Abstract: A computer device for managing privilege delegation to control creation of processes thereon is described. Creation of a process on a computer device is requested according to first privileges. An agent, cooperating with an operating system of the computer device, intercepts the request. The agent determines whether to create the process according to second privileges, different from the first privileges and if permitted, cause the process to be created accordingly. The agent hooks a query provided by the operating system to identify whether a control service is enabled. The agent enquires of the operating system whether to create the process according to the second privileges whereupon the hooked query is invoked. The agent confirms to the operating system that the control service is enabled, such that checks by the operating system are performed as if the operating system were enabled.

Abstract: A computer device, including at least a processor and a memory, can be configured to control process components on a computer device. An agent can intercept a request to instantiate a new process component. The request can originate on the computing device from an instance of a particular process component amongst a set of process components. The agent can determine whether to permit the intercepted request by validating the relationship using a policy with rules as well as and determining a trusted owner is among the set of identified owners. The agent can permit the intercepted if the determination is to permit the intercepted request.

Abstract: In an embodiment, a photoinitiation apparatus includes: a set of illumination sources or elements configured for outputting optical energy; a body structure having a proximal body structure portion confining a proximal volume of explosive medium, an intermediate body structure portion confining an intermediate volume of explosive medium, and a distal body structure portion confining a distal volume of explosive medium, wherein the proximal volume of explosive medium is optically coupled to portions of the first volume of explosive medium, at least one of the proximal volume of explosive medium and the distal volume of explosive medium is a tertiary explosive medium, and (a) the body structure does not carry a primary explosive composition and does not carry a secondary explosive composition, and/or (b) each of the proximal, intermediate, and distal volumes of explosive media has an initiation sensitivity that is less than cyclotrimethylenetrinitramine (RDX) based explosive compositions.

Abstract: A computer device that manages privilege delegation is disclosed. The computing device can modify a virtual method table to point to a hooking function associated with an agent plugin. The agent plugin can be configured to intercept requests relating to a file using the hooking function. The computing device can intercept a request in a user account of a logged-in user to execute therein a command on the file according to first privileges assigned thereto. The computing device can obtain information related to the request and forward the information to an agent service cooperating with an operating system. The computing device can determine whether to execute the command on the file in the user account according to second privileges different from the first privileges. The computing device can cause the command to be executed on the file in the user account according to the second privileges.

Abstract: A computer device that manages privilege delegation is disclosed. The computing device can insert a particular command into one or more commands corresponding to a file. The computing device can intercept a request to execute the particular command on the file according to first privileges. The computing device can determine to execute the particular command on the file according to second privileges different from the first privileges based on the request to execute the particular command. The computing device can cause the particular command to be executed on the file according to the second privileges.

Abstract: A computer device, including at least a processor and a memory, can be configured to control process components on a computer device. An agent can intercept a request to instantiate a new process component in a user account of a logged-in user. The request can originate on the computing device from an instance of a particular process component amongst a set of process components. The user account can be assigned default user privileges by a privilege access management service. The agent can determine whether to permit the intercepted request. The agent can permit the intercepted request if the relationship is validated and if a trusted owner is identified amongst the set of identified owners.

Abstract: A computing device is disclosed with an agent and operating system executing thereon. The agent can determine that a user account control service is disabled by querying the operating system. In response to determining that the user account control service is disabled, the agent can hook a query provided by the operating system. The agent can receive a request to confirm whether the user account control service is enabled using the query provided by the operating system. The agent can generate a confirmation that the user account control service is enabled. The agent can determine whether to execute a process by performing a privilege check as if the user account control service were enabled based on the confirmation.

Abstract: A computer device performs operations for managing registry access. The computing device can determine a set of registry access rules relevant to the user process. The computing device can perform an evaluation of a registry operation requested by the user process using the set of registry access rules. The computing device can determine an action based on the evaluation. The action can include one of blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation.

Abstract: A computer device that manages privilege delegation is disclosed. The computing device can insert a custom verb command into a plurality of verb commands corresponding to a file. The computing device can intercept a request to execute the custom verb command on the file by intercepting a request to create a context menu. The computer device can obtain information related to the request to execute the custom verb command by obtaining a file identifier of the file from the request to create the context menu. The computer device can determine whether to execute the custom verb command on the file according to second privileges different from the first privileges based on the information related to the request to execute the custom verb command. The computer device can cause the custom verb command to be executed on the file according to the second privileges.

