Abstract: This disclosure describes techniques implemented partly by a communications service for identifying and altering undesirable portions of communication data, such as audio data and video data, from a communication session between computing devices. For example, the communications service may monitor the communications session to alter or remove undesirable audio data, such as a dog barking, a doorbell ringing, etc., and/or video data, such as rude gestures, inappropriate facial expressions, etc. The communications service may stream the communication data for the communication session partly through managed servers and analyze the communication data to detect undesirable portions. The communications service may alter or remove the portions of communication data received from a first user device, such as by filtering, refraining from transmitting, or modifying the undesirable portions.

Abstract: A device may receive a trigger to determine whether a malicious file is operating on a client device. The device may determine a network activity profile associated with the malicious file based on receiving the trigger to determine whether the malicious file is operating on the client device. The network activity profile may include information regarding network activity associated with the malicious file when the malicious file is executed in a testing environment. The device may monitor network activity associated with the client device. The device may determine that the network activity associated with the client device matches the network activity profile associated with the malicious file based on monitoring the network activity associated with the client device. The device may provide information indicating that the network activity associated with the client device matches the network activity profile associated with the malicious file.

Abstract: A bullet having a generally cup-shaped jacket, a core disposed inside the jacket, and partially divided into a plurality of segments by a plurality of slits formed therein is mounted at the front of the jacket. A tip is mounted in the core. The tip has a plurality of notches formed its forwardly facing ogival surface; each notch having a forward end adjacent the forward end of the tip, and a rear end rearward of the rearwardly facing shoulder and the front end of the jacket, so that material from the target can enter the jacket and help open the jacket and release the core.

Abstract: A system may determine to perform an internal and an external malware detection operation to detect a malware infection associated with a client device. The system may perform the internal operation by modifying an environment, executing on a particular device, to form a modified environment. The system may perform the external operation by performing a communication from the particular device. The system may monitor the modified environment for a first behavior indicative of the malware infection, and may monitor a result of performing the communication for a second behavior indicative of the malware infection. The system may detect that the first or second behavior has occurred. The system may provide a notification that the client device is infected with malware based on detecting that the first or second behavior has occurred. The notification may cause one or more network devices to block network traffic to or from the client device.

Abstract: A device may receive a file to be analyzed in a sandbox environment, and may determine configuration information for configuring the sandbox environment. The configuration information may be determined based on at least one of: file information associated with the file to be analyzed, or client device information associated with a client device for which the file is intended. The device may configure the sandbox environment using the configuration information. The configuration information may identify a system configuration for the sandbox environment. The device may analyze the file in the sandbox environment based on configuring the sandbox environment using the configuration information.

Abstract: A technology is described for applying an encrypted customer security rule set to an application firewall. An example method may include obtaining an encrypted customer security rule from a shared data store for use by an application firewall that operates at an entry point to a computing service environment that utilizes security rules to monitor, filter, and manipulate network traffic. The customer encryption key used to decrypt the encrypted customer security rule in volatile computer memory may be obtained from a key data store and the encrypted customer security rule may be decrypted in the volatile computer memory using the customer encryption key, thereby forming a corresponding unencrypted customer security rule in the volatile computer memory. A volatile computer memory location containing the unencrypted customer security rule may be provided to the application firewall to enable the unencrypted customer security rule to be applied by the application firewall.

Abstract: Functionality is disclosed herein for utilizing a picture created by a customer of a service provider network to define infrastructure associated with the service provider network or other networks. The picture may be a picture of a drawing or a model, for instance. The picture is analyzed to identify resources depicted in the picture as well as any connections between the resources. Based upon the analysis, configuration data that describes the configuration of the resources within the service provider network may be generated and used to perform one or more actions. For example, the configuration data might be used to generate a deployment template and/or used to provision the resources within the service provider network or other networks.

Abstract: Embodiments of the present disclosure are directed to extracting the liquid from a container (such as a bottle of wine) in varying amounts at a desired serving temperature while preserving the liquid for later consumption. Various embodiments may be built within an appliance so the consumer experience is fully automated. Embodiments may include a variety of wine preservation techniques including the use of inert gases that prevent the oxidation of wine.

Abstract: Functionality is disclosed herein for utilizing a physical model to define infrastructure associated with the service provider network or other networks. The model is analyzed to identify resources represented by the physical model as well as any connections between the resources. Based upon the analysis, configuration data that describes the configuration of the resources within the service provider network may be generated and used to perform one or more actions. For example, the configuration data might be used to generate a deployment template and/or used to provision the resources within the service provider network or other networks. After provisioning, the model may show information relating to the operation of the resources within the network.

Abstract: A plate fin fluid processing device includes active layers, where each active layer includes a fin plate sandwiched between parting sheets so that an active fluid space is defined between the parting sheets. The active layers include an outermost active layer having an inlet and an outlet. A contingent layer body is positioned adjacent to the outermost active layer and includes a fin plate positioned between a parting sheet and a cap sheet. The contingent layer body has a fluid space that is sealed with respect to the atmosphere. A pressure monitoring system is in communication with the fluid space of the contingent layer body. An emergency pressure relief device is configured to release a pressure within the fluid space if a preset pressure is exceeded.

