Abstract: A coherent signal is transmitted to cancel a baseband signal at a baseband frequency generated by a component of a wireless communication device while information corresponding to the baseband signal may be transmitted from the wireless communication device at an upconverted frequency. Generating and transmitting of the coherent signal may be responsive to detecting signal energy of a remotely generated baseband energy that may be generated by a remote sniffing device attempting to eavesdrop, or snoop, and remotely and wirelessly steal information from detecting of the baseband signal's electromagnetic energy. The coherent signal may be transmitted directionally to increase cancellation of the baseband signal at a likely location, or in a likely direction, of the eavesdropping device.

Abstract: A network connected storage device detects unusual file-sharing-command activity based on a baseline file-sharing-command signature and analyzes files stored on the storage with respect to a parameter, such as entropy, to determine whether ransomware may have infiltrated the storage device, or a storage associated therewith. Applying by the storage device a function to an entropy value corresponding to a second portion of a file may result in a determination that an analyzed entropy corresponding to the second portion may have been partially encrypted by ransomware. The analyzed entropy corresponding to the second file portion may be compared to an entropy of a first file portion. The first file portion may be a different portion of the same file as the second portion or may be the same portion of the same file that resulted from analysis before the triggering event.

Abstract: Automating Information Handling System (IHS) hardening optimization includes retrieving, from a plurality of IHS hardening configurations, an initial IHS hardening configuration and hardening an IHS based on the initial hardening configuration. An IHS hardening verification tool is then run to verify that the IHS is in compliance with a compliance checklist, if it is, end-to-end tests are run on the IHS, and upon passing the end-to-end tests the initial hardening option is determined to be the best hardening option for the IHS. However, in response to the IHS not passing the end-to-end tests, a next IHS hardening configuration is retrieved and the IHS is hardened based on the next hardening configuration. Running the hardening verification tool and end-to-end tests on the IHS and retrieving a further IHS hardening configuration and hardening the IHS based on the further hardening configuration is repeated, until the IHS passes the end-to-end tests.

Abstract: Techniques are provided for device protection using pre-execution command interception and evaluation. One method comprises obtaining, by a software entity associated with an operating system kernel of a device, a command from a user prior to an execution of the command; providing, by the software entity associated with the operating system kernel, a request to an approval entity to evaluate whether to execute the command; and initiating the execution of the command based on a result of the evaluation, by the approval entity, of whether to execute the command. The approval entity may be identified by accessing a registry of one or more users that are authorized to provide an authorization to execute the command. The evaluation of whether to execute the command may comprise one or more tasks specified by a policy.

Abstract: Migration of data to maintain data resiliency, including receiving user-input indicating a first data resiliency of first data; storing the first data at a first storage device of the storage devices, the first storage device associated with the first data resiliency; monitoring vectors associated with performance of the storage devices; determining, based on the monitoring, that a particular vector fails to meet an associated performance criteria for the first data resiliency of the first data, and in response: analyzing characteristics of each of the storage devices, including a resiliency of each of the storage devices; identifying, based on the characteristics of each of the storage devices, a second storage device of the storage devices for migration of the first data such that the first resiliency of the first data is maintained; and migrating the first data from the first storage device to the second storage device

Abstract: A network-attached storage of a computing system connected to a network may monitor the network for file access commands from equipment of another computing system to identify whether one of the file access commands corresponds to a nefarious attempt to access information stored at the storage. A service, application, or script, running at the storage, may create a fake query and a fake response thereto. The fake query or corresponding response may contain information generated to attract an attacker that may be using the other computing system to passively monitor the network and, upon detecting the attractive, but fake, message information, transmit a request according to an address, or path, or other information that the fake message(s) may include. The service/app/script may notify the computing system that a potential hacker has infiltrated the system when it receives a request for information at the fake address or path.

Abstract: Techniques are provided for multi-cloud authentication of data requests. One method comprises obtaining, by a first authentication entity of a first cloud environment, from a service on the first cloud environment, a request for data stored by a second cloud environment; determining a signature for the service; verifying the determined signature for the service by requesting a signature for the service registered with a second authentication entity of the second cloud environment; requesting the data from the second authentication entity of the second cloud environment in response to the determined signature being verified; and providing the requested data to the service. The requested data from the second cloud environment may be encrypted with an encryption key, and the method may further comprise decrypting the requested data with a decryption key obtained from the second cloud environment. The signature for the service may be registered as part of a deployment of the service.

Abstract: Techniques are provided for detecting and mitigating electromagnetic signal attacks. One method comprises monitoring a processing environment having an electrical component for a signal having one or more signal characteristics that satisfy one or more signal criteria, wherein the one or more signal criteria are determined based on one or more wave characteristics of one or more electromagnetic waves emitted by operation of the electrical component; and automatically adjusting an operating frequency and/or an operating phase of the electrical component in response to detecting the signal having the one or more signal characteristics that satisfy the one or more signal criteria. The automatically adjusting may be performed by a basic input/output system. The electrical component may comprise a processor and the automatically adjusting may activate an overclocking feature of the processor.

Abstract: Methods and systems for managing the operation of data processing systems are disclosed. The data processing systems may provide computer implemented services to any type and number of other devices and/or users of the data processing systems. To improve the likelihood of the data processing systems being able to provide the computer implemented services, a system may proactively attempt to identify and remediate attempts to limit access to data stored in the data processing systems. To do so, a security framework may be implemented by the system. The security framework may include both proactive identified of and remediation of maliciously locked data structures based on user data access patterns.

