Examples disclosed herein relate to source entities of security indicators. Some examples disclosed herein enable identifying, in a security information sharing platform, a security indicator that is originated from a source entity where the security indicator comprises an observable. Some examples further enable determining a reliability level of the source entity based on at least one of: security events, sightings of the observable, a first set of user feedback information that is submitted for the security indicator by users of the security information sharing platform, or a second set of user feedback information that is collected from external resources that are external to the security information sharing platform.

Example techniques relate to playback queue subscriptions. An example implementation involves a computing system receiving, from a first computing device associated with a first user account, an instruction to enable subscription to a first playback queue associated with a first media playback system. In response to the instruction, the computing system enables second user accounts to subscribe to the first playback queue. The second user accounts are registered with respective second media playback systems in respective second household. The computing system receives, from a particular second media playback system, a request to subscribe to the first playback queue; and in response, sends one or more messages that update a control interface of the first control device to display a subscriber indication and (ii) sends one or more messages that populate a second playback queue of the particular second media playback system with audio tracks of the first playback queue.

Example techniques relate to playback queue subscriptions. An example implementation involves a computing system receiving, from a first computing device associated with a first user account, an instruction to enable subscription to a first playback queue associated with a first media playback system. In response to the instruction, the computing system enables second user accounts to subscribe to the first playback queue. The second user accounts are registered with respective second media playback systems in respective second household. The computing system receives, from a particular second media playback system, a request to subscribe to the first playback queue; and in response, sends one or more messages that update a control interface of the first control device to display a subscriber indication and (ii) sends one or more messages that populate a second playback queue of the particular second media playback system with audio tracks of the first playback queue.

The present invention provides a reception apparatus for performing security tunneling and data re-transmission and unidirectionally receiving data from a transmission apparatus and a transmission apparatus for unidirectionally transmitting data to the reception apparatus. When the reception apparatus checks that there is an error in received data, the reception apparatus performs a switching operation or transmits a switching request signal to the transmission apparatus to notify of the error of the received data to the transmission apparatus. When the transmission apparatus has detected the switching, the transmission apparatus re-transmits data, in which an error is generated, to the reception apparatus. The transmission apparatus encrypts the data and transmits the encrypted data to the reception apparatus. According to the present invention, reliability and security of one-unidirectional data communication are improved.

The present invention provides a reception apparatus for performing security tunneling and data re-transmission and unidirectionally receiving data from a transmission apparatus and a transmission apparatus for unidirectionally transmitting data to the reception apparatus. When the reception apparatus checks that there is an error in received data, the reception apparatus performs a switching operation or transmits a switching request signal to the transmission apparatus to notify of the error of the received data to the transmission apparatus. When the transmission apparatus has detected the switching, the transmission apparatus re-transmits data, in which an error is generated, to the reception apparatus. The transmission apparatus encrypts the data and transmits the encrypted data to the reception apparatus. According to the present invention, reliability and security of one-unidirectional data communication are improved.

Examples relate to handling network threats. In one example, a computing device may: receive, from a threat detector, threat data associated with a particular network device included in a plurality of network devices; identify, based on the threat data, a particular analytics operation for assisting with remediation of a threat associated with the threat data; identify, based on the threat data, additional data for performing the particular analytics operation; cause reconfiguration of at least one of the plurality of network devices, the reconfiguration causing each of the reconfigured network devices to i) collect the additional data, and ii) provide the additional data to an analytics device; and receive, from the analytics device, particular analytics results of the particular analytics operation.

Examples relate to handling network threats. In one example, a computing device may: receive, from a threat detector, threat data associated with a particular network device included in a plurality of network devices; identify, based on the threat data, a particular analytics operation for assisting with remediation of a threat associated with the threat data; identify, based on the threat data, additional data for performing the particular analytics operation; cause reconfiguration of at least one of the plurality of network devices, the reconfiguration causing each of the reconfigured network devices to i) collect the additional data, and ii) provide the additional data to an analytics device; and receive, from the analytics device, particular analytics results of the particular analytics operation.

Examples relate to collecting domain name system traffic. In one example, a computing device may: receive, from a first intermediary network device, a DNS query packet that was sent by a client computing device operating on a private network, the DNS query packet specifying i) a query domain name, and ii) a source address that specifies the client computing device; store, in a data storage device, a query record specifying the query domain name and the source address specified by the DNS query packet; receive, from a second intermediary network device, a DNS response packet; determine that the DNS response packet specifies a response domain name that matches the query domain name; in response to the determination, extract, from the DNS response packet, a resolved address that corresponds to the response domain name; and store, in the query record, the resolved address specified by the DNS response packet.

Examples relate to collecting domain name system traffic. In one example, a computing device may: receive, from a first intermediary network device, a DNS query packet that was sent by a client computing device operating on a private network, the DNS query packet specifying i) a query domain name, and ii) a source address that specifies the client computing device; store, in a data storage device, a query record specifying the query domain name and the source address specified by the DNS query packet; receive, from a second intermediary network device, a DNS response packet; determine that the DNS response packet specifies a response domain name that matches the query domain name; in response to the determination, extract, from the DNS response packet, a resolved address that corresponds to the response domain name; and store, in the query record, the resolved address specified by the DNS response packet.

Systems and methods for detecting and interfering with compromised devices and unauthorized device relocation in a communication network are disclosed. The described embodiments may be deployed in a content delivery network where receivers have been compromised in a manner that renders the conditional access system (CAS) inoperative at controlling the receivers' ability to receive content. In some embodiments, alternate commands not protected by the CAS system may be used to detect hacked devices and interdict same. In some embodiments, service devices in the content delivery network may allow for detection of unauthorized device relocation.