application that may be responsible for the data leakage.

Abstract: A Web site uses a behavior monitor that operates as a gatekeeper for a browser. The attack injects Web content with malicious executable code that executes on an end user device when the code executes in a browser on the device. A message is received at the monitor from a browser for retrieving Web content; the browser executes on a computing device having sensitive information. The Web content is retrieved from a target Web server and analyzed for XSS. If found, the destination to which some or all of the sensitive information will be sent if the XSS executes is determined. A message is displayed in the browser regarding whether the Web content that was requested should be viewed in the browser. In this manner, execution of the XSS in the browser is prevented. The analyzing and determining steps are performed before the Web content is received by the browser.

Abstract: Scanning of files for malicious codes may be performed by calculating a first hash value of a file in a client computer and providing the first hash value of the file to a remotely located server computer. The server computer may compare the first hash value of the file to first hash values of malicious code patterns to determine if the file is possibly infected with malicious code. A malicious code pattern having a first hash value that matches that of the file may be forwarded from the server computer to the client computer. In the client computer, a second hash value of the file may be calculated and compared against a second hash value of the malicious code pattern to determine if the file is infected with the malicious code.

Abstract: A method for protecting a mashup webpage is disclosed. The mashup webpage includes a plurality of mini-applications. The method includes intercepting a content access event by a first mini-application of the plurality of mini-applications, the content access event requesting access to content of a second mini-application of the plurality of mini-applications. The method also includes ascertaining, using a Document Mini-application Model (DOM) access control policy and a DOM model, whether the content access event is permissible. The method additionally includes denying the access by the first mini-application to the content of the second mini-application if the content access event is deemed impermissible or permissible according to the DOM access control policy.

Abstract: A method for etching a metal surface of a golf club head includes coating a masking layer on a metal surface of a golf club head, illuminating the masking layer with laser beams to form windows of a predetermined pattern, etching areas of the metal surface exposed via the windows to form the predetermined pattern in the metal surface, and removing the masking layer. A predetermined patter is thus formed on a metal surface of the golf club head with improved etching accuracy, expedited etching procedure, improved etching effect, and reduced etching cost.

Abstract: A golf club head includes a golf club head body and a weight member. The golf club head member has a recession in which the weight member is mounted. The weight member is securely mounted in the recession of the golf club head body by a welding procedure that uses a welding material. The weight member is made of a material having a melting point higher than that of the golf club head body, avoiding melting of the weight member during the welding procedure. Only a portion of the golf club head body fuses with the welding material while using the welding material for proceeding with the welding procedure for the weight member.

Abstract: A golf club head includes a golf club head body and a weight member. The golf club head member has a recession in which the weight member is mounted. The weight member is securely mounted in the recession of the golf club head body by a welding procedure that uses a welding material. The weight member is made of a material having a melting point higher than that of the golf club head body, avoiding melting of the weight member during the welding procedure. Only a portion of the golf club head body fuses with the welding material while using the welding material for proceeding with the welding procedure for the weight member.