eProseed will participate as a Supporting Partner in the 11th MENA Regulatory Summit on February 5th & 6th in Dubai, United Arab Emirates.
The summit will cover the main topical challenges faced by the regulatory authorities and the GRC community, a debate in which eProseed has a pivotal role to play as the publisher of FSIP, a comprehensive financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.
The 11th MENA Regulatory Summit will take place in Dubai, UAE, in association with the Dubai Financial Services Authority (DFSA) and under the patronage of H.E.
Sultan bin Saeed Al Mansouri, the UAE Minister of Economy.
Formerly known as the GCC Regulators' Summit, the event has been renamed in an effort to ensure the utmost involvement of the governance, risk and compliance (GRC) community across the MENA (Middle East and North Africa) region, and to expand the dialogue to neighboring countries that share the same topical risk challenges and regulatory outlook.
"With increasing demands from many international regulatory bodies, financial supervisory authorities are required to monitor the compliance of their financial institutions against numerous new national and international requirements.
In the MENA region, the recent macroeconomic developments have also triggered an unprecedented demand for collection of high precision data at high frequency from all financial institutions to support a better risk based supervision", comments Geoffroy de Lamalle, Chief Executive Officer of eProseed.
MENA: an increasing role in global compliance and combating financial crime
The 11th MENA Regulatory Summit will be attended and supported by regional and international regulators, financial services professionals, law practitioners, advisors and market players.
The participants will highlight the recent macroeconomic developments in the MENA region including the US election, Brexit aftermath, regional regulatory responses to the financial crisis, the digital revolution in financial services, block chain technology, and crowd funding.
The speakers will set the landscape for international anti-financial crime trends, FATF perspective on terrorist financing and emergent types of financial crimes, and the dangers of withdrawal of correspondent banking relationships. Panelists will also discuss trade-based money laundering and trade finance activities, compliance culture, business conduct, business ethics, and compliance conflicts.
eProseed, the Solution Provider for Financial Supervision
Leveraging the proven expertise in developing and implementing end-to-end business solutions based on Oracle's world-class software technology stack and a close collaboration with major Financial Institutions and Regulators, eProseed has developed eProseed Financial Supervision Insight Platform (FSIP), an end-to-end financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.
"In essence, eProseed FSIP is a comprehensive, highly agile, and plug-and-play financial supervision solution, enabling efficient and pro-active collection of high precision data at high frequency from all financial institutions, as well as automating and integrating all regulatory and supervisory functions in one single software solution", says Geoffroy de Lamalle.
eProseed is an ICT services provider and a software publisher. Honored with 8 Oracle ACE Directors and 14 Oracle Excellence Awards in the last 7 years, eProseed is an Oracle Platinum Partner with in-depth expertise in Oracle Database, Oracle Fusion Middleware and Oracle Engineered Systems.
eProseed’s portfolio of business applications and business accelerators is built on state-of-the-art, reliable technologies and sound knowledge of today’s challenges, developed and maintained with the highest standards in mind.
Comprehensive training and support are provided by eProseed’s experts for both applications and underlying technologies.
Headquartered in Luxembourg, in the heart of Europe, eProseed has offices in Beirut (LB), Brussels (BE), Dubai (AE), London (UK), New York (USA), Porto (PT), Riyadh (SAU), Sydney (AU), and Utrecht (NL).
Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open – from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. Security gurus are right now tearing strips off Trump's cyber-wizard pick.
Top hacker Dan Tentler was first to point out the severely out-of-date Joomla! install. "It speaks volumes," Tentler told The Register, referring to Giuliani's computer security credentials, or lack of, and fitness for the top post. "Seventy-year-old luddite autocrats who often brag about not using technology are somehow put in charge of technology: it's like setting our country on fire and giving every extranational hacker a roman candle – or, rather, not setting on fire, but dousing in gasoline." Content management system developer Michael Fienen also pulled no punches: It gets worse. "Giuliani is running a version of PHP that was released in 2013, and a version of Joomla that was released around 2012," said Ty Miller, a director at Sydney-based infosec biz Threat Intelligence. "Using the version information, within minutes we were able to identify a combined list of 41 publicly known vulnerabilities and 19 publicly available exploits.
