Abstract: In one embodiment, a system for managing communication connections in a virtualization environment includes a plurality of host machines implementing a virtualization environment, wherein each of the host machines includes a hypervisor, at least one user virtual machine (user VM), and a distributed file server that includes file server virtual machines (FSVMs) and associated local storage devices. Each FSVM and associated local storage device are local to a corresponding one of the host machines, and the FSVMs conduct I/O transactions with their associated local storage devices based on I/O requests received from the user VMs. Each of the user VMs on each host machine sends each of its representative I/O requests to an FSVM that is selected by one or more of the FSVMs for each I/O request based on a lookup table that maps a storage item referenced by the I/O request to the selected one of the FSVMs.

Abstract: Systems and methods are provided herein to dynamically update content restrictions for multiple users by detecting a first user in the proximity of a media device playing a first content item and detecting a second user entering the proximity of the media device. In response to detecting a second user entering the proximity of the media device and receiving a command from the first user that controls playing the first content, the system modifies a stored relationship between the first user and the second user to track the relationship between the first user and the second user. Thereafter, when the system detects the first user and the second user in the proximity of a media device playing a second content, in response, the system automatically performs an action that controls the playing of the second content (e.g., without user having to issue those commands).

Abstract: A system includes a shift register to store data samples, where the shift register includes a cell under test (CUT), a left guard cell, a right guard cell, a left window, and a right window. The system includes two sets of comparators to compare incoming data samples with data samples in the left window and the right window to compute ranks of the incoming data samples. The system includes a sorted index array to store a rank of the data samples in the shift register. The system includes a selector to select a Kth smallest index from the sorted index array and its corresponding data sample from the shift register. The system includes a target comparator, where the first comparator input receives a data sample from the CUT and the second comparator input receives a Kth smallest data sample, and the comparator output indicates a CFAR target detection.

Abstract: In one embodiment, a system for managing communication connections in a virtualization environment includes a plurality of host machines implementing a virtualization environment, wherein each of the host machines includes a hypervisor, at least one user virtual machine (user VM), and a distributed file server that includes file server virtual machines (FSVMs) and associated local storage devices. Each FSVM and associated local storage device are local to a corresponding one of the host machines, and the FSVMs conduct I/O transactions with their associated local storage devices based on I/O requests received from the user VMs. Each of the user VMs on each host machine sends each of its representative I/O requests to an FSVM that is selected by one or more of the FSVMs for each I/O request based on a lookup table that maps a storage item referenced by the I/O request to I/O the selected one of the FSVMs.

Abstract: DLL hooks are protected by mapping the starting address of the new executable to a sample of the former executable. Attempts to read the starting address are responded to with the sample of the former executable. Attempts to write to the starting address are responded to with confirmation of success without actually writing data. Debuggers are detected upon launch or by evaluating an operating system. A component executing in the kernel denies debugging privileges to prevent inspection and modification of DLL hooks.

Abstract: A method and system to create personalized investor information packages, based on investor information, to be delivered to the investor to satisfy both compliance regulations and investor preferences. The method and system may deliver information in a paper or electronic format.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application.

Abstract: In some embodiments, a computer-implemented method for preventing credential passing attacks comprising: receiving an input; determining whether the input is a credential access command, wherein the determination comprises searching for occurrences of references to executables related to adding, reading, copying, or performing actions with respect to a credential, if the input is determined to be a credential access command, performing anomaly detection, wherein performing the anomaly detection comprises evaluating whether a user is a valid domain user, whether an elapsed time of the credential is greater than a maximum lifetime of the credential, and whether a privilege attribute certificate of the credential is valid, determining that an anomaly exists if the command was generated by an invalid domain user; an elapsed time of a credential is greater than a maximum lifetime, or the privilege attribute certificate of the credential is invalid, and performing mitigation of the anomaly.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: The invention provides compounds having STimulator of INterferon Genes (STING) agonistic bioactivity that can be used in the treatment of tumors in patients afflicted therewith. The compounds are of formula (I): as defined herein. Compounds for practice of a method of the invention can be delivered via oral delivery for systemic exposure, as well as delivered intratumorally. Antitumor therapy using a compound of formula (I) can further comprise administration of an effective dose of an immune-checkpoint targeting drug.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application the command is ignored and a simulated acknowledgment is sent or, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application.

Abstract: The invention provides compounds having STimulator of INterferon Genes (STING) agonistic bioactivity that can be used in the treatment of tumors inpatients afflicted therewith. The compounds are of formula (IA), formula (I), and formula (II): wherein the various substituents are as defined herein. Ring A is a 5- or 6-membered heteroaryl comprising 1, 2, or 3 N atoms, unsubstituted or substituted with 1, 2, or 3 groups as defined herein. Compounds for practice of a method of the invention can be delivered via oral delivery for systemic exposure, as well as delivered intratumorally. Antitumor therapy using a compound of formula (I) can further comprise administration of an effective dose of an immunecheckpoint targeting drug.

Abstract: Described herein are techniques for performing a channel scan based on a mobility state of a device. The mobility state of a device relative to an access point may be determined using time-of-flight information. A channel scan may be performed based on the mobility state determination.

Abstract: A method and system to create personalized investor information packages, based on investor information, to be delivered to the investor to satisfy both compliance regulations and investor preferences. The method and system may deliver information in a paper or electronic format.

Abstract: An apparatus that at least stores objects of varying sizes, said apparatus includes adjustable trays configured to support the objects at bottom surfaces thereof and stationary or mobile panels for mounting the trays in a generally vertical plane. The panels can be provided as pegboard types or as slatwall types. The adjustable trays include a pair of brackets connected with a guide. A mounting portion of each bracket is adapted to mate with the corresponding panel type.

Abstract: The invention provides compounds having STimulator of INterferon Genes (STING) agonistic bioactivity that can be used in the treatment of tumors in patients afflicted therewith. The compounds are of formula (I): as defined herein. Compounds for practice of a method of the invention can be delivered via oral delivery for systemic exposure, as well as delivered intratumorally. Antitumor therapy using a compound of formula (I) can further comprise administration of an effective dose of an immune-checkpoint targeting drug.

Abstract: According to one embodiment, a malware detection and visualization system includes one or more processors; and a storage module communicatively coupled to the one or more processors, the storage module comprises logic, upon execution by the one or more processors, that accesses a first set of information that comprises (i) information directed to a plurality of observed events and (ii) information directed to one or more relationships that identify an association between different observed events of the plurality of observed events; and generates a reference model based on the first set of information, the reference model comprises at least a first event of the plurality of observed events, a second event of the plurality of observed events, and a first relationship that identifies that the second event is based on the first event, wherein at least one of (i) the plurality of observed events or (ii) the one or more relationships constitutes an anomalous behavior is provided.