Abstract: Methods, systems, and apparatuses for varying soft information are disclosed. In an example embodiment, a security processor receives, from a transaction server, hard information to transmit to a client device related to a transaction with the client device, and soft information related to the display of the hard information on the client device. The security processor determines a variation of the soft information configured to prevent a malicious application from interacting with the hard information and determines the variation of the soft information does not change how the hard information is displayed at the client device compared to how the hard information was to be displayed using the soft information. Responsive to determining the variation of the soft information does not change how the hard information is displayed, the security processor transmits the hard information and the variation of the soft information to the client device.

Abstract: A system receives a request to store data at a first layer of servers in a cluster, configured to authenticate and authorize the request. The system compresses the data upon authenticating and authorizing the request and encrypts the compressed data at the first layer of servers when encryption is enabled. The system sends the request and the encrypted data to a second layer of servers in the cluster, configured to store data structures used to manage data storage in a third layer of servers in the cluster, and to distribute the request and the encrypted data to the third layer of servers using the data structures. The system stores the encrypted data in the third layer of servers. Encrypting the data at the first layer of servers reduces latency associated with transferring the data between the first, second, and third layers of servers.

Abstract: A system for and methods of securing vehicle electronic data is disclosed. For example, a vehicle data protection system for and methods of securing access to a vehicle's event data recorder (EDR) data are provided. In one embodiment, the method comprises scanning a label having a near field communication (NFC) tag using an NFC reader device, and then displaying on the NFC reader one or more vehicle data items associated with a vehicle profile. The vehicle data items may be stored and accessed from a cloud database, and may include any useful vehicle and/or vehicle owner information. The method may further include installing or granting permission for a service provider to install a vehicle connector lockout apparatus onto a diagnostic link connector of a vehicle, and establishing a chain of custody link for EDR data via an NFC tag on the vehicle connector lockout apparatus.

Abstract: A method, system, and computer-usable medium are disclosed for responsive to a connection from a client to a server for establishing communications between the client and the server, store information regarding state of the connection and responsive to receiving a reply from the server to the client, route the reply to the client based on the information regarding the state of the connection.

Abstract: Disclosed embodiments relate to systems and methods for automatically and transparently detecting potential compromises or unauthorized use of endpoint computing devices. Techniques include engaging, at a security server, in an agentless management session with an application running on an endpoint computing device; controlling, at the security server and through the agentless management session, a user-facing session of the application; receiving, at the security server, an indication of anomalous activity or loss of a proximity between at least one of: the one or more personal computing devices associated with the user and the endpoint computing device, or the one or more personal computing devices associated with the user and the user; and implementing a control action in the agentless management session, based on the received indication.

Abstract: A method of generating a digital lottery ticket includes receiving a transaction record associated with a ticket issuance request from a computing device, wherein the transaction record includes transaction data including a player entry and a first public key associated with the player entry, generating a first message including digital ticket information, TKD, relating to the player entry, a source field and a destination field, generating a digital signature of the first message using a private key of an issuer server, transmitting the first message and the digital signature to a transaction certification authority (TCA) server for storage on a publicly viewable transaction ledger maintained by the TCA, receiving from the TCA server a second message including a digital ticket number and a transaction ID associated with the first message and the digital ticket number, and transmitting a third message including the transaction ID and the digital ticket number to the computing device.

Abstract: Two-factor authentication is processed on a transaction terminal before access is provided to a secure resource of the transaction terminal. A first factor authentication is performed to authenticate an identifier and a credential of a user. A unique challenge is sent, in response to a successful first factor authentication, to a secure device interfaced to the transaction terminal. A one-time unique signed response is received from the secure device in response to the unique challenge and a user action that depresses a button on the secure device. The one-time unique signed response is compared against what is expected from the secure device. When the comparison is successful, a user identity for the user is set, a security role is set for the user identity, and the user is granted access to the secure resource with the set security role.

Abstract: The present disclosure is directed to a novel system that uses a dynamic scene changing element to authenticate real-time video data. In particular, the dynamic scene changing element may alter the video data stream collected a video input device according to a sequence or pattern that is unique for a given timeframe. The system may then compare the expected video stream (based on scene changes created from the unique pattern) with the current video stream. If the system detects that the dynamic scene changes are incorrect or missing, the system may determine that the real-time video data is not authentic, and subsequently take remedial measures. In this way, the dynamic scene changing element allows the system to determine whether the real-time streaming video data is reflective of the current or “true” state of the scene as captured by the video input device.

Abstract: The present disclosure discloses a packet cleaning method and apparatus. The method includes: acquiring a packet type and a destination address of a target packet; acquiring, from a configuration file, a first attack type set according to the packet type and a second attack type set according to the destination address, wherein the second attack type set comprises types of attacks that a device corresponding to the destination address receives from within a period of time; generating a cleaning strategy chain corresponding to the target packet according to the first attack type set and the second attack type set; and cleaning the target packet based on the cleaning strategy chain.

Abstract: A system, a method, and a computer program that extend a public Wi-Fi hotspot of an Internet service provider network to a private enterprise network system to transport non-enterprise traffic between the Internet service provider network and a non-enterprise computing device. The system, method, and computer program provide one or more tunnels between access points in the private enterprise network system and the Internet service provider network. The tunnels can be formed between one or more Internet service provider mobility controllers and, via a firewall, a DMZ (demilitarized zone) in the private enterprise network system to facilitate secure communication between the non-enterprise communicating devices and the Internet service provider network.

