Abstract: A computer-implemented method according to one embodiment includes receiving a request to perform a security policy implementation analysis for a first deployment associated with a first client in an IT environment. IT information associated with the first deployment is collected. The method further includes applying trained machine learning models to analyze the IT information of the first client to compute a security policy for the first deployment. The security policy is computed based on a calculated uncertainty of effects that applying the security policy to the first deployment is capable of causing, and a predicted amount of resources of the first deployment that applying the security policy to the first deployment would consume. An indication of the security policy is output for display in a dashboard on a display of a user device of the first client.

Abstract: A method for protecting a disaster recovery site, the method may include receiving by source compute nodes of a storage system, during source storage periods, write requests for storing content in the storage system; writing by source compute nodes, during the source storage periods, the content into the storage nodes of the storage system; maintaining replication compute nodes of the storage system deactivated during the source storage periods; reading the content by the replication compute nodes from the storage nodes during replication periods; participating, by the replication compute nodes, in outputting the content to one or more data recovery sites during the replication periods; and maintaining the source compute nodes deactivated during the source storage periods.

Abstract: Systems, methods, and processing devices for aiding with cyber intrusion investigations that includes capabilities for extracting data from a specified range of a volatile memory of a target processing device, reconstructing data structures and artifacts from the extracted data; and generating and presenting a visualization of the reconstructed data structures and the reconstructed artifacts.

Abstract: Implementations describe providing secure encryption key management in trust domains. In one implementation, a processing device includes a key ownership table (KOT) that is protected against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM or other TDs, the TDRM is to reference the KOT to obtain at least one unassigned host key identifier (HKID) utilized to encrypt a TD memory, the TDRM is to assign the HKID to the TD by marking the HKID in the KOT as assigned, and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID.

Abstract: Aspects of the subject disclosure may include, for example, receiving, from a computing device, a validation request for validating an individual associated with a mobile device equipped with an authentication app communicatively coupled with an authentication system, obtaining request data from a user validation system, enabling, using the request data, the computing device to communicate with the user validation system to facilitate the validation, wherein the validation involves the user validation system triggering the authentication system to provide access information to the computing device, the authentication system authenticating the individual/mobile device, the authentication system providing, to the user validation system, identification information of the individual based on the authenticating, and the user validation system determining a validation result based on data relating to the identification information.

Abstract: A connection management apparatus of a relay system specifies, when terminal identification information for identifying a target terminal is acquired from a client terminal, a first relay apparatus that relays communication, and specifies connecting information for the client terminal to connect to the first relay apparatus. The connection management apparatus stores the specified connecting information and the terminal identification information in a storage in association with each other, and notifies the client terminal of the specified connecting information. When the specified first relay apparatus receives access based on the connecting information from the client terminal, the specified first relay apparatus relays the communication between the client terminal and the target terminal on the basis of the terminal identification information associated with the connecting information.

Abstract: A method includes generating, by a computing device, SSID aliases; propagating, by the computing device, the SSID aliases to access points; receiving, by the computing device, data from an access point, the data including a selected SSID alias and a media access control (MAC) address of a user device; creating, by the computing device, a record containing the selected SSID alias and the MAC address of the user device; propagating, by the computing device, the selected SSID alias to remaining access points; and sending, by the computing device, a message to the access points to delete the selected SSID alias after a time period.

Abstract: A vehicle communication system, including plural control devices configured to carry out communication with one another, wherein a transmitting device and a receiving device each include a memory and a processor. The processor at the transmitting device generates first authentication information based on a message and the encryption key, and in a case in which there is an abnormality at the encryption key, transmits the predetermined authentication information and the message to the receiving device. The processor at the receiving device generates second authentication information based on the encryption key and the received message, collates the first authentication information and the second authentication information, and authenticates the message, and in a case in which, after starting-up of the receiving device, authentication has not succeeded even once, and the received first authentication information and the predetermined authentication information match, accepts the received message.

Abstract: Methods and systems for anonymizing an identity of a caller using a voice print match. One system includes a surveillance system including a camera and a microphone; and a dispatch computer. The dispatch computer is configured to receive a voice call from the caller, generate a voice print from the voice call, compare the voice print to a plurality of stored voice prints, and, in response to the voice print not matching any of the plurality of stored voice prints, transmit the voice print to the surveillance system. The surveillance system is configured to receive the voice print, capture audio data via the microphone, compare the audio data to the voice print, and, in response to identifying a match between the voice print and the audio data, tag image data, captured via the camera, corresponding to the audio data for redaction.

