Abstract: A method begins by storage units of a dispersed storage network (DSN) receiving data access requests regarding data that is dispersed storage error encoded to produce a set of encoded data slices. The method continues by some of the storage units determining whether at least some of the data access requests are verifiable update requests. When some of the data access requests are the verifiable update requests, the method continues by determining whether the data access requests are addressing data stored, or to be stored, within a verifiable update region affiliated within the some of the storage units. When within the verifiable update region, the method continues by generating and transmitting request verification information to other storage units of the some of the storage units. The method continues by executing the data access requests when a desired level of consistency of the request verification information is determined.

Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.

Abstract: Approaches presented herein enable evaluating a multimedia item to be posted to a website (e.g., social networking site, forum, blog, etc.) to determine whether a censoring action needs to be performed on the multimedia item prior to posting the multimedia item. Specifically, in response to a request to post a multimedia item to a website, the multimedia item is analyzed to determine a context of the multimedia item. The context may be derived from specific elements depicted in the multimedia item. Also, an entity (e.g., a person, logo, trademark, brand) may be identified. The preferences related to the entity are retrieved. The context is compared against the preferences of the entity to determine whether a variance exists. When a variance is determined, a censoring action related to the multimedia item may be performed prior to posting the multimedia item.

Abstract: Methods for identifying and obtaining a suitable application for interacting with a selected content item by providing secure access to a limited portion of information on the selected content item are provided. In one aspect, a method includes receiving a selection from a user in an initial application running on a device to interact with a content item accessible by the initial application, and generating a hash value from the limited portion of information on the content item. The method further includes requesting a copy of the at least one suitable application when the comparison of the hash value for the content item with the hash value for the suitable application match, executing the suitable application on the device, and providing the limited portion of information on the content item to the suitable application for interaction by the user. Systems and machine-readable media are also provided.

Abstract: A method, system, and computer program product encrypt data. A processor(s) obtains plaintext (plaintext data) and randomly generates multiple seed keys and obtains a user-defined password. The processor(s) randomly generates encryption parameters (pattern indicators, end pointers, pattern indicator pointers, and component sizes) and encrypts the plaintext by converting the plaintext data to shuffle-transform encrypted text and generating, from the shuffle-transform encrypted text and based on the encryption parameters, a plurality of encrypted blocks. The processor(s) implements a dynamic mathematical offset, to a portion of mathematical functions underlying the encryption parameters. The processor(s) generates an encrypted chunk for each encrypted block of the plurality of encrypted blocks, wherein the encrypted chunk for each encrypted block contains a portion of the shuffle-transform encrypted text.

Abstract: A method and system for providing information management of data from hosted services receives information management policies for a hosted account of a hosted service, requests data associated with the hosted account from the hosted service, receives data associated with the hosted account from the hosted service, and provides a preview version of the received data to a computing device. In some examples, the system indexes the received data to associate the received data with a user of an information management system, and/or provides index information related to the received data to the computing device.

Abstract: An automated method for processing security events in association with a cybersecurity knowledge graph. The method begins upon receipt of information from a security system representing an offense. An initial offense context graph is built based in part on context data about the offense. The graph also activity nodes connected to a root node; at least one activity node includes an observable. The root node and its one or more activity nodes represent a context for the offense. The knowledge graph, and potentially other data sources, are then explored to further refine the initial graph to generate a refined graph that is then provided to an analyst for further review and analysis. Knowledge graph exploration involves locating the observables and their connections in the knowledge graph, determining that they are associated with known malicious entities, and then building subgraphs that are then merged into the initial graph.

Abstract: Disclosed is a file security method for reinforcing file security, which includes: by a first communication device, detecting an access to a file stored in a virtual drive; by the first communication device, requesting a decryption key of the file to a second communication device and receiving the decryption key; and by the first communication device, decrypting the access-detected file by using the decryption key.

Abstract: A method for message management is disclosed. The method includes: deriving, by a first subscriber node (SN), a secret value associated with a publisher node (PN); generating, by the first SN, a first expected sequence number using a one-way function and the secret value; receiving, by the first SN, a first publisher message generated by the PN and including a first sequence number; validating, by the first SN, the first publisher message by comparing the first sequence number with the first expected sequence number; processing, by the first SN, a payload of the first publisher message in response to the first sequence number and the first expected sequence number matching; and generating, by the first SN node, a second expected sequence number using the one-way function, the first sequence number, and the secret value.

Abstract: A method, a system, and computer readable medium comprising instructions for message delivery security validation are provided. At least one authentication setting from an end user is received at a data collection system. A validation key is generated based on the at least one authentication setting. A message and the validation key are sent to a device of a recipient. The device of the recipient are automatically authenticated using the validation key. The message is delivered to the device of the recipient upon authentication.

