Abstract: A computer-implemented method for preventing chronic false positives may include (1) whitelisting a file based on a challenge notification that challenges a classification of the file as insecure, (2) obtaining attribute information about the file, (3) identifying, by analyzing the attribute information, a primitive that identifies a source of origin for the file, (4) determining, based on an analysis of files that originate from the source of origin, that the source of origin identified by the primitive is trustworthy, and (5) adjusting, based on the determination that the source of origin identified by the primitive is trustworthy, a security policy associated with the primitive to prevent future false positives for other files that originate from the source of origin. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: An apparatus for electromagnetic interference shielding is described herein. The apparatus includes an electromagnetic bandgap (EBG) structure. The EBG structure is attached to a surface of the apparatus such that noise propagation is mitigated. The apparatus may be a chassis of an electronic device, and the EBG structure may be attached to one surface of the chassis. Further, the apparatus may be a heat sink, and the EBG structure can be attached to one surface of the heat sink.

Abstract: A computer-implemented method for determining whether GPUs are executing potentially malicious processes may include (1) identifying at least one GPU associated with a computing device, (2) analyzing the behavior of the GPU associated with the computing device, (3) determining that the analyzed behavior of the GPU indicates that the GPU is executing at least one potentially malicious process, and then (4) performing at least one security action on the GPU in response to determining that the analyzed behavior indicates that the GPU is executing the potentially malicious process. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for treating locally created files as trustworthy may include identifying at least one file created on a computing system protected by a security system that determines whether files encountered by the computing system are trustworthy. The method may also include identifying a software application used to create the file on the computing system. The method may further include determining that the software application used to create the file on the computing system comprises a reputable software application used to create trustworthy files within a user community comprising users of computing systems protected by the security system. In addition, the method may include establishing a trustworthiness exception that causes the security system to treat the file as trustworthy on the computing system that created the file. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for responding to security breaches may include (1) receiving a notification that a service provider has experienced a security breach, (2) identifying a first user account that is potentially affected by the security breach by identifying an account management database that stores users' account information for a plurality of different service providers and searching the account management database for user accounts associated with the service provider that experienced the security breach, and (3) performing, for the first user account that is potentially affected by the security breach, a security action that addresses the security breach. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Described herein are techniques related to near field coupling and wireless power transfers. A mobile device may include an edge-emitting antenna that offers ultra slim, all-metallic chassis packaging option with no cutout, uses lesser area, has robust mechanical strength, and provides EMI/ESD protection. In one example, an inductor coil is wrapped around a magnetic core and a pair of conductive layers is configured to interpose the magnetic core and the inductor coil between them to expose an edge of the magnetic core. The inductor coil being operable in a transmit mode to generate a magnetic field in response to a current passing through it. The edge is configured to enhance outward radiation of the magnetic field. Based on simulation results, the edge-emitting antenna occupies less space and provides an acceptable level of performance for coupling coefficients compared to conventional antenna.

Abstract: A smart microphone device is provided. The smart microphone device is coupled to a host, and includes: an analog microphone unit, receiving sounds; a voice detection unit, coupled to the analog microphone unit, detecting voices from the sounds; a speech detection unit, coupled to the voice detection unit, detecting a speech from the voices; and a channel select pin, coupled between the smart microphone device and the host, wherein an interrupt signal is sent from the smart microphone device to the host via the channel select pin to enable the host to operate in the normal mode when the speech detection unit detects the speech.