Abstract: In accordance with one embodiment, a method of modifying data in a telecommunication system can be implemented by receiving a communication comprising voice data and non-voice data at a first processor; sending the non-voice data from the first processor to a second processor; sending the voice data from the first processor to a third processor; receiving a sensitive-data-alert-message at the second processor from a fourth processor; and, in response to the sensitive-data-alert-message from the fourth processor, producing a set of modified-non-voice data at the second processor by removing a set of sensitive data contained within the non-voice data.

Abstract: Wireless communication device and methods for operating the same. One wireless communication device includes an electronic processor configured to operate the wireless communication device in a first security mode of a plurality of available security modes.

Abstract: This disclosure is directed to a generalizable machine learning model production environment and system with a defense mechanism that facilitates safe execution of machine learning models in production by effectively detecting potential known and new adversarial attacks. The disclosed exemplary systems and architectures gather data from the online execution of the machine learning models and communicate with an on-demand pipelines for further inspection and/or correction of vulnerabilities in the production machine learning model to the detected attacks. These systems and architectures provide an automatable process for continuous monitoring of model performance and correction of the production machine learning model to guard against current and future adversarial attacks.

Abstract: Techniques for Cobalt Strike Beacon HTTP C2 heuristic detection are disclosed. In some embodiments, a system/process/computer program product for Cobalt Strike Beacon HTTP C2 heuristic detection includes monitoring HyperText Transfer Protocol (HTTP) network traffic at a firewall; prefiltering the monitored HTTP network traffic at the firewall to select a subset of the HTTP network traffic to forward to a cloud security service; determining whether the subset of the HTTP network traffic is associated with Cobalt Strike Beacon HTTP C2 traffic activity based on a plurality of heuristics; and performing an action in response to detecting the Cobalt Strike Beacon HTTP C2 traffic activity.

Abstract: Apparatuses and methods for determining if a computer program is malware and to which malware class it belongs to. In the method, the behaviour of a computer program is traced by observing the activity of the program. Behaviour sequences comprising API-calls or similar activity of a computer program are then provided into a classifier for classifying the computer program. From the outcome of the classifier, a classification result and the portions relevant to decision can be provided to a person for further confirmation.

Abstract: A network repository function, NRF, in a core network domain of a mobile communication network is provided, wherein the NRF is configured to register network function, NF, profiles for NF discovery, and wherein NF certificates have been issued to the NFs, each NF certificate including a public key of the respective NF and at least one signature of at least one certification authority, CA. The NRF is configured to receive, from a registering NF having an NF certificate, profile information comprising an NF identity of the registering NF, an NF type of the registering NF, and at least one CA certificate of at least one CA that signed the NF certificate issued to the registering NF. The NRF is further configured to store the received profile information in a repository.

Abstract: A method of distributing a amount of issuance of digital content includes: determining the amount of issuance corresponding to a certificate of right to use digital content; generating blocks corresponding to the amount of issuance in accordance with the certificate of right to use the digital content and adding the blocks to a block chain system; generating an authentication certificate including a key value of the generated blocks in connection with the certificate of right to use the digital content; receiving a purchase request for the certificate of right to use of the digital content from a first user terminal; transmitting the digital content to the first user terminal such that the digital content is stored in a content folder of the first user terminal; transmitting a first authentication certificate corresponding to a remaining amount among the amount of issuance to the first user terminal, and storing the first authentication certificate in connection with the certificate of right to use the digita

Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.

Abstract: A method for updating a software component. The method includes providing a first electronic device and a second electronic device that are connected in a first network, receiving update information for the second electronic device via the first electronic device, the update information being provided with a signature that is generated with the aid of a post-quantum algorithm (PQA) signature, checking the update information by validating the signature by the first electronic device, relaying the update information to the second electronic device if the update information is deemed to be valid, and updating a software component of the second electronic device using the update information.

Abstract: This disclosure relates to improved systems and methods for providing and using wearable electronic accessories. A wearable electronic necklace accessory can include a support structure that permits the wearable electronic accessory to be worn in a user's neck region. The wearable electronic necklace accessory can include an electronic pendant coupled to the support structure, the electronic pendant can comprise a housing that includes a first wall, a second wall, and one or more side walls configured to couple the first wall to the second wall. The wearable electronic necklace accessory can include a display device and an audio device positioned within the pendant housing and configured to output electronic media and audio content. Other embodiments are disclosed.

Abstract: A server system to onboard an endpoint having a host system connected to a host interface of a memory device for a cloud service without prior customization of the endpoint to identify an account for accessing the cloud service. For example, after receiving a request associated with the service and containing identity data generated by the memory device, the server system determines authenticity of the memory device and the endpoint based on a secret of the memory device and the identity data. In response to the request, the server system further identifies, based on the identity data, a subscriber among a plurality of subscribers based on ownership data of the endpoint. As a result of the identifying of the subscriber based on the identity data, the server system determines an account of the subscriber to provide the service to the endpoint based on the account.