Abstract: The technologies described herein are generally directed toward maintaining data coherence after an updating node fails during an update. According to an embodiment, a system can comprise a processor and a memory that can enable performance of operations including respectively mapping a logical storage resource to first and second storage resources in first and second security zones associated with first provider and second providers. The operations can further include receiving a request to store a data resource at the logical storage resource. Further, the operations can include, based on a distribution policy associated with the data resource, dividing, by the storage controller equipment, the data resource into a first storage segment stored on the first storage resource and a second storage segment stored on the second storage segment stored on the second storage resource.

Abstract: Techniques are provided for detecting and mitigating electromagnetic signal attacks. One method comprises monitoring a processing environment having an electrical component for a signal having one or more signal characteristics that satisfy one or more signal criteria, wherein the one or more signal criteria are determined based on one or more wave characteristics of one or more electromagnetic waves emitted by operation of the electrical component; and automatically adjusting an operating frequency and/or an operating phase of the electrical component in response to detecting the signal having the one or more signal characteristics that satisfy the one or more signal criteria. The automatically adjusting may be performed by a basic input/output system. The electrical component may comprise a processor and the automatically adjusting may activate an overclocking feature of the processor.

Abstract: Techniques are provided for hardware device integrity validation using platform configuration values. One method comprises obtaining platform configuration values associated with software of a hardware device; comparing the obtained platform configuration values for the hardware device to one or more platform configuration values stored in a platform configuration table; and performing one or more automated remedial actions (e.g., initiating a reboot of the hardware device) based on a result of the comparison. The platform configuration values for the hardware device may be obtained from a local platform configuration value table of the hardware device.

Abstract: An information handling system may receive a plurality of rules and a file for malware testing. The information handling system may apply two or more of the plurality of rules to the received file to determine a plurality of outcomes of application of the rules to the file. The information handling system may determine whether to classify the received file as malware or not malware by applying a machine learning model to the plurality of outcomes.

Abstract: Techniques are provided for detection of unauthorized encryption using one or more deduplication efficiency metrics. One method comprises obtaining a deduplication efficiency value for a deduplication operation in a storage system; evaluating the deduplication efficiency value for the deduplication operation relative to an expected deduplication efficiency value; and performing one or more automated remedial actions, such as generating an alert notification, in response to the evaluating satisfying one or more deduplication criteria. A count of a number of concurrent users may be compared to an expected number of concurrent users, and/or (ii) a count of a number of concurrent sessions for a given user may be compared to an expected number of concurrent sessions for the given user. A ransomware alert or an unauthorized encryption alert may be generated when the evaluating and/or the comparison satisfy predefined attack criteria.

Abstract: Systems and methods for validating digital components comprise manufacturing a digital component for a computer network, wherein the digital component includes embedded software, creating a unique digital identity for the digital component using parameters of the embedded software, and storing the unique digital identity to a global repository. The method further comprises shipping the digital component to an end user, receiving a query at the global repository to verify an installed digital identity associated with a component being installed in an end user network, and determining whether the installed digital identity matches the unique digital identity. The digital component may be a storage system. The computer network may be a data center or an information handling system (IHS).

Abstract: A service monitors activity of a cloud storage during operation of the storage. The service may be a cloud AI service. The AI service may be trained with data labeled as ‘normal’ relative to compressibility of a storage unit of the storage during a known normal period. The service generates storage activity metrics based on the monitored activity and compares the metrics to a normal characteristic activity associated with the cloud storage. The monitored activity may comprise data reduction operations to a storage unit of the cloud storage. If metrics corresponding to monitored activity do not satisfy normal characteristic activity criteria, such as compressibility, the service may determine that the storage has been subjected to a ransomware attack and may initiate an action that protects data of the storage. Corrective actions may be initiated to block access to a suspicious endpoint or revert a storage unit to a previous version.

Abstract: Techniques for obfuscating and/or de-obfuscating data using bit-level shard masks are disclosed. Shard masks are generated. The shard masks are designed to shard a block of data into a number of shards for distribution and storage among a number of storage arrays. The shard masks shard the block of data at a bit-level granularity. The shard masks are applied to the block of data to generate the shards. The shards are then distributed among the storage arrays for storage on the storage arrays.

Abstract: The technologies described herein are generally directed toward monitoring file sharing commands between network equipment to identify adverse conditions. According to an embodiment, a system can comprise a processor and a memory that can enable performance of operations including monitoring resource sharing communication between first network equipment and second network equipment via a network. In one or more embodiments, the method can additionally include based on the resource sharing communication, detecting a condition of the resource sharing communication that has a likelihood of indicating a defined adverse event that has at least a threshold likelihood. Further, the method can include, but are not limited to, in response to detecting the condition, facilitating suspending the resource sharing communication between the first network equipment and the second network equipment.

Abstract: Systems and methods are disclosed for detecting nonlegitimate communications in a hybrid cloud system. An example method comprises receiving a request from a service on a public cloud platform, calculating a unique signature for the service, and verifying the calculated unique signature against a local signature table on the public cloud platform. If the calculated unique signature is verified, then the calculated unique signature is sent to a security signature service on a private cloud platform. If the calculated unique signature is also verified against a global signature table on the private cloud platform, then a response to the request is received from the security signature service.

Abstract: Methods, system, and non-transitory processor-readable storage medium for a location verification system are provided herein. An example method includes detecting an attempt to access a network from a computerized device located at a physical location. The location verification system determines access status based on a distance requirement between the computerized device and another computerized device.