Abstract: A computing device can capture a current access token of a user process. The computing device can perform a determination of whether the current access token for the user process differs from a particular access token of a parent process of the user process. The computing device can detect whether the user process has been subject to an escalation of privilege attack based on the determination of whether the current access token for the user process differs from the particular access token. The computing device can performing a mitigation action with respect to the user process in response to detecting that the user process has been subject to the escalation of privilege attack.

Abstract: A computer device performs operations for managing registry access, including monitoring a user process on the computer device. The computing device can determine a set of registry access rules relevant to the user process. The computing device can perform an evaluation of a registry operation requested by the user process using the set of registry access rules. The computing device can determine an action based on the evaluation. The action can include one of blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation.

Abstract: A computing device can receive a first notification that a process has started on the at least one computing device. The computing device can record a first access token associated with the process into the token cache. The computing device can receive a second notification that the process has interacted with the operating system to perform at least one of a set of predetermined operations on the at least one computing device. The computing device can capture a second access token from the process. The computing device can perform a comparison of the second access token captured from the process against the first access token recorded into the token cache. The computing device can determine that an escalation of privilege attack has occurred based on the comparison.

Abstract: A computer device that manages privilege delegation is disclosed. The computing device can insert a custom verb command into a plurality of verb commands corresponding to a file. The computing device can intercept a request to execute the custom verb command on the file by intercepting a request to create a context menu. The computer device can obtain information related to the request to execute the custom verb command by obtaining a file identifier of the file from the request to create the context menu. The computer device can determine whether to execute the custom verb command on the file according to second privileges different from the first privileges based on the information related to the request to execute the custom verb command. The computer device can cause the custom verb command to be executed on the file according to the second privileges.

Abstract: In an embodiment, a photoinitiation apparatus includes: a set of illumination sources or elements configured for outputting optical energy; a body structure having a proximal body structure portion confining a proximal volume of explosive medium, an intermediate body structure portion confining an intermediate volume of explosive medium, and a distal body structure portion confining a distal volume of explosive medium, wherein the proximal volume of explosive medium is optically coupled to portions of the first volume of explosive medium, at least one of the proximal volume of explosive medium and the distal volume of explosive medium is a tertiary explosive medium, and (a) the body structure does not carry a primary explosive composition and does not carry a secondary explosive composition, and/or (b) each of the proximal, intermediate, and distal volumes of explosive media has an initiation sensitivity that is less than cyclotrimethylenetrinitramine (RDX) based explosive compositions.

Abstract: Disclosed is a system for assisting blasting. The system includes at least one wireless blasting-related device that is deployable or deployed proximate to or within a portion of physical media intended to be blasted as part of a commercial blasting operation. The blasting-related device includes a device-based magnetic induction (MI) signal receiver with a magnetometer configured for through the earth (TTE) MI communication, and the blasting-related device includes a device-based MI signal source with a device-based antenna configured for TTE MI communication. The device-based MI signal source is configured to communicate with a vehicle-based MI signal receiver in a blast support vehicle that includes a set of vehicle-based magnetometers.

Abstract: A computing device can receive a first notification that a process has started on the at least one computing device. The computing device can record a first access token associated with the process into the token cache. The computing device can receive a second notification that the process has interacted with the operating system to perform at least one of a set of predetermined operations on the at least one computing device. The computing device can capture a second access token from the process. The computing device can perform a comparison of the second access token captured from the process against the first access token recorded into the token cache. The computing device can determine that an escalation of privilege attack has occurred based on the comparison.

Abstract: A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.

Abstract: A computer device performs operations for managing registry access, including monitoring a user process on the computer device. The computing device can determine a set of registry access rules relevant to the user process. The computing device can perform an evaluation of a registry operation requested by the user process using the set of registry access rules. The computing device can determine an action based on the evaluation. The action can include one of blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation.

Abstract: A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.

Abstract: A computer device performs operations for managing registry access, including monitoring a user process on the computer device and, in response, establishing a set of registry access rules relevant to the user process. Each registry operation requested by the user process is evaluated and, in response, an appropriate action determined. Such action suitably includes at least one of: blocking the registry operation in relation to a particular key in a registry of the operating system, and enabling access to a particular key in the registry of the operating system to perform the requested registry operation. In particular, the operations may be performed using a registry filter driver in a kernel mode of an operating system of the computer device.