Connect with us

News

ON LOCATION

Published

on

Updated : November 7, 2013 0:0  ,
By Nader Baghdadi

Location-based Wi-Fi services can add real and immediate value to existing enterprise and carrier Wi-Fi deployments writes Nader Baghdadi – Regional Director, Middle East, Ruckus Wireless

Knowing where someone is, is important. If you know where someone is, you are in a better position to do something for or with them. This is the basic concept behind location-based Wi-Fi services (so-called LBS).

Indoor location technologies have received a lot of attention in the mobile world recently, with Apple’s acquisition of WiFiSLAM, Google’s increasing support for indoor locations in Google Maps, and Microsoft’s expansion of indoor maps in Bing.

By knowing where clients are, companies are able to help them get wherever they need to go, make the network experience better for them, use data from their location to optimize their experience, offer and tell them stuff along the way, and tell them stuff along the way. As Smart Wi-Fi solves the capacity, reliability, and performance problems on Wi-Fi infrastructures, enterprises and carriers have become keenly interested in offering LBS services to their customers and their’ clients.

Different Approaches to Using Wi-Fi to Determine Location

Think of Wi-Fi location as indoor GPS. Wi-Fi-based positioning systems are used where GPS is inadequate, due to various causes including multipath and signal blockage indoors. Though the Wi-Fi protocol fundamentals haven’t changed much in the past few years, the ecology of Wi-Fi location services have completely flipped.

Now that almost every human on the planet has multiple Wi-Fi-enabled devices—in pocket, on hip, in hand, on desk—businesses from retail and hospitality to healthcare and education are looking to capitalize. With that shift, new techniques to improve accuracy are emerging, user behavior and expectations are changing, and new location service models are being built.

Wi-Fi supports a number of different location approaches today, but signal strength localization based on signal strength (using multiple received signal measurements to calculate the source’s location) and RF fingerprinting (collecting on-site RF data to map signal measurements to locations) have been the most common. Most of the focus on location was initially placed on asset tracking or locating clients and rogue APs.

Some techniques to determine client location include RTLS, mobile applications, Wi-Fi signal-based localization and RF Fingerprinting, and time difference of Arrival (TDOA)

Crunching Location Data Improves Reliability

With mobile devices as the catalyst, a more user- and consumer-centric approach to location is taking form, where businesses seek to benefit indirectly by adding value to their customers, guests, or end-users. The breadth of appeal for mobile and the increasing use of Wi-Fi also enable businesses to justify the cost of application development (and the Wi-Fi network itself), because suddenly Wi-Fi is tied to revenue instead of expenses.

Borrowing a theme from the mobile ecosystem, location platforms are creating easy-to-use APIs and SDKs, simplifying the integration and customization issues. Instead of building a generic application tailored for some specific customers, location vendors build the location tools and then allow the customer to build their unique application.

Beyond the Infrastructure: Data is King

It’s important to note that the biggest single benefit of LBS services is gathering data and analytics from users that can be used by organizations to improve the user experience and customer service. Almost always, when you hear pundits talk about location services, they cite the usefulness of location to push people advertisements and coupons. This is interesting and useful but users find it bothersome at best.

Naturally, a lot of focus has been on retail, where location and analytics are wed. As we’re already seeing, many solutions focus on higher-level analytics with rough RSSI data to evaluate customer traffic trends, capture rates, return rates, and similar. But with more information, retail centers can optimize stores based on typical customer traffic paths, or venue owners can charge more for premium storefront or high-view ad spots.

But look at verticals such as hospitality. They have elements of retail (bar, restaurant, spa/massage services). Then they have navigation challenges (where is the conference room, bar, my child, pool, fitness area, etc.), where a site mapping/navigation app could be helpful.

Then there’s the huge premium on customer service, where location services could be tied to customer service systems—personalized greetings for loyalty members, quicker in-app check-in on arrival, and you can dream up any number of ways to pamper guests with location-specific customer service enhancements.

And the wheels are spinning in other industries, like transportation, manufacturing, healthcare, stadiums, and other venues. Expect Wi-Fi to provide much more than Internet access; as the trend matures, users will begin looking for site/venue-specific apps on arrival.

Beyond the enterprise, carriers have an even stronger interest in offering location services and analytics – not only to better tune their network but to also help monetize them.

Smarter Wi-Fi services that add granular location details of users leveraging basic network information allow carriers and their customer to deliver much a higher quality experience to end users.

If it’s not already, put this topic on your radar. Location may be the next place to be.

Continue Reading

News

The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”

Published

on

Voldemort malware

In August 2024, Proofpoint researchers identified an unusual campaign using a novel attack chain to deliver custom malware. The threat actor named the malware “Voldemort” based on internal filenames and strings used in the malware. 

