Patent application number | Description | Published |
20090064309 | BROWSER PLUG-IN FIREWALL - A browser plug-in firewall manages data exchanged between a browser and a plug-in according to a pre-defined list of rights. | 03-05-2009 |
20090138538 | System and Method for Detecting a Proxy Between a Client and a Server - A method and system for determining whether a proxy is present in a communication link between a client and a server, and if so, certain characteristics of the proxy. | 05-28-2009 |
20090293102 | REMOTE DOM ACCESS - A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead. | 11-26-2009 |
20100169969 | FUNCTIONAL PATCHING/HOOKING DETECTION AND PREVENTION - A method for preventing malicious attacks on software, using the patching method, includes providing a database of legitimate and known patches, the database contains characteristic code paths of said legitimate patches. The method also includes detecting whether a patch is malicious by inspecting one or more characteristic paths of the patch and matching one or more code paths against the database of legitimate and known patches. An activity needed to prevent the malicious patch from performing undesired activities is then performed. | 07-01-2010 |
20110239300 | WEB BASED REMOTE MALWARE DETECTION - A method for detecting HTML-modifying malware present in a computer includes providing a server which serves a web page (HTML) to a browser. A determination is made whether a modified string exists in the page received by said browser and if a modifying element is found, determining the malware is present in the computer. | 09-29-2011 |
20120030762 | FUNCTIONAL PATCHING/HOOKING DETECTION AND PREVENTION - A method for preventing malicious attacks on software, using the patching method, includes providing a database of malicious known patches (malware). The database contains characteristic signatures of the malware. The method also includes detecting whether a patch is malicious by comparing it with a signature in the database and performing one or more activities needed to prevent the malicious patch from performing undesired activities. | 02-02-2012 |
20130198842 | METHOD FOR DETECTING A MALWARE - System and method for determining, by a security application, whether an examined software code is a malware, according to which the system detects whenever the examined process code performs system calls and further detects a call site. Pieces of code in the surrounding area of the site and/or in branches related to the site are analyzed and the properties of the analyzed pieces of code are compared with a predefined software code patterns, for determining whether the examined process code corresponds to one of the predefined software code patterns. Then the examined process code is classified according to the comparison results. | 08-01-2013 |
20130239214 | METHOD FOR DETECTING AND REMOVING MALWARE - A method for detecting and removing a suspicious software code in a computer system, according to which the installation process of the suspicious software code is monitored by a client agent residing within the computer system where predetermined operations of the suspicious software code are identified and registered during the installation process. The predetermined operations are compared with a known software code in order to define whether the software code is similar to the known software code. It is then determined if the suspicious software code is malware and if it is, the client agent is instructed to uninstall the suspicious software code from the OS, or to remove its entry from the boot registry. | 09-12-2013 |
20130263264 | DETECTION OF PHISHING ATTEMPTS - A method for alerting a service provider and/or a user of a web browser of a phishing attempt comprises providing on a page that it is desired to protect against phishing, a Javascript that when caused by a phishing page to run not in the context of the original page generates an indication that a phishing attempt may exist. | 10-03-2013 |
20140053267 | METHOD FOR IDENTIFYING MALICIOUS EXECUTABLES - In a computer system, a method detects a suspected malware behavior. Activities on a computer system conducted within a given time frame are monitored during the installation of a suspected file. The monitored activities are recorded and the monitored/recorded activities are compared with patterns of malware behavior, stored in a database. Upon detecting a suspicious program, the recorded monitored activities are provided for further analysis to be performed by appropriate software removal tools. | 02-20-2014 |
20140114843 | METHOD FOR DETECTING FRAUDULENT MONEY TRANSFER - A method detects fraudulent transaction of money transfer to a mule account, according to which a detection software module is injected into a browser or a website to be protected. The detection module traces the content and the activities performed on a webpage of the website and detects any exceptional activity/condition which may be fraudulent online activity performed by malware and waits until all sensitive data to perform a fraud transaction is entered. Then the detection module stores and/or forwards the details of the mule account that has been used for the fraudulent transaction. | 04-24-2014 |
20140289851 | Malware Discovery Method and System - A process for identifying potentially harmful malware, comprises the steps of: a) identifying an executable that is about to run; b) providing a monitoring agent that monitors all threads that are descendent of a thread initiated by the process of said executable; and c) configuring said monitoring agent to conclude that a high probability of malware presence exists, if one of said descendent threads reaches a target process in which suspicious patches are created. | 09-25-2014 |
20140304816 | CLIENT BASED LOCAL MALWARE DETECTION METHOD - A method for detecting malware in a user terminal device that has been infected by malware via a browser running on the user terminal device, according to which upon detecting a predetermined a triggering event on the user terminal, a security application installed on the terminal automatically activates a transparent browser to navigate to one or more predetermined URLs. Then the security application checks the code of an inspected webpage that has been received immediately after it is opened by the transparent browser and rechecks the code after being at least partially processed by the transparent browser. If a change the code is detected, an alert is issued, indicating that the terminal has been infected by malware. | 10-09-2014 |
20140359766 | METHOD AND SYSTEM FOR PREVENTION OF WINDOWLESSSCREEN CAPTURE - A method for preventing the acquisition of data by a screen capturing malware, comprises preventing an unidentified process that does not open a window from performing screen capture. | 12-04-2014 |