6 C
London
Wednesday, November 22, 2017
Home Tags UAE

Tag: UAE

Gaza cybergang is an Arabic politically motivated cyber criminal group, operating since 2012 and is actively targeting the MENA (Middle East North Africa) region.

Gaza cybergang attacks have never slowed down, recent targets by the group does seem to be varied in nature, attackers do not seem to be selectively choosing targets, but rather seeking different kinds of MENA intelligence.
Following the last two years of record sales in the commodity trading and risk management software space, the first 6 months of 2017 have seen Aspectrsquo;s bookings percentage see double digit growth, signing new business, and extending contracts with existing clients.

Aspectrsquo;s new business through two quarters included new deals in the UAE, Athens and Estonia.

AspectCTRM won over competitors on the back of its experienced pre-sales teams and its ability to show the growing... Source: RealWire
The ruler of Dubai said humans should aim to colonize Mars a century from now.
Humans need a high-bandwidth link to machines, so that we don't become obsolete.
Google announces new hardware and updates with the new smartwatch OS.

eProseed will participate as a Supporting Partner in the 11th MENA Regulatory Summit on February 5th & 6th in Dubai, United Arab Emirates.

The summit will cover the main topical challenges faced by the regulatory authorities and the GRC community, a debate in which eProseed has a pivotal role to play as the publisher of FSIP, a comprehensive financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.

The 11th MENA Regulatory Summit will take place in Dubai, UAE, in association with the Dubai Financial Services Authority (DFSA) and under the patronage of H.E.
Sultan bin Saeed Al Mansouri, the UAE Minister of Economy.

Formerly known as the GCC Regulators' Summit, the event has been renamed in an effort to ensure the utmost involvement of the governance, risk and compliance (GRC) community across the MENA (Middle East and North Africa) region, and to expand the dialogue to neighboring countries that share the same topical risk challenges and regulatory outlook.

eProseed logo

"With increasing demands from many international regulatory bodies, financial supervisory authorities are required to monitor the compliance of their financial institutions against numerous new national and international requirements.
In the MENA region, the recent macroeconomic developments have also triggered an unprecedented demand for collection of high precision data at high frequency from all financial institutions to support a better risk based supervision", comments Geoffroy de Lamalle, Chief Executive Officer of eProseed.

MENA: an increasing role in global compliance and combating financial crime
The 11th MENA Regulatory Summit will be attended and supported by regional and international regulators, financial services professionals, law practitioners, advisors and market players.

The participants will highlight the recent macroeconomic developments in the MENA region including the US election, Brexit aftermath, regional regulatory responses to the financial crisis, the digital revolution in financial services, block chain technology, and crowd funding.

The speakers will set the landscape for international anti-financial crime trends, FATF perspective on terrorist financing and emergent types of financial crimes, and the dangers of withdrawal of correspondent banking relationships. Panelists will also discuss trade-based money laundering and trade finance activities, compliance culture, business conduct, business ethics, and compliance conflicts.

eProseed, the Solution Provider for Financial Supervision
Leveraging the proven expertise in developing and implementing end-to-end business solutions based on Oracle's world-class software technology stack and a close collaboration with major Financial Institutions and Regulators, eProseed has developed eProseed Financial Supervision Insight Platform (FSIP), an end-to-end financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.

"In essence, eProseed FSIP is a comprehensive, highly agile, and plug-and-play financial supervision solution, enabling efficient and pro-active collection of high precision data at high frequency from all financial institutions, as well as automating and integrating all regulatory and supervisory functions in one single software solution", says Geoffroy de Lamalle.

About eProseed
eProseed is an ICT services provider and a software publisher. Honored with 8 Oracle ACE Directors and 14 Oracle Excellence Awards in the last 7 years, eProseed is an Oracle Platinum Partner with in-depth expertise in Oracle Database, Oracle Fusion Middleware and Oracle Engineered Systems.

eProseed’s portfolio of business applications and business accelerators is built on state-of-the-art, reliable technologies and sound knowledge of today’s challenges, developed and maintained with the highest standards in mind.

Comprehensive training and support are provided by eProseed’s experts for both applications and underlying technologies.

Headquartered in Luxembourg, in the heart of Europe, eProseed has offices in Beirut (LB), Brussels (BE), Dubai (AE), London (UK), New York (USA), Porto (PT), Riyadh (SAU), Sydney (AU), and Utrecht (NL).