The attack chain comprises multiple techniques currently popular within the threat landscape as well as uncommon methods for command and control (C2), like the use of Google Sheets. Its combination of tactics, techniques, and procedures (TTPs), lure themes impersonating government agencies of various countries, and odd file naming and passwords like “test” are notable. Researchers initially suspected the activity may be a red team. However, the large volume of messages and analysis of the malware very quickly indicated it was a threat actor.  

Proofpoint assesses with moderate confidence this is likely an advanced persistent threat (APT) actor with the objective of intelligence gathering. However, Proofpoint does not have enough data to attribute with high confidence to a specific named threat actor (TA). Despite the widespread targeting and characteristics more typically aligned with cybercriminal activity, the nature of the activity and capabilities of the malware show more interest in espionage rather than financial gain at this time. 

Voldemort is a custom backdoor written in C. It has capabilities for information gathering and to drop additional payloads. Proofpoint observed Cobalt Strike hosted on the actor’s infrastructure, and it is likely that is one of the payloads that would be delivered.  

Beginning on 5 August 2024, the malicious activity included over 20,000 messages impacting over 70 organizations globally. The first wave of messages included a few hundred daily but then spiked on 17 August with nearly 6,000 total messages.  

Messages purported to be from various tax authorities notifying recipients about changes to their tax filings. Throughout the campaign, the actor impersonated tax agencies in the U.S. (Internal Revenue Service), the UK (HM Revenue & Customs), France (Direction Générale des Finances Publiques), Germany (Bundeszentralamt für Steuern), Italy (Agenzia delle Entrate), and from August 19, also India (Income Tax Department), and Japan (National Tax Agency). Each lure was customized and written in the language of the authority being impersonated. 

Proofpoint analysts correlated the language of the email with public information available on a select number of targets, finding that the threat actor targeted the intended victims with their country of residence rather than the country that the targeted organization operates in or country or language that could be extracted from the email address. For example, certain targets in a multi-national European organization received emails impersonating the IRS because their publicly available information linked them to the US. In some cases, it appears that the threat actor mixed up the country of residence for some victims when the target had the same (but uncommon) name as a more well-known person with a more public presence. Emails were sent from suspected compromised domains, with the actor including the agency’s real domain in the email address.

The threat actor targeted 18 different verticals, but nearly a quarter of the organizations targeted were insurance companies. Aerospace, transportation, and university entities made up the rest of the top 50% of organizations targeted by the threat actor.  

Proofpoint does not attribute this activity to a tracked threat actor. Based on the functionality of the malware and collected data observed when examining the Sheet, information gathering was one objective of this campaign. While many of the campaign characteristics align with cybercriminal threat activity, we assess this is likely espionage activity conducted to support as yet unknown final objectives.  

The Frankensteinian amalgamation of clever and sophisticated capabilities, paired with very basic techniques and functionality, makes it difficult to assess the level of the threat actor’s capability and determine with high confidence the ultimate goals of the campaign. It is possible that large numbers of emails could be used to obscure a smaller set of actual targets, but it’s equally possible the actors wanted to genuinely infect dozens of organizations. It is also possible that multiple threat actors with varying levels of experience in developing tooling and initial access worked on this activity. Overall, it stands out as an unusual campaign.   

The behavior combines a variety of recently popular techniques observed in several disparate campaigns from multiple cybercriminal threat actors that have used similar techniques as part of ongoing experimentation across the initial access ecosystem. Many of the techniques used in the campaign are observed more frequently in the cybercriminal landscape, demonstrating that actors engaging in suspected espionage activity often use the same TTPs as financially motivated threat actors. 

While the activity appears to align with espionage activity, it is possible that future activities associated with this threat cluster may change this assessment. In that case, it would indicate cybercriminal actors, while demonstrating some typical e-crime delivery characteristics, used customized malware with unusual features currently only available to the operators and not abused in widespread campaigns, as well as very specific targeting not normally seen in financially motivated campaigns. 

Defense against observed behaviors includes restricting access to external file sharing services to only known, safelisted servers; blocking network connections to TryCloudflare if it is not required for business purposes; and monitoring and alerting on use of search-ms in scripts and suspicious follow-on activity such as LNK and PowerShell execution. 

Proofpoint reached out to our industry colleagues about the activities in this report abusing their services, and their collaboration is appreciated. 

Continue Reading

Hospitality

FHS World brings together top UAE chefs for Middle East’s first Sustainable Cook-off

Published

on

Sustainable Cook-off

Top chefs from across the UAE will come under the spotlight at the region’s first Sustainable Cook-off contest, taking place at Future Hospitality Summit – FHS World at Madinat Jumeirah in Dubai, 30 September to 2 October.

Celebrating the unique flavours of the UAE and culinary excellence while championing sustainability in line with government net zero directives, the competition – in partnership with The Emirates Culinary Guild (ECG), UAE Restaurants Group (UAERG), Fresh On Table and the Hospitality Asset Managers Association (HAMA) – will see locally-sourced ingredients transformed into innovative, gastronomic masterpieces to be presented to a panel of esteemed judges and served to FHS delegates.