Depending upon the configuration of the website, these exploits may or may not work, but is an indication that Giuliani's security needs to be taken up a level." Found on /r/sysadmin, presented without comment. pic.twitter.com/UmWe7tHURv — Ryan Castellucci (@ryancdotorg) January 12, 2017 The most surprising fact in all of this is that the Giuliani Security website hasn't ALREADY been hacked.
They might as well put out a sign. — Michael Fienen (@fienen) January 12, 2017 Another computer security expert, speaking to The Register on condition of anonymity, analyzed Giuliani's website for us. Our guru, based in Australia, said that while the pending cyber-tsar is likely to have outsourced management of his online base, the fact that the mayor-turned-cyber-expert didn't check for lax security on his own website is not going to instill any confidence. We have reproduced our contact's assessment in full on the next page. ® 'Someone should be taken to task for this' Well, talking nuts and bolts: that website is hosted with a hosting provider.
It looks like it has its own IP address based on having a single DNS PTR object (reverse address to the name giulianisecurity.com) which means its unlikely to be in use by other organisations (except maybe his own... who knows.) That IP address is allocated out of a block of addresses registered to Japanese giant NTT but these could also be provided to NTT’s customers such as web developers/hosting providers etc. Without actively poking at the site – which I’m terrified to do, frankly – it may be shared hosting, may be a VPS, or may be a physically separate dedicated hosting solution.
I’m betting it’s a cheap VPS-based ‘dedicated’ solution. My experience with this kind of hosting means that a nice attack vector is identifying the hosting provider and trying to get allocated a similar hosting solution in the adjacent IP address space, getting root on it (or having it if it’s a VPS) and then using ‘layer 2’ fun and games to redirect the victim site’s traffic to the attacker.
This still works amazingly well and is why smart people try to do things like statically publish layer-2 addresses for layer 3 IP gateways (although this is only so effective, really). For the giulianisecurity.com domain they seem to use Microsoft Office 365 for his email. Not a bad choice.
Email security sucks and, unless you know what you’re doing/are a glutton for punishment or are generally my kind of tinfoilhat wearer (hey, friends), it’s best to leave email security to someone reasonably credible. I also note they use a large trademark monitor company – MarkMonitor.com – for the DNS service provider for the domain name giulianisecurity.com. Which is hilarious.
Because, yeah, you’d want to intrude trademark-wise on this guy’s name because it’s such a valuable brand. Like Trump’s, you know? The reality is someone else makes these choices for him for his business.
It’s not like he’s there, updating his ancient and known vulnerable Joomla content management system himself (he’d get props from me if that were the case :) Anyone truly trying to protect your brand would avoid putting a giant red flag like an unpatched CMS in a commodity hosting environment out there. Whether it’s Giuliani’s company’s responsibility or an outsourced provider’s (very likely) the ‘having ancient Joomla’ in place is a pretty bad look.
Someone should be taken to task a bit for this.
And if you’re a security and safety company with an understanding of information security threats you’d have threat management programs in place to identify and improve your controls. For example, if you were undertaking actual security testing of your site I’d wager anyone in infosec – or in IT generally really – would’ve noticed the ancient CMS and its default install remnants using the crappiest, free-est tools out there.
So respectfully, Rudy, get someone to patch your shit and seek out some kind of specialist advice. Snarky comments aside – it really comes down to this greater concern: there’s literally millions of people in infosec who would be better cyber security advisors than Giuliani or whomever his technical advisors are that he’d call on for advice. So I’d ask – again respectfully – that the president elect cast a slightly wider net than he has to receive ‘cyber’ security advice.
As much as most people in infosec are a bunch of opinionated jerks (oh, and we are) we’re all here to help. Just ask a professional.