***

Contact
Alexandra Toma
Email: alexandra.toma@eproseed.com
Phone: +40 767 670 566
www.eproseed.com

Press Release The city of Dubai is the backdrop against which commodity trade and risk management (CTRM) vendor Aspect won four landmark new contracts in 2016 for its market information portal and trade and risk management cloud solution - deals which on their own exceeded the company’s multi-million dollar sales target for the entire Middle East. In part the wins highlight how enlightened UAE government policy is continuing to boost Dubai as an entrepreneurial hot house in which new sectors such as trading can flourish.

They also highlight how the global shift to the cloud-based CTRM delivery model pioneered by Aspect is continuing to accelerate, with legacy vendors increasingly failing to win license renewals, and losing out to the cloud on new contracts. Aspect’s wins in Dubai featured two trading houses moving away from existing legacy software suppliers and two newer trading operations adopting CTRM for the first time.

All four Aspect solutions are fully operational, the latest of them proposed, awarded, and delivered in just eight weeks to meet a go-live deadline before the start of Ramadan. “These contracts further prove that AspectCTRM is the best fit with the needs of today’s trading houses, but they also highlight how Dubai is growing in importance as a center of oil trading activity,” said Aspect CEO Steve Hughes. “We are responding by building a dedicated local team of pre and post-sales experts to ensure that we can react even more quickly as Dubai continues its remarkable growth story.” Aspect’s four new customer wins in Dubai – Ferrocadia, Gulf Petrochem, Qaiwan Group, and MENA Energy – head a pipeline of further deals expected to close in the coming quarters. Of the recent four, MENA Energy, is a fully integrated business with its own refining, storage, shipping and financing operations.

After a competitive evaluation MENA Energy decided that AspectDSC and CTRM provided the superior combination of functionality and cost, better able to support its goal of growth through working smarter and more productively. About AspectAspect is a leading global provider of multi-commodity trade, risk and operations management applications delivered Software-as-a-Service (SaaS) in the cloud. With almost 500 customers in 90 countries, it’s one of the fastest growing providers with rapid deployment, affordable subscriptions, and immediate ROI for all size companies.
Solutions include AspectCTRM®, a full-featured commodity trading and risk management enterprise suite for front, middle and back office.
It’s available in three editions: Lite, Standard and Enterprise, expanding in functionality according to the needs and budgets of clients.

Aspect is the only ETRM/CTRM solutions provider with market data and analytics tools delivered with its trade and risk functions on the same platform.

This provides users with a seamless packaged solution beginning with pre-trade pricing analysis and market assessments via AspectDSC.

Aspect’s solutions are available on desktop, tablets and mobile devices and through its Aspect Partner Program (APP). Media ContactBrigette GebhardAspect+1 347-328-0396bgebhard@aspectenterprise.com
Kaymera: building on shoulders of a giant, claim The arrival of a security hardened version of Google’s suppoed "iPhone killer" Pixel phone from Kaymera has received a sceptical reception from one expert. Kaymera Secured Pixel is outfitted with Kaymera’s own hardened version of the Android operating system and its security architecture. This architecture is made up of four layers: encryption, protection from malicious downloads, a prevention layer that monitors for unauthorised attempts to access OS functions (such as microphone, camera or GPS), and a detection and enforcement layer that monitors, detects and blocks malicious code or misbehaving apps.
Indecent mobile security experts have questioned whether the technology offers much by way of benefits over that offered by native Pixel smartphones. But professor David Rogers, chief executive of Copper Horse and a Lecturer in mobile systems security at the University of Oxford, questioned what exaclty is new. “Many of the proposed functions are already in-built into Pixel (examples below), so what are the extra benefits Kaymera offers?” For example, Pixel has full device encryption and file-based encryption, backed by TrustZone. Plus, as it's Google’s own phone, Pixel is first in line for patching - an important security defence in itself. “Pixel has many other functions and capabilities built over many years including Position Independent Execution (PIE), Address Space Randomisation Layout (ASLR), SE Linux and so on,” Rogers added. Kaymera responded that its kit offered benefits on this front by enforcing security controls built into Pixel but not actually enforced. Oded Zehavi, Kaymera chief operating offficer, told El Reg: “In places where Google has good enough security, we leverage the existing functionality (in many of the examples given here, the functionality is not actually enforced.
In these cases we enforce and prevent disabling of the security functionality by negligent users or malicious hackers).” Third-parties building on Google security do not have a good track record in this space (including Blackphone) in terms of getting their own code secure and tested properly, including updates.  Rogers is unconvinced that Kaymera will do any better with hardening Pixel than others have done with hardening Android. Zehavi responded that Kaymera devices have been tested to the most rigorous standards by governments around the world. “As a philosophy we always have more than one security layer against any attack vector hence we don’t trust any single security measure including Google security measures.

