A method for detecting, identifying, and mitigating advanced persistent threats in a computer network having one or more computers includes a processor in the computer network: receiving a request to access a resource in the computer network; identifying the request as originating from an application executing on the computer network; executing an anomaly operation to determine a behavior of the application is one of anomalous and not anomalous; executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed; granting access to the resource for both a non-anomalous-behaving application and a permanently allowed request; and generating and displaying, on a graphical user interface of the computer network, and prompt for either an anomalous-behaving application or a not-permanently allowed request.

An example hardware accelerator for a computer system includes a programmable device and further includes kernel logic configured in a programmable fabric of the programmable device, and an intellectual property (IP) checker circuit in the kernel logic. The IP checker circuit is configured to obtain a device identifier (ID) of the programmable device and a signed whitelist, the signed whitelist including a list of device IDs and a signature, verify the signature of the signed whitelist, compare the device ID against the list of device IDs, and selectively assert or deassert an enable of the kernel logic in response to presence or absence, respectively, of the device ID in the list of device IDs and verification of the signature.

In non-limiting examples of the present disclosure, systems, methods and devices for providing cross-domain access to calendar availability are presented. A request to schedule an event may be received. The request may comprise an identity of an organizer user account, the organizer user account associated with a first domain, and an identity of an invitee user account, the invitee user account associated with a second domain. An importance level of the organizer user account to the invitee user account may be determined. A determination may be made as to whether the organizer user account has access to events in an electronic calendar associated with the invitee user account based on the importance level. One or more events that the organizer account has access to may be surfaced in an event scheduling assistant user interface associated with the organizer user account.

Disclosed is a content wallet device to which a storage device storing a content is connected including a communication unit for communication between the content wallet device and a user terminal device; an encryption unit generating encryption data including a user ID and a password for authentication between the content wallet device and the user terminal device; a switch unit controlling an electrical connection between the storage device and the communication unit; and a reset unit initializing the generated password when the electrical connection between the storage device and the communication unit is released by the switch unit.

A method includes, in response to a request to enable a set of firmware features in a processing device, performing a validation process based on a key certificate associating a first entity identifier with a firmware feature description file indicating the set of firmware features, and in response to a violation detected during the validation process, enabling a countermeasure in the processing device.

Techniques are disclosed for systems and methods to conduct transactions using a Multi-mode Card. A Multi-mode Card may include various components of a Smart Card and be configured to interface directly with a personal electronic device (e.g., a smart phone, a tablet computer, a personal computer, and/or other personal electronic devices) to confirm presence of the Multi-mode Card in an unattended digital transaction, such as for e-commerce and Internet purchases. A transaction system may include a logic device and an interface embedded in or on the Card, a client device such as a personal electronic device, and a server configured to provide a sales interface to a user through the client device. The logic device in the Card may be configured to authorize, encrypt, and/or otherwise facilitate a transaction involving a sale and/or other type of communication between the client device and the server.

The disclosure relates to systems and methods for managing state using relatively small assistance from protected hardware. Obfuscated code segments may communicate with supporting protected hardware, store encrypted state values in main memory, and/or communicate via secure channels to secure platform hardware components. In various embodiments, consistent state may be achieved, at least in part, by computing secure tag information and storing the secure tag information in a secure and/or otherwise protected device register. Consistent with embodiments disclosed herein, the tag information may be used to derive keys used to encrypt and/or decrypt stored state information. Tag information may further be used in connection with verification operations prior to using the information to derive associated keys.

An example hardware accelerator for a computer system includes a programmable device and further includes kernel logic configured in a first programmable fabric of the programmable device, a shell circuit configured in a second programmable fabric of the programmable device, the shell circuit configured to provide an interface between a computer system and the kernel logic, and an intellectual property (IP) checker circuit in the kernel logic The IP checker circuit is configured to obtain a device identifier (ID) from the first programmable fabric and a signed whitelist, the signed whitelist including a list of device IDs and a signature, verify the signature of the signed whitelist, compare the device ID against the list of device IDs, and selectively assert or deassert an enable of the kernel logic in response to presence or absence, respectively, of the device ID in the list of device IDs and verification of the signature.

An information handling system may include a processor, and a cryptoprocessor comprising at least one storage location. The information handling system may be configured to: store, in the at least one storage location, cryptographic data regarding secure boot of the information handling system; receive an indication that a lockdown is to be initiated; in response to the indication, overwrite the at least one storage location with invalid data; and initiate the lockdown by triggering a reboot of the information handling system.

Provided is an electronic apparatus including: at least one communicator configured to communicate with a first external apparatus and a second external apparatus; and a processor configured to receive a request for writing a file on the second external apparatus from the first external apparatus, receive the file from the first external apparatus based on a filename format of the file, writing of which is permitted, and make the received file be selectively stored in the second external apparatus.