First sign in knowing one? It’s the person who doesn’t use the word ‘cyber’ to prefix everything they say.
Covata joined other category winners including Splunk, Symantec, Sophos and Microsoft to take home a coveted award from the exclusive event. Covata Logo Developed to mitigate new cyber security risks created by IoT, the innovative Key-as-a-Service (KaaS) cloud solution recently branded as Covata Delta, will provide SDKs (Software Developer Kit) and APIs (Application Programming Interface) to developers, to enable them to seamlessly embed security into their applications, products and services.
Covata Delta ensures that real-time information shared between the growing eco-system of connected devices remains securely under the owners’ control, by linking policy and identity to encryption and decryption. Covata CEO, Trent Telford, said of the award: “It is a privilege to be recognised by Computing Magazine as a leader in the IoT Security space.
The IoT Solution Award entrants were judged on, among other things, functionality and competitive differentiation. We believe Delta’s unique capabilities, including its patented approach to data-centric security that ties end-to-end encryption to identity checks and policy controls, its key management and its unlimited scalability – are what set it apart from others. “The number of devices connecting to the Internet continues to proliferate, and as a result, security risks are exponentially increasing.
Every connected device represents a potential access point for hackers to exploit and attack, which is why Covata firmly believes that data being collected, stored and shared from these devices must be protected. “This year we saw the first major international IoT security breach.
If we don’t build security into these connected devices from the very beginning, we will see a lot more of these types of attacks.
There is not a single company or government department, that can afford for data security to be an afterthought.
This accolade highlights the importance of data-centric cyber security solutions. We are extremely proud to have Covata Delta pioneering the protection of our interconnected future.” - Ends - About CovataCovata Limited (ASX: CVT) enables true ownership and control over your data in the cloud and over mobile services. We deliver data-centric security solutions without compromising simple usability, providing true end-to-end security. Your data is always protected wherever it may travel – inside your network, beyond the domain, to mobile devices and to the cloud – with granular access controls that extend to external users, view-only restrictions, real-time revocation and complete visibility and auditability. Own Your Data, control your data and choose where it is stored – with complete assurance that it is protected and secure.
For further information, please visit Covata.com. Media and Investor Relations:Dana DanieliCovataVP Marketing, Communications & Investor Relationsdana.firstname.lastname@example.org+61 400 993 305 Media contacts:Covata team at Finn PartnersAstor Sonnen or Lindsey ChallisCovatateam@finnpartners.com020 3217 7060
The iPad Pro survived the USB barbeque as did a set of Beats headphones.
Apple's iPhone 7 Plus. The Samsung Galaxy Note 7 also - surprisingly - failed to go nova when the same unboxing YouTube psychopath connected it to USBKill. Youtube Video The opportunity for serious harm extends far beyond wasting high end consumer products. USBKill's Russian creator, a chap known as "Dark_Purple" says unnamed car manufacturers have purchased his product to evaluate the susceptibility of vehicle USB ports. The hardware hacker plugged USBKill into his own car of unspecified make and model, frying the dashboard head unit. Chris Gatford, director of Sydney-based penetration testing firm HackLabs, says the threat posed by the devices is unlimited. "USB ports are everywhere - in cars, in power sockets, in charging stations," Gatford says. "And in planes." There appear to have been no public tests against aircraft USB ports which could fry connected entertainment and charging systems, if not cause further faults. Gatford says the attacks are possible when vendors take engineering design shortcuts and do not optically isolate the data lines on USB ports. ® Sponsored: Customer Identity and Access Management
It is worse than that.
It's like we are standing around the dead canary saying 'Thank god it inhaled all the poisonous gas'," Bilby said. The Google hacker also argued that networks are not a security defence because users are so easily able to use mobile networks to upload data to cloud services, bypassing all traditional defences. Advice on safe internet use is "horrible", he added.
Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online. "We are giving people systems that are not safe for the internet and we are blaming the user," Bilby says. He illustrated his point by referring to the 314 remote code execution holes disclosed in Adobe Flash last year alone, saying the strategy to patch those holes is like a car yard which sells vehicles that catch on fire every other week. ® Sponsored: Customer Identity and Access Management
Congressional leaders from both parties told the White House they would no longer consider it with a lame duck president, even one who staunchly backed the plan. Among the reasons the deal was relevant to Ars readers is because of how it treated intellectual property.
The TPP exported US copyright law regarding how long a copyright lasts.
For signing nations, the plan would have made copyrights last for the life of the creator plus 70 years after his or her death.
That's basically the same as in the US. When the 2,000-page text of the deal was released in November last year—after negotiations were done in secret—the Motion Picture Association of America hailed it. "The TPP reaffirms what we have long understood—that strengthening copyright is integral to America’s creative community and to facilitating legitimate international commerce," Chris Dodd, the MPAA chairman, said. At one point last year, many feared the TPP would require signing companies to mandate that Internet service providers terminate accounts for Internet copyright scofflaws.
That, however, never materialized.
In the US, many of the top ISPs have a six-strikes consumer infringement program. Knowledge Ecology International, which monitors international law, said the measure would have gutted provisions in American law encouraging more transparency of patents on biologic drugs.
The group said infringing any patent or copyright could have become more risky and costly. But what a difference a year makes.
Following the victory of Republican Donald Trump, the Senate Majority Leader Mitch McConnell, a Republican of Kentucky, and Sen.
Chuck Schumer, a New York Democrat, have said they would not bring up the TPP vote given that President Barack Obama is leaving office in January. "In terms of the TPP agreement itself, Leader McConnell has spoken to that, and it’s something that he’s going to work with the president-elect to figure out where they go in terms of trade agreements in the future," Wally Adeyemo, Deputy National Security Advisor for International Economic Affairs told The Wall Street Journal late Friday. The nations in the accord include the US, Japan, Australia, Peru, Malaysia, Vietnam, New Zealand, Chile, Singapore, Canada, Mexico, and Brunei.
They represent about 40 percent of the global economy.
China has proposed a 16-nation free-trade bloc that includes India.
Dana replaces Nichola Parker, VP of communications and investor relations, and Jenny Song, the former VP of marketing – both Washington DC based. Nikki has decided to remain in the US, following Covata’s head office relocation back to Sydney, Australia, where the company has been listed on the ASX since November 2014. Dana has more than 18 years of industry experience working with, and consulting for, technology and finance companies.
Almost ten of those were spent as the head of marketing & communications for financial software company Bravura Solutions.
During her tenure, Dana’s global role across Asia Pacific (APAC) and Europe, Middle East and Africa (EMEA) saw her responsible for a team that managed the strategy, development and execution of Bravura’s marketing, internal and external corporate communications, public relations and financial communications for the company. In Dana’s time at Bravura, the company grew from 70 employees in three offices in APAC, to over 1000 employees across 15 offices in ten countries, undertook eight merger & acquisition transactions, and spent over seven years listed on the ASX. Commenting on the appointment, Covata founder and CEO Trent Telford said, “We are excited to have Dana join our growing team. Her strategic and process oriented approach will be important to our product marketing and communications for both our Safe Share and Key-as-a-Service (KaaS) products across Australia, the UK and the US.” Telford added, “I would like to take this opportunity to thank Nikki for her commitment to shareholder communications over the past two years. We wish her all the best in her future endeavours in the US.” Dana Danieli officially commences her role on 7 November 2016. About CovataCovata Limited (ASX: CVT) enables true ownership and control over your data in the cloud and over mobile services. We deliver data-centric security solutions without compromising simple usability, providing true end-to-end security. Your data is always protected wherever it may travel - inside your network, beyond the domain, to mobile devices and to the cloud - with granular access controls that extend to external users, view-only restrictions, real-time revocation and complete visibility and auditability. Own Your Data, control your data and choose where it is stored - with complete assurance that it is protected and secure.
