Abstract: Systems and methods for identifying and remediating malware-compromised mobile devices are disclosed. A computer-implemented method includes accessing, by a computing device, malware risk data; determining, by the computing device, a mobile device is at risk from malware based on the malware risk data; identifying, by the computing device, a set of connections of a user of the mobile device, wherein each connection in the set of connections is associated with a user computer device; identifying, by the computing device, at least one user computer device from the set of connections at risk from the malware; and outputting, by the computer device, a malware notification for the mobile device at risk and at least one user computer device at risk.

Abstract: An application on a mobile device may include a barcode decoder. The application may be configured to download a configuration file. The configuration file may include an enterprise identifier that is uniquely associated with an enterprise. The application may additionally be configured to obtain a license key for the barcode decoder. The license key may be based on the enterprise identifier. The application may additionally be configured to transition the barcode decoder from an inactive state to an active state conditional upon verifying that the license key is based on the enterprise identifier.

Abstract: Systems and methods for determining priority levels to process vulnerabilities associated with a networked computer system can include a data collection engine receiving a plurality of specification profiles, each defining one or more specification variables of the networked computer system or a respective asset. The data collection engine can receive, from a vulnerability scanner, vulnerability data indicative of a vulnerability associated with the networked computer system. A profiling engine can interrogate a computing device of the networked computer system, and receive one or more respective profiling parameters from that computing device. A ranking engine can compute a priority ranking value of the computing device based on the profile specification variables, the vulnerability data and the profiling parameters.

Abstract: According to one embodiment, a control system includes a first electronic device and a second electronic device connectable to the first electronic device via an audio cable. The first electronic device generates first sound data encoded with status information indicative of a state of the first electronic device, and transmits the first sound data to the second electronic device via the audio cable. The second electronic device receives the first sound data from the first electronic device via the audio cable, acquires the status information by decoding the first sound data, and displays the status information on a screen of the second electronic device.

Abstract: Systems, methods, and devices for generating a secure join of database data are disclosed. A method includes determining data stored in a first account to be compared with data stored in a second account. The method includes determining a function for generating a secure join key, wherein the secure join key includes a hashed string that hashes one or more of a data entry of the first account and a data entry of the second account. The method includes providing the secure join key to the first account and/or the second account.

Abstract: Disclosed is a physical unclonable function generator circuit and method. In one embodiment, a physical unclonable function (PUF) generator comprising: a plurality of PUF cells, wherein each of the plurality of PUF cells comprises a first MOS transistor and a second MOS transistor, wherein terminal S of the first MOS transistor is connected to terminal D of the second MOS transistor at a dynamic node, terminal D of the first MOS transistor is coupled to a first bus and terminal G of the first NMOS transistor is coupled to a second bus, and terminals S and G of the second NMOS transistor are coupled to ground; a plurality of dynamic flip-flop (DFF) circuits wherein each of the plurality of DFF circuits is coupled to each of the plurality of PUF cells respectively; a population count circuit coupled to the plurality of DFF circuits; and an evaluation logic circuit having an input coupled to the population count circuit and an output coupled to the plurality of DFF circuits.

Abstract: A method of sharing encrypted data includes, by an electronic device, receiving a password from a user to perform an action, receiving a salt value, generating a user key using the password and salt value, receiving an encrypted key location identifier value, decrypting the encrypted key location identifier value to obtain a key location identifier, receiving an encrypted read token value, decrypting the encrypted read token value using the user key to obtain a read token value, and transmitting the read token value and the key location identifier to a server electronic device.

Abstract: Techniques provided herein relate to registering secondary authentication information with a blockchain. A block chain is stored, having primary authentication information, secondary authentication information, or both that is used in authenticating one or more electronic data action requests provided by a client system to a backend system. The client system, a secondary device, or both registers the secondary device with blockchain node, such that secondary device data is stored as the primary authentication information, the secondary authentication information, or both in the blockchain node.

Abstract: A system and method for media content management may comprise creating, via a digital vault, a container file comprising media content submitted by a first user and content metadata; verifying, via the digital vault, a completeness of the content metadata associated with the media content in the container file; classifying, via the digital vault, the container file based on the completeness of the media content; and capturing, via the digital vault, event metadata when a second user gains access to the container file, the event metadata comprising identification of the second user, an activation timestamp, a duration of access, portions of the container file accessed, and changes to the container file.

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.

Abstract: Embodiments are provided herein for maximizing resource utilization in a disaggregated computing system. A general purpose link is established between a first sub-plurality of computing elements and a second sub-plurality of computing elements. The first sub-plurality belongs to a first plurality of computing components of a first type and the second sub-plurality belongs to a second plurality of computing components of a second type in the disaggregated computing system. A determination is made that the first and second sub-pluralities of computing elements are assigned to a first tenant having first data communications. The general purpose link is secured to the first tenant while allowing second data communications of a second tenant to pass through the general purpose link concurrent with the first data communications of the first tenant.