For example, our prevention layer feeds with fake resources any payload that may overcome the OS hardening and get loaded onto the device,” Zehavi said. Rogers remains unconvinced about the security proposition of the Kaymera Secured Pixel, especially in the absence of NCSC certification or US security certification.
It’s more like “some kind of Chimera rather than a Kaymera,” he cuttingly concluded. “If Kaymera really want to protect against comms interception, low-level malware attacks and so on, they would have to build some kind of firewall and introspection capability,” Rogers said. “To do that they would need access inside the Radio Interface Layer and also to processes and app data.” “Google’s security architecture does not allow this unless you ‘roll your own’ in a big way, creating your own device and modifying the AOSP [Android Open Source Project] code to deliver a bespoke device,” he added. Creating a bespoke device risk undoing Google’s security controls, Rogers warned. “Application sandboxing and isolation there for a reason, including enforcing the Principle of Least Privilege,” he said. The Israeli manufacture said it had been careful to add extra security without breaking Google’s existing controls. Zehavi explained: “Even though we embed our code deep into the AOSP code in layers that are beyond what regular applications can reach, we do not break any existing Google security measures including the sandboxing etc.
Instead, we add extra measures across the board that, as mentioned, leverage the existing mechanism but bring the device to a total different level of security which cannot be achieved via the application layer alone.” Rogers responded: “They admit to using AOSP which I guess means they self-sign the build of the device themselves.

That then comes down to a question of trust in who is digitally signing the product (that gives that signer access to absolutely everything, the radio path, the private data, the lot).“ The Kaymera Secured Pixel is aimed at business and government customers prepared to pay for extra to avoid the security weaknesses associated with the ‘off the shelf’ Android operating system.

The device retains the original Google device’s purpose-built hardware, features and ergonomics. Users can, for example, still use the fingerprint scanner. Kaymera devices are centrally managed via the company’s management dashboard, enabling easy enforcement of security policies on the smartphone. Kaymera’s secured Pixel phone is available immediately. Kaymera was started in late 2013 by the founders of NSO, the surveillance tech provider whose legitimate iPhone spyware malware was used to target the phone of UAE human rights activist Ahmed Mansoor in August 2016.  The spyware caused Apple to rush out emergency software patches, to plug vulnerabiliies in its iOS mobile operating system. The Israeli firm is open about its roots.
If NSO is a ‘poacher’, selling surveillance tools to governments, then Kaymera is the gamekeeper, its pitch runs. “I’m not sure I can buy in to the poacher turned gamekeeper thing here and I would rather trust Google in this case,” Rogers concluded. ® Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub
Reasonably secure messenger has, for now, outwitted those who would block it The latest update of Signal, one of the most well-regarded privacy-focused messaging applications for non-technical users, has just been revised to support a censorship circumvention technique that will make it more useful for people denied privacy by surveillance-oriented regimes. In response to reports that Egypt and the United Arab Emirates have been blocking Signal messaging through regional ISPs, Open Whisper Systems has revised the Android version of Signal to implement a technique called domain fronting. "With today's release, domain fronting is enabled for Signal users who have a phone number with a country code from Egypt or the UAE," said company founder Moxie Marlinspike in a blog post. "When those users send a Signal message, it will look like a normal HTTPS request to www.google.com.

To block Signal messages, these countries would also have to block all of google.com." As described in a 2015 paper by researchers from the University of California, Berkeley, Psiphon, and Brave New Software, domain fronting relies on the use of different domain names at different application layers to evade censorship. In contrast to a typical HTTPS request, where the domain name is echoed across the DNS query, the TLS Server Name Indication (SNI) extension, and the HTTP Host header, a domain-fronted request includes a decoy domain and a real domain. The DNS query and SNI present the "front domain" while the HTTP Host header, inaccessible in transit thanks to HTTPS, contains the actual destination – presumably a domain that's disallowed or censored. When the front domain is something like "google.com," then blocking that domain would deny everyone on the censored network access to Google. According to Marlinspike, Open Whisper's goal is to make disabling the internet the only option for regimes that would disable Signal. Domain fronting requires a CDN, to receive the request on an edge server and forward the request to the domain in the HTTP host header, or a service that provides similar functionality, like Google's App Engine, through a reflection script. Such service typically isn't free.