For further information, please visit Covata.com. For more information please contact:Dana DanieliVP Marketing, Communications and IRdana.email@example.com Covata team at Finn PartnersAstor Sonnen or Lindsey ChallisCovatateam@finnpartners.com020 3217 7060
These awards honour the most innovative new products in the server virtualisation, end-user computing and cloud markets. “With all of the flash and hype in today’s security landscape, many organisations overlook the importance of patch management, which eliminates vulnerabilities, as well as the countless threats that target each vulnerability,” said Chris Goettl, senior product manager at Shavlik. “At Shavlik, we pride ourselves on delivering patch management that is easy to install and use. We have made a significant investment in improving patch management for data centre and virtual environments; this award validates our strategy and efforts.” Shavlik helps organisations patch everything from VMware hypervisors to Microsoft Windows to the Mac OS, including the third-party applications running on each. Patching virtual environments is a great strength of Shavlik Protect, which includes capabilities such as: Online and offline virtual machine patching Virtual machine template patching Snapshotting of critical assets for superior rollback VMware vCenter integration VMware ESXi Hypervisor patching In addition, Protect offers an agentless option that is particularly well-suited to the datacentre.
This option allows organisations to assess and deploy patches, while minimising impact to server workloads.
This option also ensures that new virtual systems are never missed. The Best of VMworld awards were chosen by a panel of independent expert judges, composed of editors of TechTarget’s SearchServerVirtualization.com, who evaluated 145 nominated products on display at VMworld 2016.
Each product was evaluated for innovation, value, performance, reliability and ease of use.
The security category acknowledges solutions that follow security best practices and monitor and protect cloud workloads, hypervisors, guest operating systems and virtual networks. To learn more about how Shavlik helps meet patching needs specific to virtual environments, visit http://blog.shavlik.com. About ShavlikShavlik is a recognised leader in patch management, and a pioneer in agentless patching technology, virtual machine (VM) patching and third-party application patching.
Shavlik solutions include Shavlik Protect, Shavlik Patch for Microsoft System Center and Shavlik Empower.
Shavlik’s combination of premise- and cloud-based solutions enables organisations of all sizes to begin improving organisational security in as little as 30 minutes.
For in-depth Patch Tuesday analysis, see: http://www.shavlik.com/patch-tuesday www.shavlik.com About SearchServerVirtualization.comSearchServerVirtualization.com™ is an enterprise virtualisation-focused website providing IT professionals and the community with the latest server virtualisation news, articles, tips, and expert advice. Other virtualisation information includes webcasts and industry white papers covering all areas of server virtualisation, such as virtualisation platforms, server hardware, managing virtual environments, virtualisation architecture and strategies, application issues, and more. Its sister site, SearchVMware.com™, is dedicated to helping IT organisations evaluate products, services and business strategies that can lead them to successful implementations of virtualisation technologies in VMware environments.
And sister site SearchVirtualDesktop.com™ is the premier source for information on desktop virtualisation, application virtualisation, and virtual desktop infrastructure.About TechTargetTechTarget (NASDAQ: TTGT) is the Web’s leading destination for serious technology buyers researching and making enterprise technology decisions. Our extensive global network of online and social media, powered by TechTarget’s Activity IntelligenceTM platform, allows technology sales and marketing teams to leverage real-time purchase intent data to more intelligently engage technology buyers and prioritise follow- up based on active projects, technical priorities and business needs. With more than 120 highly targeted technology-specific websites and a wide selection of custom advertising, branding, lead generation and sales enablement solutions, TechTarget delivers unparalleled reach and innovative opportunities to drive technology sales and marketing success around the world. TechTarget has offices in Atlanta, Beijing, Boston, Cincinnati, London, Munich, Paris, San Francisco, Singapore and Sydney. To learn how you can engage with serious technology buyers worldwide, visit techtarget.com and follow us @TechTarget. Copyright © 2016, Shavlik.
All rights reserved. Press ContactsDan SorensenMethod Communications801firstname.lastname@example.org Jay Jay Merrall-WyreOctopus Group020 3837 email@example.com