Abstract: A method and system for Digital Right Management (DRM) enforcement on a client device is provided. The method includes: determining client requested digital content; retrieving DRM data associated with the requested digital content; bundling the associated DRM with the requested digital content; transmitting the bundled DRM and digital content to the client device; and enforcing the DRM on the client device. The system includes: a client device configured to issue a request for digital content; a content review module configured to retrieve DRM data associated with the requested digital content; a bundler module configured to bundle the associated DRM with the requested digital content; a connection module configured to transmit the bundled DRM and digital content to the client device; and an enforcement module configured to enforce the DRM on the client device.

Abstract: Disclosed embodiments provide a tool and methodologies for increasing security, and ease-of-access for a computer to connect privately to a specific network and or series of network-based services via a network access point without additional setup or configuration operations required of a user of the computer. In accordance with at least some disclosed embodiments, a mechanism and methodologies are provided for adaptive and dynamic provisioning of network devices for private access to network-based services for computers in a real-world environment.

Abstract: In some embodiments, techniques for computer security comprise receiving a message, receiving a user-originated request for an action, wherein the action is associated with the message, determining whether the message is trustworthy, and impairing performance of the action, if it is determined that the message is not trustworthy. In some embodiments, techniques for computer security comprise receiving a message, determining whether the message is trustworthy, rendering the message, if it is determined that the message is trustworthy, and rendering a restricted version of the message, if it is determined that the message is not trustworthy.

Abstract: A blockchain of transactions may be referenced for various purposes and may be later accessed by interested parties for ledger verification and information retrieval. One example method of operation may include identifying one or more analytic processes to process blockchain data, determining a primary type of data analytic to be performed by the one or more analytic processes, selecting a type of data store to use for performing the one or more data analytic processes based on the primary type of data analytic, accessing the blockchain data, applying the one or more analytic processes, and storing results of the applied analytic processes in a database, file or dashboard. The analytic data may be realized in any manner or preference requested.

Abstract: The method allows a sender to safeguard its identification in messages sent to a recipient. Even when using promiscuous channels for transmitting the message, only the recipient is able to disclose the sender's identity. The method uses symmetrical cryptography of low computational requirements, without depending on a single shared key among the users so that the sender cannot disclose the identity of the others. The method gradually safeguards the sender's identification, by using successive symmetric cryptographic operations and keys of a binary tree structure built for this purpose in the recipient which applies the steps in a reverse way to that of the sender's protection, to disclose its identification. It is also possible to encrypt the message body.

Abstract: Systems and methods are described by which a serving module of a campaign controller identifies a first version of a model which the campaign controller uses to communicate a first simulated phishing communication to a plurality of users. The campaign controller receives a first response from a first user to the simulated phishing communication and a second response from a second user to the simulated phishing communication and determines that the first and second responses are corresponding, for example are the same or similar. The serving module assigns a first user to a first group of users and a second user to a second group of users and identifies a second version of the model to use for the first user and a third version of the model to use for the second user.

Abstract: A method for conducting an operation including (a) lifting coefficients of a data structure from a representation modulo q to a representation modulo q?, wherein the data structure comprises values which are reduced modulo q, wherein q and are integers; (b) randomizing the coefficients in modulo q?, wherein for each coefficient a random value is multiplied with the value of q and the result of this multiplication is added to the coefficient; (c) conducting an operation on the lifted and randomized coefficients; and (d) reducing the lifted and randomized coefficients by conducting an operation modulo q.

Abstract: Provided is a management system including vehicles and authentication servers. A vehicle includes a communication circuit, multiple electronic control units connected to an in-vehicle network, a detection circuit, and a transaction data generating circuit. The detection circuit detects a replacement of one or more electronic control units. The transaction data generating circuit generates transaction data including an identifier that uniquely identifies each of the replaced electronic control units. An authentication server includes a communication circuit, and a verifying circuit that verifies validity of the transaction data obtained by the vehicle. The authentication server also includes a recording circuit that, upon verifying that the first transaction data is valid by the verifying unit, records the transaction data in a recording device.

Abstract: Many customers have difficulty setting up a new extender device in the customer premises environment to improve their multimedia service. Some embodiments include configuring an extender device based on existing WiFi network credentials to minimize errors. Some embodiments include an application for mobile devices that may enable the transfer of network credentials from existing multimedia devices on the WiFi network to configure a new extender device in real time. For example, the configuration may be based on a customer account, a corresponding environment, and corresponding multimedia devices associated with the customer account. The extender device may be configured with the network credentials (e.g., a WiFi service set identifier (SSID) and password) that is common to the corresponding multimedia devices associated with the customer account.