The research paper cites costs ranging from $0.10–0.25 per GB among service providers like Google App Engine, Amazon CloudFront, Microsoft Azure, Fastly, and CloudFlare.

This may explain why Signal isn't making domain fronting a default everywhere. Marlinspike said an iOS version of Signal that supports domain fronting is available through Signal's beta channel and a stable version is expected soon.
Subsequent updates, he said, will improve censorship detection and circumvention and broaden the availability of domain fronting. ® Sponsored: Next gen cybersecurity.
Visit The Register's security hub
Gulf Petrochem Group, the UAE-based global oil and petrochemicals conglomerate, has today announced that it has selected cloud-based E/CTRM technology from Aspect to help drive future growth.The Group, valued at $2.5bn is active in oil trading, bunkering, manufacturing and refining, storage, shipping and logistics and related areas, and is a leading bunkering firm in the Gulf and ARA (Europe) regions.

The company’s continuing success has meant it has effectively outgrown its previous CTRM platform and needed to upgrade. Niranjan Desai, Gulf Petrochem’s Global head of IT Operations explains, “As our business continues to grow in both scale and by geography, the timely reporting of P&L and inventory across all of our offices was becoming more challenging considering our dependence on disparate legacy solutions that did not integrate adequately.

AspectCTRM’s complete, fully integrated trade, risk and operations components, and the way it will be able to handle all of the elements of Gulf Petrochem’s business activities seamlessly in just one solution are among the reasons it was chosen.” “Aspect will give us a complete overview of our paper and physical trading, storage, inventory, cargos at sea, bunkering and refining, delivering the same information in real time to our employees around the world.
System based oversight monitoring of trades, the ability to handle real-time valuations and reporting of trade positions are some of the key features that convinced us to choose Aspect’s E/CTRM solution. More over the integration of ETRM with our existing ERP system will truly form the back-bone of information flow in a controlled environment within GP locations across the globe,” added Desai. Fieras Freijeh, Aspect’s Managing Director for the Middle East and Africa, said the Gulf Petrochem deal paved the way for more business in the region: “We’re seeing more companies undergoing renewed growth and finding their previous generation CTRM solutions unable to scale effectively.

Aspect’s cloud-based strategy can be scaled up or down at will depending on business needs.

At the same time Aspect's data foundation means everyone, everywhere in the organization can be confident they are working with the exact same information.” A further benefit of Aspect’s solution will be its designed-for-the-cloud, built-for-the-cloud architecture.

Future expansion in Gulf Petrochem’s business will be easily accommodated by the solution’s inbuilt any-to-many scalability, clear per-seat subscription pricing model and simple upgrade path. About AspectAspect is the leading global provider of multi-commodity trade, risk and operations management applications delivered Software-as-a-Service (SaaS) in the cloud. With almost 500 customers in 90 countries, it’s one of the fastest growing providers with rapid deployment, affordable subscriptions, and immediate ROI for all size companies.
Solutions include AspectCTRM®, a full-featured commodity trading and risk management enterprise suite for front, middle and back office.
It’s available in three editions: Lite, Standard and Enterprise, expanding in functionality according to the needs and budgets of clients.

Aspect is the only ETRM/CTRM solutions provider with market data and analytics tools delivered with its trade and risk functions on the same platform.

This provides users with a seamless packaged solution beginning with pre-trade pricing analysis and market assessments via AspectDSC.

Aspect’s solutions are available on desktop, tablets and mobile devices and through its Aspect Partner Program (APP). About Gulf Petrochem GroupGulf Petrochem Group is a leading player in the oil industry, specializing in Oil Trading and Bunkering, Oil Refining, Grease Manufacturing, Oil Storage Terminals, Bitumen Manufacturing, and Shipping and Logistics. Headquartered in United Arab Emirates, and having a presence in South Asia, the Far East Asia, Africa and Europe, Gulf Petrochem has emerged as one of the well-established manufacturers and traders of petroleum products in major parts of the world.
Press Release The oil trading arm of Qaiwan Group, a diversified conglomerate based in Kurdistan Region of Iraq, is to deploy AspectCTRM, the cloud-delivered commodities trade and risk management solution, it is announced today. Aspect, which pioneered cloud-delivered CTRM, sealed the deal with Qaiwan’s Dubai-based trading operation bringing 2016 to a close with five new customers in Dubai.

