Monthly Archives: August 2017

International General Insurance Holdings Limited posts rising GWP for H1 2017 and growth in key lines of business

Posted in Business | Tagged | Comments Off on International General Insurance Holdings Limited posts rising GWP for H1 2017 and growth in key lines of business

Middle East Council of Shopping Centres to host “NEXTGEN Networking Reception” in Kuwait

MECSC’s Next Generation Events – connecting shopping centre and retail industry professionals across the MENA read more

Posted in Events | Tagged , , | Comments Off on Middle East Council of Shopping Centres to host “NEXTGEN Networking Reception” in Kuwait

Fluctuation in the Exploit Kit Market – Temporary Blip or Long-Term Trend?

Exploit kit activity is waning. Collectively these malware distribution tools used to be a prominent method of infection. They rely on compromised websites, malicious adverts and social engineering to direct web traffic to their landing pages and attempt the exploitation of vulnerable software. Operated by various actors and groups, exploit kits possess different features, use various exploits and distribute different malware to victims. Since June 2016 at least four of the major players in this area ceased to be active. In this blog, I wanted to explore which exploit kits are still around and propose some plausible scenarios for the future of the exploit kit landscape. read more

Posted in ICT | Tagged , , | Comments Off on Fluctuation in the Exploit Kit Market – Temporary Blip or Long-Term Trend?

VLCC and Saudi Conglomerate Cigalah Group Sign Strategic Partnership

6 VLCC Wellness Centers in KSA in next 3 years, total investment of over AED 30 million read more

Posted in Business Setup in UAE | Tagged , , | Comments Off on VLCC and Saudi Conglomerate Cigalah Group Sign Strategic Partnership

“إن إم سي” تتولى إدارة منشآت الإمارات لخدمات الرعاية الصحية

إيرادات الشركة من عقود التشغيل والإدارة تتجاوز ٧٠ مليون درهم إماراتي سنوياً read more

Posted in Business Setup in UAE | Tagged | Comments Off on “إن إم سي” تتولى إدارة منشآت الإمارات لخدمات الرعاية الصحية

Don’t Turn out the Lights on Dark Web Marketplaces

We’ve all heard the phrase: “When one door closes, a window opens.” You can bet that as you’re reading this, those engaged in cyber crime on the dark web are looking for that next ‘market place window’ to open. read more

Posted in ICT | Tagged , | Comments Off on Don’t Turn out the Lights on Dark Web Marketplaces

Infrastructure Improvements by the Government and Telecom Operators Drive the UAE Cloud Computing Market

Partnerships will be critical to augment growth opportunities and advance adoption rates, finds Frost & Sullivan’s Digital Transformation team read more

Posted in ICT | Tagged , , , , , | Comments Off on Infrastructure Improvements by the Government and Telecom Operators Drive the UAE Cloud Computing Market

Antimicrobial Coatings for Medical Devices Welcome Gradual Boost from Technology Advancements and Consumer Awareness of Benefits

Medical device manufacturers must collaborate, partner or innovate with coating manufacturers to remain competitive, finds Frost & Sullivan’s Visionary Science team read more

Posted in Business | Tagged , , | Comments Off on Antimicrobial Coatings for Medical Devices Welcome Gradual Boost from Technology Advancements and Consumer Awareness of Benefits

NMC Health to Operate and Manage Emirates Healthcare Assets

Revenues from O&M contracts to exceed AED 70 million read more

Posted in Business Setup in UAE | Tagged , | Comments Off on NMC Health to Operate and Manage Emirates Healthcare Assets

Digital innovation themed at the Abu Dhabi International Downstream Summit

Abu Dhabi International Downstream Summit attracts record numbers read more

Posted in Events, ICT | Tagged , | Comments Off on Digital innovation themed at the Abu Dhabi International Downstream Summit

ROPEMAKER: Email Security Weakness – Vulnerability or Application Misuse?

Blog by Matthew Gardiner, Senior Product Marketing Manager, Mimecast

Most people live under the assumption that email is immutable once delivered, like a physical letter.  A new email exploit, dubbed ROPEMAKER by Mimecast’s research team, turns that assumption on its head, undermining the security and non-repudiation of email; even for those that use SMIME or PGP for signing.  Using the ROPEMAKER exploit a malicious actor can change the displayed content in an email at will. For example, a malicious actor could swap a benign URL with a malicious one in an email already delivered to your inbox, turn simple text into a malicious URL, or edit any text in the body of an email whenever they want. All of this can be done without direct access to the inbox.

Described in more detail in a recently published security advisory, Mimecast has been able to add a defense against this exploit for our customers and also provide security recommendations that can be considered non-customers to safeguard their email from this email exploit.

So what is ROPEMAKER?

The origin of ROPEMAKER lies at the intersection of email and Web technologies, more specifically Cascading Style Sheets (CSS) used with HTML.  While the use of these Web technologies has made email more visually attractive and dynamic relative to its purely text-based predecessor, this has also introduced an exploitable attack vector for email

Clearly, giving attackers remote control over any aspect of ones’ applications or infrastructure is a bad thing.  As is described in more depth in the ROPEMAKER Security Advisory, this remote-control-ability could enable bad actors to direct unwitting users to malicious Web sites or cause other harmful consequences using a technique that could bypass common security controls and fool even the most security savvy users.  ROPEMAKER could be leveraged in ways that are limited only by the creativity of the threat actors, which experience tells us, is often unlimited.

To date, Mimecast has not seen ROPEMAKER exploited in the wild.  We have, however, shown it to work on most popular email clients and online email services.  Given that Mimecast currently serves more than 27K organizations and relays billions of emails monthly, if these types of exploits were being widely used it is very likely that Mimecast would see them.  However, this is no guarantee that cybercriminals aren’t currently taking advantage of ROPEMAKER in very targeted attacks.

For details on email clients that we tested that are and are not exploitable by ROPEMAKER and the specifics on a security setting recommended by Apple for Apple Mail, please see the ROPEMAKER Security Advisory.

Is ROPEMAKER a software vulnerability, a form of potential application abuse/exploit, or a fundamental design flaw resulting from the intersection of Web technologies and email?  Does it really matter which it is? For sure attackers don’t care why a system can be exploited, only that it can be. If you agree that the potential of an email being changeable post-delivery under the control of a malicious actor increases the probability of a successful email-borne attack, the issue simplifies itself.  Experience tells us that cybercriminals are always looking for the next email attack technique to use.  As an industry let’s work together to reduce the likelihood that the ROPEMAKER style of exploits gains any traction with cybercriminals!

Want to learn more? Download the full ROPEMAKER security advisory.

Posted in ICT | Tagged , , | Comments Off on ROPEMAKER: Email Security Weakness – Vulnerability or Application Misuse?

Report Unveils Dubai and Abu Dhabi Property Market Performance in H1 2017

Bayut.com: Return on Investments for UAE property still strong read more

Posted in Business | Tagged , , | Comments Off on Report Unveils Dubai and Abu Dhabi Property Market Performance in H1 2017

His Highness Sheikh Mohammed bin Rashid Al Maktoum Unveils Blueprint for Dubai Food Park

US$1.5 billion project to take shape at Dubai Wholesale City read more

Posted in Events | Tagged | Comments Off on His Highness Sheikh Mohammed bin Rashid Al Maktoum Unveils Blueprint for Dubai Food Park

Invest Group Overseas Commits Investment of over AED2 Billion by 2020 Starting with Launch of IGO 101

Posted in Business | Tagged , , , | Comments Off on Invest Group Overseas Commits Investment of over AED2 Billion by 2020 Starting with Launch of IGO 101