-
公开(公告)号:US20180357416A1
公开(公告)日:2018-12-13
申请号:US15616984
申请日:2017-06-08
Applicant: Cisco Technology, Inc.
Inventor: Oded ASHKENAZI , Moshe Kravchik , Arie Haenel , Benyamin Hirschberg
Abstract: In one embodiment, a method for protecting a file is implemented on a computing device and includes: intercepting a file-access request from an application-process for the file; searching a whitelist for a whitelist entry associated with the application-process and a file-type for the file, where the whitelist entry indicates that the application-process is allowed to access files of the file-type, and upon determining according to the searching that the application-process is allowed to perform the file-access request, allowing the application-process to access the file according to the file-access request.
-
公开(公告)号:US10540509B2
公开(公告)日:2020-01-21
申请号:US15616984
申请日:2017-06-08
Applicant: Cisco Technology, Inc.
Inventor: Oded Ashkenazi , Moshe Kravchik , Arie Haenel , Benyamin Hirschberg
Abstract: In one embodiment, a method for protecting a file is implemented on a computing device and includes: intercepting a file-access request from an application-process for the file; searching a whitelist for a whitelist entry associated with the application-process and a file-type for the file, where the whitelist entry indicates that the application-process is allowed to access files of the file-type, and upon determining according to the searching that the application-process is allowed to perform the file-access request, allowing the application-process to access the file according to the file-access request.
-
公开(公告)号:US10387648B2
公开(公告)日:2019-08-20
申请号:US15334311
申请日:2016-10-26
Applicant: Cisco Technology, Inc.
Inventor: Benyamin Hirschberg , Moshe Kravchik , Arie Haenel , Hillel Solow
IPC: G06F21/56
Abstract: In one embodiment, a system includes a central processing unit (CPU) to identify a ransomware process which encrypted a plurality of files yielding a plurality of encrypted files, in response to identifying the ransomware process, dump a memory space and a state of the CPU yielding a memory dump, and search the memory dump for a plurality of candidate encryption keys, and a decryption engine to attempt to decrypt at least one encrypted file of the plurality of encrypted files with different candidate encryption keys of the plurality of candidate encryption keys until the at least one encrypted file is successfully decrypted with one candidate encryption key of the different candidate encryption keys, and decrypt the plurality of encrypted files using the one candidate encryption key. Related apparatus and methods are also described.
-
公开(公告)号:US10356073B2
公开(公告)日:2019-07-16
申请号:US15249493
申请日:2016-08-29
Applicant: Cisco Technology, Inc.
Inventor: Gil Gonen , Ronen Haber , Arie Haenel
Abstract: In one embodiment, a system including a processor to run a web browser application and a CAPTCHA challenge application, wherein the web browser application is operative when run to retrieve and present a web page of a website, obtain a request from the website requesting performance of a CAPTCHA challenge process, and request the CAPTCHA challenge application to perform the CAPTCHA challenge process, the CAPTCHA challenge application is operative when run to request a CAPTCHA challenge test from an authentication server, obtain the CAPTCHA challenge test, render a CAPTCHA window including the CAPTCHA challenge test, obtain a user response to the CAPTCHA challenge test, send a value based on the user response to the authentication server, and obtain a response from the authentication server authenticating the user response, and the CAPTCHA challenge application and the web browser application are run as different processes by the processor.
-
-
-
Search Results
4
records
(took 0.013 seconds)