Jonathan Worsley, Chairman of FHS World organiser, The Bench, said: “We are absolutely thrilled to add the Sustainable Cook-off to our list of first-time event features and attractions at FHS World 2024. This unique competition – a natural fit with FHS World’s overarching theme of ‘Invest in our Future’ – is the perfect platform for chefs to grow, develop and foster young talent. And, with the spotlight on ESG like never before, it’s an ideal way to highlight and promote sustainable practices in terms of culinary, hotel, and event operations.

“It is also very fitting that our Sustainable Cook-off is taking place at Madinat Jumeirah – the original home of the Arabian Hotel Investment Conference (AHIC), now FHS. Jumeirah, our host sponsor, has proactively led the way on sustainable practices over the last decade and continues to explore ways to innovate and make major events like FHS more sustainable.”

The Sustainable Cook-off is themed ‘The Sustainable 7 Emirates’, with a focus on fresh produce from Abu Dhabi, Dubai, Fujairah, Ras Al Khaimah, Umm Al Quwain, Ajman and Sharjah. The ECG and UAERG is partnering with FreshOnTable to source and secure the local ingredients, which include Manchego cheese, honey, sea bream, exotic mushrooms and edible flowers.

“At FreshOnTable, we are excited to have envisioned the concept of showcasing 7 ingredients from 7 emirates for this innovative event. The Sustainable Cook-off is not just a competition; it’s a celebration of how local ingredients and creative techniques can unite to promote a more sustainable future in gastronomy. We look forward to seeing how the UAE’s top chefs will bring this idea to life, setting new benchmarks for environmental impact and culinary creativity,” commented Atul Chopra, Founder & CEO, FreshOnTable.

The contest kicks off with a virtual format, where the chefs’ chosen recipe and photograph of the dish are submitted to judges for assessment. The top 15 will then be invited to cook their dish live at FHS World, with five chefs recreating their culinary masterpiece each day of the event. And, to ensure that FHS World delegates get a taste of the action, each creation will be replicated by the Madinat Jumeirah Culinary Team and served to FHS World attendees.

Spearheading the work, creativity and forward-thinking approach of UAE chefs is Andy Cuthbert, President of the Emirates Culinary Guild, advisor to the UAE Restaurants Group and General Manager, Madinat Jumeirah Conferences and Events.  

Commenting on the Sustainable Cook-off, he said: “The UAE is firmly established as a leading hub for culinary innovation and education, and a world-class destination for gastronomes.  With that, comes a responsibility to help protect the environment in line with UAE government net zero objectives.  As sustainability becomes more and more important, the hospitality fraternity must continually think about how their actions today affect our planet of tomorrow.  The Sustainable Cook-off is a fantastic opportunity to showcase the talent, imagination and green-thinking approach among some of the country’s most renowned chefs.”

“I am confident that the Sustainable Cook-Off will inspire not only the participants but also the entire culinary community to embrace sustainability and innovation. It is through events like this that we can collectively elevate the standards of our industry and continue to celebrate the unique and diverse flavors that the Emirates have to offer,” added Abdulla AlMulla, Chairman, UAE Restaurants Group.

ESG and sustainability feature heavily on the FHS World agenda, with a host of presentations and panel debates under a key conference track:  People, Planet, Profit.

Continue Reading

News

RAKBANK partners with Bitpanda Technology Solutions to unlock digital assets in the UAE

Published

on

Bitpanda Technology Solutions

The National Bank of Ras Al Khaimah has reached an agreement with Bitpanda Technology Solutions to provide a robust platform that will enable UAE residents to effortlessly manage digital assets.

When fully launched, RAKBANK customers will be able to pursue various digital assets use cases unlocking one of the most complete offerings available in the UAE market. This is however subject to CBUAE approval.

The partnership positions RAKBANK and Bitpanda at the forefront of the digital financial breakthrough in the UAE, while fostering growth in the digital assets sector. This allows banks to participate in the virtual asset economy without needing to develop their own in-house virtual asset capabilities.

Dongjun “DJ” Choi, Group Chief Customer Officer of RAKBANK commented: “We believe digital assets represent one of the future ways for customers to manage their finances more efficiently and securely. This partnership is poised to fill the gap in the market for a trustworthy and regulated banking platform to deal in digital assets. By merging our expertise, we aim to revolutionize the traditional financial landscape for the benefit of our customers, enabling them to explore a broader range of digital assets opportunities.”

Lukas Enzersdorfer-Konrad, CEO of Bitpanda Technology Solutions added: “RAKBANK has a long history of pioneering crypto innovation in the UAE, and we want to support their ambitions. Bitpanda Technology Solutions is fully modular, enabling us to tailor products to our partners’ needs. This partnership exemplifies the importance of that flexibility. Together, we will transform crypto access for millions in the UAE and lay the groundwork for future innovation.”

Continue Reading

Trending

Please enable JavaScript in your browser to complete this form.

Copyright © 2023 | The Integrator