Abstract: A computer-implemented method for identifying malware threat vectors may include 1) identifying a computing system that includes a first human interface device, 2) detecting an introduction of a new device to the computing system that presents itself to the computing system as a second human interface device, 3) determining that the second human interface device is configured to generate a type of input event equivalent to the type of input event generated by the first human interface device, 4) determining, based on the second human interface device being configured to generate the type of input event equivalent to the type of input event generated by the first human interface device, that the second human interface device includes a potential malware attack vector. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for detecting malicious digitally-signed applications. The method may include 1) identifying an application package file that has been digitally signed, wherein the application package file is used to distribute an application, 2) comparing the application package file to a set of known application package files, 3) determining that the application package file has been repackaged from a known application package file, 4) comparing a public key associated with a digital signature of the application package file to a public key associated with a digital signature of the known application package file, 5) determining that the public key associated with the digital signature of the application package file and the public key associated with the digital signature of the known application package file are different, and 6) performing a security action on the application. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for using property tables to perform non-iterative malware scans may include (1) obtaining at least one malware signature from a security software provider that identifies at least one property value for an item of malware, (2) accessing a property table for a computing device that identifies property values shared by one or more application packages installed on the computing device and, for each property value, each application package that shares the property value in question, and (3) determining, by comparing each property value identified in the malware signature with the property table, whether any of the application packages match the malware signature without having to iterate through the individual property values of each application package. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A collection of stored data concerning digital content on read-only optical media is maintained. The data collection comprises signatures identifying specific releases of digital content stored on optical media, and results of scanning the specific releases for malware. The coupling of optical media to a computing device is detected. In response, an identifying signature of the digital content on the optical medium is created, and the data collection is searched for the signature. Where the signature is found in the data collection, the stored scanning result for the corresponding digital content is retrieved. Instead of scanning the coupled optical medium, the retrieved scanning result is used to determine its malware infection status. Where the signature is not found in the data collection, the optical medium is scanned for malware.

Abstract: A method for using acquisitional contexts to prevent false-positive malware classifications. The method may include (1) receiving, from at least one client-side computing device within a community of users, contextual information associated with a file, (2) determining, based at least in part on the contextual information received from the client-side computing device, a reputation rating for the file, and (3) providing the reputation rating for the file to at least one additional client-side computing device within the community in order to prevent the additional client-side computing device from falsely classifying the file as untrustworthy due to acquiring an additional instance of the file via a context that is insufficient to determine that the additional instance of the file is trustworthy. Various other methods and systems are also disclosed.

Abstract: Described herein are techniques related to near field coupling and wireless power transfers. A mobile device may include an edge-emitting antenna that offers ultra slim, all-metallic chassis packaging option with no cutout, uses lesser area, has robust mechanical strength, and provides EMI/ESD protection. In one example, an inductor coil is wrapped around a magnetic core and a pair of conductive layers is configured to interpose the magnetic core and the inductor coil between them to expose an edge of the magnetic core. The inductor coil being operable in a transmit mode to generate a magnetic field in response to a current passing through it. The edge is configured to enhance outward radiation of the magnetic field. Based on simulation results, the edge-emitting antenna occupies less space and provides an acceptable level of performance for coupling coefficients compared to conventional antenna.

Abstract: Malware is identified based on its use of a folder shortcut. Files are analyzed, in order to indentify files used to implement folder shortcuts. This can take the form of monitoring the creation of new files, or searching for existing files used to implement folder shortcuts. In response to detecting such a file, it can be determined that a folder shortcut exists. The contents of the file can also be analyzed, and the determination can be made in response to finding specific content indicative of a folder shortcut. The file analysis can also involve monitoring edits made to existing files indicative of folder shortcuts. In response to detecting such edits, the content being written can be analyzed, and in response to specific content being written, it can be determined that a folder shortcut exists.

Abstract: A computer-implemented method for using property tables to perform non-iterative malware scans may include (1) obtaining at least one malware signature from a security software provider that identifies at least one property value for an item of malware, (2) accessing a property table for a computing device that identifies property values shared by one or more application packages installed on the computing device and, for each property value, each application package that shares the property value in question, and (3) determining, by comparing each property value identified in the malware signature with the property table, whether any of the application packages match the malware signature without having to iterate through the individual property values of each application package. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for creating customized confidence bands for use in malware detection may include 1) identifying a portal for receiving executable content, 2) identifying metadata relating to the portal, 3) analyzing the metadata to determine what risk executable content received via the portal poses, and then 4) creating, based on the analysis, a confidence band to apply during at least one disposition of executable content received via the portal. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented, server-side method for identifying unique malware variants may include (1) identifying the creation of a child object by a parent object on a client device, (2) determining that instances of both the parent object and the child object occur relatively infrequently within a user community, (3) classifying, based at least in part on the low prevalence of the parent and child objects within the user community, the child object as a potential security risk, and then (4) providing the child object's classification to at least one computing device in order to enable the computing device to evaluate the trustworthiness of the child object. Corresponding systems, encoded computer-readable media, and client-side methods are also disclosed.