Abstract: DLL hooks are protected by mapping the starting address of the new executable to a sample of the former executable. Attempts to read the starting address are responded to with the sample of the former executable. Attempts to write to the starting address are responded to with confirmation of success without actually writing data. Debuggers are detected upon launch or by evaluating an operating system. A component executing in the kernel denies debugging privileges to prevent inspection and modification of DLL hooks.

Abstract: Various methods and processes, apparatuses/systems, and media for separating or distributing database calls between active and passive databases are disclosed. A processor establishes a communication link between a passive database and an active database via a communication network; executes real-time syncing of data between the active database and the passive database by implementing a replication algorithm; receives a request from an application user to generate a report corresponding to the application; implements a batch processor, at an application level, to separate read-only operations from read and write operations associated the application; and separates or distributes database calls, at the application level, between the active database and the passive database in a manner such that the read-only operations are directed to the passive database and the read and write operations are directed to the active database.

Abstract: Various methods and processes, apparatuses/systems, and media for separating or distributing database calls between active and passive databases are disclosed. A processor establishes a communication link between a passive database and an active database via a communication network; executes real-time syncing of data between the active database and the passive database by implementing a replication algorithm; receives a request from an application user to generate a report corresponding to the application; implements a batch processor, at an application level, to separate read-only operations from read and write operations associated the application; and separates or distributes database calls, at the application level, between the active database and the passive database in a manner such that the read-only operations are directed to the passive database and the read and write operations are directed to the active database.

Abstract: DLL hooks are protected by mapping the starting address of the new executable to a sample of the former executable. Attempts to read the starting address are responded to with the sample of the former executable. Attempts to write to the starting address are responded to with confirmation of success without actually writing data. Debuggers are detected upon launch or by evaluating an operating system. A component executing in the kernel denies debugging privileges to prevent inspection and modification of DLL hooks.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: DLL hooks are protected by mapping the starting address of the new executable to a sample of the former executable. Attempts to read the starting address are responded to with the sample of the former executable. Attempts to write to the starting address are responded to with confirmation of success without actually writing data. Debuggers are detected upon launch or by evaluating an operating system. A component executing in the kernel denies debugging privileges to prevent inspection and modification of DLL hooks.

Abstract: Endpoints in a network execute a sensor module that intercepts commands to obtain information regarding a remote network resource. The sensor module compares a source of commands to a sanctioned list of applications. If the source is not sanctioned, then a simulated response can be provided to the source that references a decoy server.

Abstract: DLL hooks are protected by mapping the starting address of the new executable to a sample of the former executable. Attempts to read the starting address are responded to with the sample of the former executable. Attempts to write to the starting address are responded to with confirmation of success without actually writing data. Debuggers are detected upon launch or by evaluating an operating system. A component executing in the kernel denies debugging privileges to prevent inspection and modification of DLL hooks.

Abstract: A method and system to create personalized investor information packages, based on investor information, to be delivered to the investor to satisfy both compliance regulations and investor preferences. The method and system may deliver information in a paper or electronic format.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application.

Abstract: In some embodiments, a computer-implemented method for preventing credential passing attacks comprising: receiving an input; determining whether the input is a credential access command, wherein the determination comprises searching for occurrences of references to executables related to adding, reading, copying, or performing actions with respect to a credential, if the input is determined to be a credential access command, performing anomaly detection, wherein performing the anomaly detection comprises evaluating whether a user is a valid domain user, whether an elapsed time of the credential is greater than a maximum lifetime of the credential, and whether a privilege attribute certificate of the credential is valid, determining that an anomaly exists if the command was generated by an invalid domain user; an elapsed time of a credential is greater than a maximum lifetime, or the privilege attribute certificate of the credential is invalid, and performing mitigation of the anomaly.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: The invention provides compounds having STimulator of INterferon Genes (STING) agonistic bioactivity that can be used in the treatment of tumors in patients afflicted therewith. The compounds are of formula (I): as defined herein. Compounds for practice of a method of the invention can be delivered via oral delivery for systemic exposure, as well as delivered intratumorally. Antitumor therapy using a compound of formula (I) can further comprise administration of an effective dose of an immune-checkpoint targeting drug.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application the command is ignored and a simulated acknowledgment is sent or, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Abstract: Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application.

Abstract: The invention provides compounds having STimulator of INterferon Genes (STING) agonistic bioactivity that can be used in the treatment of tumors inpatients afflicted therewith. The compounds are of formula (IA), formula (I), and formula (II): wherein the various substituents are as defined herein. Ring A is a 5- or 6-membered heteroaryl comprising 1, 2, or 3 N atoms, unsubstituted or substituted with 1, 2, or 3 groups as defined herein. Compounds for practice of a method of the invention can be delivered via oral delivery for systemic exposure, as well as delivered intratumorally. Antitumor therapy using a compound of formula (I) can further comprise administration of an effective dose of an immunecheckpoint targeting drug.

Abstract: Described herein are techniques for performing a channel scan based on a mobility state of a device. The mobility state of a device relative to an access point may be determined using time-of-flight information. A channel scan may be performed based on the mobility state determination.

Abstract: A method and system to create personalized investor information packages, based on investor information, to be delivered to the investor to satisfy both compliance regulations and investor preferences. The method and system may deliver information in a paper or electronic format.