Abstract: A method may include identifying a candidate user based on a connection to an established user of a business management application (BMA). The candidate user may have an associated user identifier. The method may further include collecting, using the user identifier, social network data of the candidate user from an online social network, identifying, using the social network data of the candidate user, application programming interfaces (APIs) for collecting public data about the candidate user, retrieving, using the user identifier and an API, public data corresponding to the candidate user, generating, using the public data corresponding to the candidate user, an account creation request including the user identifier, and transmitting the account creation request to the BMA.

Abstract: One aspect of the present invention discloses a client device for content security. The device includes: an application execution unit configured to control content in response to a content control command requested in a user level; a DRM agent configured to communicate with a DRM server and the application execution unit in the user level, to detect the content control command, to receive an encryption/decryption key and security policy for content from the DRM server, to provide the received encryption/decryption key and security policy to a client kernel module, and to transmit an encryption/decryption request; and the client kernel module configured to receive the encryption/decryption key and the security policy, to store the encryption/decryption key and security policy in a secure box of a kernel level, and to perform encryption or decryption on the content based on the encryption/decryption key and security policy in response to the encryption/decryption request.

Abstract: In a system for configuring a web application firewall, one or more parameters of the firewall are adjusted such that a test configured for exposing a vulnerability of an application protected by the application firewall is blocked by the firewall and another test configured to invoke functionality of the application but that does not expose or exploit any security vulnerability is not blocked by the firewall. A notification is provided to a user if such a firewall configuration is not found after a specified number of attempts.

Abstract: A computer-implemented method includes executing one or more tests on a computing device. The computing device has Instruction Execution Protection (IEP), and each test of the one or more tests includes selectively setting one or more IEP bits of one or more page tables, where each IEP bit prevents code in a respective storage block from being executed. During the one or more tests, an IEP exception is detected, by a computer processor, each time an attempt is made to execute code in a storage block for which a respective IEP bit is set. Test results of the one or more tests are determined based on the detecting. A remedial action is performed in response to the test results of the one or more tests.

Abstract: An electronic device is provided. The electronic device includes at least one communication module and a processor configured to control the at least one communication module. The processor is configured to verify properties of at least one communication network accessed by the electronic device through the at least one communication module, to determine an authentication scheme to be applied to a communication connection between the electronic device and an external electronic device and to establish the communication connection such that the external electronic device accesses the at least one communication network through the electronic device based on the authentication scheme.

Abstract: Embodiments are directed to a computer-implemented method of identifying an imposter web page. The method includes extracting, using a processor system, visited web page data from a visited web page. The method further includes determining, using the processor system, that the visited web page is an imposter web page, based at least in part on determining, using the processor system, that website location data of the visited web page does not match website location data of at least one legitimate web page, as well as determining that text data associated with image data of the visited web page matches text data associated with image data of the at least one legitimate web page.

Abstract: Systems and techniques are provided for creating sensor based rules for detecting and responding to malicious activity. Evidence corresponding to a malicious activity is received. The evidence corresponding to malicious activity is analyzed. Indicators are identified from the evidence. The indicators are extracted from the evidence. It is determined that an action to mitigate or detect a threat needs to be taken based on the indicators and evidence. A sensor to employ the prescribed action is identified. Whether a sensor based rule meets a threshold requirement is validated. A configuration file used to task the sensor based rule to the identified sensor is created. The number of sensor based rule triggers is tracked.

Abstract: Methods, apparatus, systems, and articles of manufacture for securing a mobile device are disclosed. An example apparatus includes a housing dimensioned to receive the mobile device. A secure storage is carried by the housing. A malware scanner is carried by the housing, and is to perform a first scan of an external electronic device to detect malware. A driver loader is carried by the housing, and is to mount a secure file transfer driver in response to the first scan not identifying malware on the external electronic device. A file handler is carried by the housing, and is to detect, using the secure file transfer driver, a file to be transferred intermediate the external electronic device and the mobile device. The malware scanner is to scan the file. The file handler is to quarantine the file in response to the malware scanner detecting malware in the file.

Abstract: Various techniques for providing inline DGA detection with deep networks are disclosed. In some embodiments, a system, process, and/or computer program product for inline DGA detection with deep networks includes receiving a DNS data stream, in which the DNS data stream includes a DNS query and a DNS response for resolution of the DNS query; determining whether the DNS query is associated with a potentially malicious network domain based on the inline DGA detection model; and performing a mitigation action if it is determined that the DNS query is associated with a potentially malicious network domain based on the inline DGA detection model.

Abstract: Aspects described herein may allow for the generation of a message to be sent to an intended recipient of a request for a communication session prior the initiation of the communication session. The system may monitor applications and associated devices to determine the initiation of the communication session. Based on such a determination, the system may generate a message to be presented to a communication initiating user and to be sent to an intended recipient of the communication session. The system may determine data for the message based on an analysis of the data associated with the communication initiating user, and the system may apply a machine learning model to generate draft messages for the user. Messages may be generated to authenticate a user with an intended recipient of the communication session.