Abstract: A method for authenticating a mobile device in real-time. The method includes detecting the mobile device, sending a text message containing a unique uniform resource locator (“URL”) to the mobile device, and detecting an access of the unique URL by the mobile device through a first communication path. In response to detecting the access of the unique URL, requesting and subsequently receiving, by the host system in real-time, a phone number and a subscriber identification ID associated with the mobile device through a second communication path distinct from the first communication path, and a device fingerprint of the mobile device through the first communication path. The method further includes initiating a risk analysis based on the phone number, the subscriber ID, and the device fingerprint and determining an authentication status of the mobile device based on the risk analysis.

Abstract: Techniques for provisioning access data may include receiving, by a first application installed on a communication device, user input selecting an account to provision to a second application installed on the communication device. The first application may invoke the second application and send a session identifier (ID) to the second application. The second application may send a user ID associated with the second application, a device ID, and the session ID to the first application. The first application may then generate encrypted provisioning request data and send the encrypted provisioning request data to the second application. The second application may send the encrypted provisioning request data to a remote server computer to request access data that can be used to access a resource. The second application may receive the access data provided by the remote server computer based on validation of the encrypted provisioning request data.

Abstract: A computing system performs real-time mitigations for unfamiliar threat scenarios by identifying a particular threat scenario for a client system that has not previously experienced the threat scenario and for which a remediation process is unknown. The computing system responds to the unknown threat scenario by generating and providing the client system a mitigation file that includes a predictive set of mitigation processes for responding to the threat scenario. The mitigation file is generated by first generating a threat vector that identifies a plurality of different threat scenario characteristics for the particular threat scenario. Then, a classification model is applied to the threat vector to identify a predictive set of mitigation processes that are determined to be a best fit for the threat vector and that are included in the mitigation file.

Abstract: The disclosed embodiments include methods, systems, system terminals, and point-of-sale terminals for authenticating a user. The disclosed embodiments include, for example, a method for receiving, by one or more processors, authentication data from an authentication network, the authentication data including an authentication code identifying an authentication transaction associated with an authenticating partner system. The method may also include validating, by the one or more processors, the authentication data, the validating comprising comparing the authentication data with validation data corresponding to a prior authentication event associated with the user. The method may also include generating, by the one or more processors, validation information based on the validating, the validation information comprising a determination whether to validate the user for the authentication transaction.

Abstract: The subject matter discloses a computerized system for securing data, comprising a first node, comprising a first memory storage configured to store a first share of a cryptographic key and a communication module, a second node, in communication with the first node, comprising a second memory storage configured to store a second share of the cryptographic key, wherein the first share and the second share of the cryptographic key are required to perform a cryptographic operation using a multi-party computation (MPC) process, wherein the second node further comprises a control unit configured to change an operation mode of the second share from enable to disable, wherein the disable operation mode prevents performing the cryptographic operation using the MPC process.

Abstract: A method of managing servers of a distributed computer system by using an intent-based CLI (command line interface) executing by one or more processors of a remote computing device, the servers hosting a virtual cluster comprising one or more virtual machines. The method includes receiving, by a first server of the servers, a connection-request from the intent-based CLI to establish an encrypted connection between the first server and the remote computing device. The method includes authenticating the connection-request and establishing, in response to authenticating the connection-request, a first encrypted communication channel between the first server and the remote computing device. The method includes receiving, via the first encrypted communication channel, an operation-request for a list of intent-based operations supported by the first server.

Abstract: A system for detecting whether a device seeking communication with a server is a returning device that previously communicated with the server includes a database that stores groups of device attributes based on observable device characteristics and unique identifiers. The database is generally not accessible to the devices. Each attribute group and the associated device identifier (DID) can uniquely identify a particular device, and the associated DID is generally not derivable from the attributes. The database may satisfy a uniqueness property so that each attribute value in the database may also uniquely identify a device.

Abstract: An Initialization Unit (IU) initiates an initial secure connection with an Intrinsic Use Control (IUC) Chip based on very large random numbers (VLRNs). The IUC Chip in turn initiates a secondary secure connection between it and one or more Use Controlled Components (UCCs). Polling by the IU allows confirmation of an ongoing secure connection, and also allows the IUC Chip to confirm the secondary secure connection to the UCCs. Removal or improper polling response from one of the UCCs results in a response from the IUC Chip that may include notification of tampering, or temporary or permanent discontinued operation of the offending UCC. Permanent discontinued operation may include destruction of the offending UCC, and cascaded discontinued operation of all other UCCs secured by the IUC Chip. A UCC may in turn be another nested layer of IUC Chips, controlling a corresponding layer of UCCs, ad infinitum.

Abstract: A method for handling change of serving Access and Mobility Managing Function for a user equipment. The method comprises sending of a context request to a source Access and Mobility Managing Function. This sending is performed from a target Access and Mobility Managing Function. In the target Access and Mobility Managing Function, a context is received (S3) in reply from the source Access and Mobility Managing Function. The context comprises a parameter which identifies a Security Anchor Function Access and Mobility Managing Function. The Security Anchor Function Access and Mobility Managing Function keeps a key, which is shared with the user equipment. A method for handling a change of serving Access and Mobility Managing Function in a user equipment is also disclosed as well as Access and Mobility Managing Function and User Equipments therefore.

Abstract: Methods and systems for Predictive Malware Defense (PMD) are described. The systems and methods can utilize advanced machine-learning (ML) techniques to generate malware defenses preemptively. Embodiments of PMD can utilize models, which are trained on features extracted from malware families, to predict possible courses of malware evolution. PMD captures these predicted future evolutions in signatures of as yet unseen malware variants to function as a malware vaccine. These signatures of predicted future malware “evolutions” can be added to the training set of a machine-learning (ML) based malware detection and/or mitigation system so that it can detect these new variants as they arrive.