AspectCTRM is due to begin supporting trading at Qaiwan by April 2017.

Aspect’s other 2016 wins in Dubai were all live by the end of September, making Aspect the only CTRM vendor to take any deals from close to live operation in the UAE during 2016. Qaiwan’s Head of Trading Marco Williams said: “We are growing our team of risk managers and traders and need our new people to be able to hit the ground running. We looked at five alternatives and with Aspect we know we have ordered best of breed.

Functionally, AspectCTRM works the way we work, and delivery from the cloud enables Aspect to promise deployment in a matter of weeks from start to go-live, backing up that claim with an impressive list of references both here in Dubai and at other trading centers around the world.” Qaiwan Group is the largest oil trading company in Kurdistan, operating the Bazian Oil Refinery 25 km from Sulaymaniyah, one of only two refineries in the Kurdistan region and producing 40,000 barrels a day.

The refinery is currently the focus of a major modernization and expansion investment program that will see capacity increase to over 125,000 barrels. Aspect’s Managing Director for the Middle East and Africa Fieras Freijeh said: “This is a landmark deal for us, our second with a Kurdistan trading house and our fifth new customer won by our newly-formed Dubai operation in 2016. We are making a major investment in our Dubai team to ensure that we continue to deliver the quick response so valued by our users in the region.” About AspectAspect is a leading global provider of multi-commodity trade, risk and operations management applications delivered Software-as-a-Service (SaaS) in the cloud. With almost 500 customers in 90 countries, it’s one of the fastest growing providers with rapid deployment, affordable subscriptions, and immediate ROI for all size companies.
Solutions include AspectCTRM®, a full-featured commodity trading and risk management enterprise suite for front, middle and back office.
It’s available in three editions: Lite, Standard and Enterprise, expanding in functionality according to the needs and budgets of clients.

Aspect is the only ETRM/CTRM solutions provider with market data and analytics tools delivered with its trade and risk functions on the same platform.

This provides users with a seamless packaged solution beginning with pre-trade pricing analysis and market assessments via AspectDSC.

Aspect’s solutions are available on desktop, tablets and mobile devices and through its Aspect Partner Program (APP).
To spy on a human rights activist, hackers allegedly connected to a Middle Eastern government used three previously unknown vulnerabilities in Apple's iOS. The claims -- from research at Toronto-based Citizen Lab and mobile security firm Lookout -- focus on spyware that targeted Ahmed Mansoor, an activist in the United Arab Emirates. Earlier this month, Mansoor received an SMS text message on his iPhone claiming to offer "new secrets" about tortured detainees in his country. However, inside the message was a link that, once clicked, can infect an iPhone with spyware, using three zero-day exploits of iOS, the research found. The exploits work by remotely jailbreaking the device to secretly download the spyware – which can then access the iPhone's camera, microphone, and messages. Lookout called the attack the most sophisticated it's ever seen on a device.

The researchers have already informed Apple about the exploits, and iOS version 9.3.5 -- which was released on Thursday -- fixes the issues. The attack is rare because it used three previously unknown vulnerabilities, suggesting the hackers were well-funded. Just one of these exploits can be worth $1 million. Citizen Lab, however, is pointing fingers at an Israeli security firm called NSO Group, which reportedly specializes in monitoring smartphones of government targets. NSO Group doesn't maintain a website, and an email to the company went unanswered.

But Citizen Lab said leaked documents appear to show the Israeli company selling a spyware product called Pegasus, which matches with the three zero-day exploits found. Citizen Lab also analyzed the domain name in the link Mansoor received via SMS text message.

Following a long internet trail, it found an NSO Group registered email as part of evidence tying the Israeli company to the attack. The UAE likely hired NSO Group to spy on Mansoor, Citizen Lab added. Mansoor has previously been the target of commercial spyware back in 2011 and 2012. "While these spyware tools are developed in democracies, they continue to be sold to countries with notorious records of abusive targeting of human rights defenders," said Citizen Lab, which is based out of the University of Toronto. The UAE's embassy didn't immediately respond for comment.