Abstract: Functionality is disclosed herein for utilizing a picture created by a customer of a service provider network to define infrastructure associated with the service provider network or other networks. The picture may be a picture of a drawing or a model, for instance. The picture is analyzed to identify resources depicted in the picture as well as any connections between the resources. Based upon the analysis, configuration data that describes the configuration of the resources within the service provider network may be generated and used to perform one or more actions. For example, the configuration data might be used to generate a deployment template and/or used to provision the resources within the service provider network or other networks.

Abstract: A security device may receive actual behavior information associated with an object. The actual behavior information may identify a first set of behaviors associated with executing the object in a live environment. The security device may determine test behavior information associated with the object. The test behavior information may identify a second set of behaviors associated with testing the object in a test environment. The security device may compare the first set of behaviors and the second set of behaviors to determine a difference between the first set of behaviors and the second set of behaviors. The security device may identify whether the object is an evasive malicious object based on the difference between the first set of behaviors and the second set of behaviors. The security device may provide an indication of whether the object is an evasive malicious object.

Abstract: A fragmenting bullet has a metal core having a generally cylindrical rear section and a tapering forward section, a plurality of spaced slots in the forward section forming a plurality of prongs. A metal jacket encloses and substantially conforms to the core. The jacket has an open forward end, and a plurality of lines of weakness in the portion of the jacket over the forward section of the core.

Abstract: A client device may provide, to a host device, a request to access a website associated with a host domain. The client device may receive, based on the request, verification code that identifies a verification domain and a resource, associated with the verification domain, to be requested to verify a public key certificate. The verification domain may be different from the host domain. The client device may execute the verification code, and may request the resource from the verification domain based on executing the verification code. The client device may determine whether the requested resource was received, and may selectively perform a first action or a second action based on determining whether the requested resource was received. The first action may indicate that the public key certificate is not valid, and the second action may indicate that the public key certificate is valid.

Abstract: A device may receive or generate a message for routing to a destination on a communication channel. The communication channel may have been established between a source and the destination. The device may perform a first determination of policy information related to at least one of the message, the destination, or the source of the message. The policy information may describe an action for a network device to perform. The device may associate a policy token with the message. The policy token may describe or identify the policy information. The device may provide the message with the associated policy token to the network device on the communication channel to cause the network device to perform a second determination of the policy information based on the policy token, to perform the action described by the policy information, and to provide the message on the communication channel.

Abstract: A device may receive an object. The device may determine object information for the object. The device may cause an internet search, based on the object information, to be performed to determine Internet search results. The object information may be provided as one or more Internet search queries for the Internet search. The device may receive the Internet search results based on causing the Internet search to be performed. The Internet search results may be related to the object information. The device may analyze the Internet search results to determine Internet-based object information. The device may store or provide the Internet-based object information to permit a determination as to whether the object is malicious.

Abstract: A device may identify exfiltration information to be used to detect data exfiltration. The exfiltration information may be associated with a file being tested to determine whether the file exfiltrates data. The exfiltration information may include a resource identifier that identifies a resource to be used to detect the data exfiltration. The device may determine that the resource, to be used to detect the data exfiltration, has been accessed. The device may identify, based on determining that the resource has been accessed, the file associated with the exfiltration information. The device may perform an action, associated with the file, to counteract the data exfiltration based on determining that the resource has been accessed and based on identifying the file.

Abstract: A device may detect or emulate a sequence of keystrokes to be used to detect a keystroke logger application. The device may determine a sequence of characters associated with the sequence of keystrokes. The sequence of characters may correspond to the sequence of keystrokes or a portion of the sequence of keystrokes. The device may search a memory for the sequence of characters. The device may determine that the sequence of characters is stored in the memory based on searching the memory for the sequence of characters. The device may perform an action to counteract the keystroke logger application based on determining that the sequence of characters is stored in the memory.

Abstract: A security device may receive, from a client device, a request associated with a server device. The security device may determine a communication channel and contact information for validating the request. The security device may provide validation information via the communication channel using the contact information. The security device may receive a validation response from the client device, and may determine whether the validation response is valid. The security device may selectively perform a first action or a second action based on determining whether the validation response is valid. The first action may be performed based on determining that the validation response is valid, and may include providing a validation indicator, with the request, to the server device. The second action may be performed based on determining that the validation response is not valid, and may include providing an invalidation indicator, with the request, to the server device.

Abstract: A device may determine a first set of hash values corresponding to a first set of files stored by a plurality of client devices. The device may analyze information associated with the first set of hash values to determine a second set of hash values corresponding to a second set of files to be analyzed. The second set of hash values may be different from the first set of hash values. The device may prioritize the second set of hash values to form a prioritized set of hash values corresponding to a prioritized set of files, of the second set of files, to be analyzed. The device may request the prioritized set of files from one or more client devices of the plurality of client devices. The device may receive the prioritized set of files, and may cause the prioritized set of files to be analyzed.