Methods and apparatus are described for automatically modifying web page source code to address a variety of security vulnerabilities such as, for example, vulnerabilities that are exploited by mixed content attacks.

On an endpoint that encrypts local files to protect against data leakage and other harmful malware events, newly detected files are dynamically encrypted when they are detected as long as the endpoint is not compromised. If a compromised state is detected, the newly detected file will not be added to the encrypted files until the endpoint can be remediated and the compromised state resolved.

There is provided an apparatus that includes input circuitry to receive input data and output circuitry to output a sequence of instructions to be executed by data processing circuitry. Generation circuitry performs a generation process to generate the sequence of instructions using the input data. The sequence of instructions comprises an indirect control flow instruction having a field that indicates where a target of the indirect control flow instruction is stored. The generation process causes at least one of the instructions in the sequence of instructions to store a state of control flow speculation after execution of the indirect control flow instruction. The at least one of the instructions in the sequence of instructions that stores the state of control flow speculation is inhibited from being subject to data value speculation by the data processing circuitry.

Methods, computer program products, computer systems, and the like, which provide security in cloud-based services using lightweight replicas, are disclosed. The methods, computer program products, computer systems, and the like include detecting an intrusion into an application server, dynamically provisioning a replica application server in a server system in response to the detecting the intrusion, and transitioning a datastream from the application server to the replica application server, where the application server is provisioned in the server system, the intrusion is an attack on the application server, and the attack is conducted via a datastream between a first computing system and the application server. The replica application server is a replica of at least a portion of the application server.

Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.

A cryptographic method includes providing memory locations for storing encrypted data. The memory locations have respective addresses and are accessible via a communication bus. The method includes receiving over the communication bus access requests to the memory locations, wherein the access requests include burst requests for access to respective sets of the memory locations starting from respective start addresses, and calculating as a function of the start addresses encryption/decryption cryptographic masks based on cryptographic keys. Plain text data is received for encryption and the method includes applying the cryptographic masks to the plain text data to obtain therefrom encrypted data, and including the encrypted data into output data for transmission over the communication bus.

A system and method of efficiently inspecting content is provided. Embodiments of the invention may inspect files accessed by an application prior to an activation of the application. Selective inspection of files accessed by an application may be based on a previous inspection. Inspection of files accessed by an application may be postponed or performed concurrently with the access. A prioritized queue may include references to files, a priority may be related to a risk level and an inspection order may be according to a risk level.

An operation device includes a screen display section that displays a login screen on a touch panel, a key position changing section, a key information reception section, and a key information determination section. The key position changing section changes positions of a plurality of keys that are displayed on the login screen such that the keys are displayed for a current login process at positions that are different from previous positions at which the keys were displayed for a previous login process. The key information reception section generates input information representing a key pressed on the login screen. The key information determination section allows login of a user when a combination of pieces of input information corresponding to a plurality of key presses performed by the user matches registration information and does not allow login of the user when the combination does not match registration information.

An enhanced information assurance system may comprise an improved computer including a central processing unit (CPU) emulator configured to extend the available machine instruction set. The CPU emulator may be configured to emulate machine language instructions taken from a nonnative set of secure opcodes. The CPU emulator may ensure that instructions and data in random access memory (RAM) remain encrypted at all times when in RAM, for example by storing the instructions and data in CPU registers when decrypted on an as-needed basis.

Data Privacy Manager (DPM) solution includes a number of different components performing data security procedures (encryption, masking, tokenization, Anonymization, etc.) at the folder, file, email, application, database and column levels. These include components such as Key Manager, File Manager, File Agent, Email Agent, Database Manager, Database Connector, the Token Manager, Security Risk Controller and Fraud Predictor. All these components can be managed through a management console.