Patent application number | Description | Published |
20080222299 | Method for preventing session token theft - The present invention relates to a method for preventing the theft of a session token comprising the steps of: (a) detecting a submission of a first request from the client's browser to a protected site; (b) redirecting said first request to the traffic processor for monitoring said first request; (c) forwarding said first request from said traffic processor to said protected site; (d) receiving the response containing the session token from said protected site by said traffic processor; (e) storing said session token in the session table; (f) providing a token index for indexing said session token stored in said session table; (g) modifying the content of said response by changing said session token to said token index; and (h) forwarding the modified response from said traffic processor to said browser. | 09-11-2008 |
20080222736 | Scrambling HTML to prevent CSRF attacks and transactional crimeware attacks - The present invention relates to a method for preventing an unauthorized activity including a transaction in a web site comprising the steps of: (a) receiving a response containing at least one HTML page, from said site, by the traffic processor; (b) modifying said response by obfuscating said at least one HTML page of said response; (c) storing de-obfuscation information in a transaction table; (d) forwarding the modified response from said traffic processor to the client's browser; (e) redirecting a request from said browser to the traffic processor, by the redirector; (f) checking said request for an unauthorized command; (g) de-obfuscating said request using the stored information in said transaction table; and (h) forwarding the modified request to said site. | 09-11-2008 |
20090007243 | METHOD FOR RENDERING PASSWORD THEFT INEFFECTIVE - A method for rendering a login theft ineffective includes detecting a submission of a first login request from the user's client to a Web site; redirecting the first login request to the traffic processor for copying at least one of the user supplied login fields; forwarding the first login request from the traffic processor to the site; requesting replacements of at least one of the user supplied login fields from the site; and replacing the at least one of user supplied login fields with at least one new corresponding login field(s) in the site. | 01-01-2009 |
20090064309 | BROWSER PLUG-IN FIREWALL - A browser plug-in firewall manages data exchanged between a browser and a plug-in according to a pre-defined list of rights. | 03-05-2009 |
20090100060 | DEVICE, SYSTEM, AND METHOD OF FILE-UTILIZATION MANAGEMENT - Device, system, and method of file-utilization management. In some embodiments, a method may include receiving the content of a file to be protected and permission information representing one or more allowed users and including one or more content-utilization restrictions corresponding to the allowed users; generating a web-application file including the content in a format presentable by a secure web application capable of managing the utilization of the content according to the content-utilization restrictions; and upon receiving a request from a user of a computing device, presenting the content of the protected file to the user via the secure web application, only if the user is an allowed user of the allowed users, while restricting the utilizing of the presented content according to a content-utilization restriction corresponding to allowed user. Other embodiments are described and claimed. | 04-16-2009 |
20090100529 | DEVICE, SYSTEM, AND METHOD OF FILE-UTILIZATION MANAGEMENT - Device, system, and method of file-utilization management. In some embodiments, a method may include linking between a computing device and at least one electronic mail address by verifying that a user of the linked computing device is authorized to access an electronic mail account represented by the linked electronic mail address; identifying an attempt by the user to access the content of a protected file, wherein the protected file is associated with permission information representing one or more allowed electronic mail addresses and including one or more content-utilization restrictions; and presenting the content of the protected file to the user of the linked device, if the linked electronic mail address is included in the allowed electronic mail addresses, while restricting the utilizing of the presented content according to a content-utilization restriction corresponding to the linked electronic mail address. Other embodiments are described and claimed. | 04-16-2009 |
20090293102 | REMOTE DOM ACCESS - A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead. | 11-26-2009 |
20140114843 | METHOD FOR DETECTING FRAUDULENT MONEY TRANSFER - A method detects fraudulent transaction of money transfer to a mule account, according to which a detection software module is injected into a browser or a website to be protected. The detection module traces the content and the activities performed on a webpage of the website and detects any exceptional activity/condition which may be fraudulent online activity performed by malware and waits until all sensitive data to perform a fraud transaction is entered. Then the detection module stores and/or forwards the details of the mule account that has been used for the fraudulent transaction. | 04-24-2014 |
20140130152 | DEFENSE AGAINST DNS DOS ATTACK - A method for defending a computer system comprising a DNS server against a DoS or a DDoS attack directed at said DNS server comprises replacing the address of said system provided by a user to a client software with an alternative address, wherein said address is replaced by a software agent associated with said user, such that said client software is capable of connecting with said system. | 05-08-2014 |
20140304816 | CLIENT BASED LOCAL MALWARE DETECTION METHOD - A method for detecting malware in a user terminal device that has been infected by malware via a browser running on the user terminal device, according to which upon detecting a predetermined a triggering event on the user terminal, a security application installed on the terminal automatically activates a transparent browser to navigate to one or more predetermined URLs. Then the security application checks the code of an inspected webpage that has been received immediately after it is opened by the transparent browser and rechecks the code after being at least partially processed by the transparent browser. If a change the code is detected, an alert is issued, indicating that the terminal has been infected by malware. | 10-09-2014 |
20140359766 | METHOD AND SYSTEM FOR PREVENTION OF WINDOWLESSSCREEN CAPTURE - A method for preventing the acquisition of data by a screen capturing malware, comprises preventing an unidentified process that does not open a window from performing screen capture. | 12-04-2014 |