Tech Features
Making Sense of Identity Threat Risks

By David Warburton, Director, F5 Labs
The growing maturity of cloud computing, including shifts towards decentralized architectures and APIs, has highlighted the complexity of managing credentials in increasingly interconnected systems. It has also underlined the importance of managing non-human entities like servers, cloud workloads, third-party services, and mobile devices.
F5 Labs’ 2023 Identity Theft Report defines identity as an artifact that an entity uses to identify itself to a digital system – such as a workload, a computer, or an organization. Examples of digital identities include username/password pairs and other personally identifiable information or cryptographic artifacts such as digital certificates.
Digital identities cannot stand on their own. They require a system to accept and validate them. In other words, for a digital identity to function there must be at least two parties involved: an entity and an identity provider (IdP) that are responsible for issuing and vetting digital identities. However, not all organizations that provide resources are IdPs—many digital services rely on third-party IdPs such as Google, Facebook, Microsoft, or Apple to vet identities.
Based on our recent analysis, the three most prominent forms of attack in the identity threat arena currently are credential stuffing, phishing, and multi-factor authentication (MFA) bypass.
Credential stuffing
Credential stuffing is an attack on digital identity in which attackers use stolen username/password combinations from one identity provider to attempt to authenticate to other identity providers for malicious purposes, such as fraud.
It is a numbers game that hinges on the fact that people reuse passwords,
but the likelihood that any single publicly compromised password will work on another single web property is still small. Making credential stuffing profitable is all about maximizing the number of attempts, which requires automation.
Phishing
Phishing is perhaps rivaled only by denial of service (DoS) attacks in being fundamentally different from other kinds of attacks. It is an attack on digital identity, to be sure, but since it usually relies on a social engineering foothold, it is even more difficult to detect or prevent than credential stuffing.
Phishing attacks have two targets: there is the end user who is in possession of a digital identity, and there is the IdP, which the attacker will abuse once they’ve gotten credentials. Depending on the motives of the attacker and the nature of the system and the data it stores, the impact of a successful phishing trip can land primarily on the user (as in the case of bank fraud), solely on the organization (as in the case of compromised employee credentials), or somewhere in the middle.
On the attacker side, phishing can range from simple, hands-off solutions for unskilled actors to custom-built frameworks including infrastructure, hosting, and code. The most hands-off setup is the Phishing-as-a-service (PhaaS) approach in which the threat actor pays to gain access to a management panel containing the stolen credentials they want, and the rest is taken care of by the “vendor.”
Dark web research indicates that the most popular subtype of phishing service is best described as phishing infrastructure development, in which aspiring attackers buy phishing platforms, infrastructure, detection evasion tools, and viable target lists, but run them on their own.
Brokering phishing traffic, or pharming, is the practice of developing infrastructure and lures for the purposes of driving phishing traffic, and then selling that traffic to other threat actors who can capitalize on the reuse of credentials and collect credentials for other purposes.
Finally, the attacker community has a niche for those who exclusively rent out hosting services for phishing.
The most important tactical development in phishing is undoubtedly the rise of reverse proxy/ man-in-the-middle phishing tools (sometimes known as real-time phishing proxies or RTPPs), the best known of which are Evilginx and Modlishka. This is largely because it grants attackers the ability to capture most multi-factor authentication codes and replay them immediately to the target site facilitating MFA bypass but also making it less likely that the user victim will detect anything is amiss.
Multi-factor authentication (MFA) bypass
Recent years have seen attackers adopt a handful of different approaches to bypassing multi-factor authentication. The differences between these approaches are largely driven by what attackers are trying to accomplish and who they are attacking.
Nowadays, the reverse proxy approach has become the new standard for phishing technology, largely because of its ability to defeat most types of MFA.
MFA bypass tactics include:
- Malware. In mid-2022, F5 malware researchers published an analysis of a new strain of Android malware named MaliBot. While it primarily targeted online banking customers in Spain and Italy when it was first discovered, it had a wide range of capabilities, including the ability to create overlays for web pages to harvest credentials, collect codes from Google’s Authenticator app, capture other MFA codes including SMS single-use codes, and steal cookies.
- Social engineering. There are several variations of social engineering for bypassing MFA. Some target the owner of the identity, and some target telecommunications companies to take control of phone accounts.
- Social Engineering for MFA Code—Automated. These are attacks in which attackers make use of “robocallers” to make phone calls to the target, emulating an identity provider and asking the victim for an MFA code or one-time password (OTP).
- Social engineering for MFA code—Human. This is the same as the above approach except that the phone calls come from humans and not an automated system.
- SIM swaps. In this kind of attack, a threat actor obtains a SIM card for a mobile account that they want to compromise, allowing them to assume control of the victim’s phone number, allowing them to collect OTPs sent over SMS. There are several variations of this approach.
So, what does it all mean?
Identity threats are constant and continuous. Whereas a vulnerability represents unexpected and undesirable functionality, attacks on identity represent systems working exactly as designed. They are therefore “unpatchable” not only because we can’t shut users out, but because there isn’t anything technically broken.
This brings us back to the question of what digital identity really is. To go from real, human identity to digital identity, some abstraction is inevitable (by which we mean that none of us is reducible to our username-password pairs). We often teach about this abstraction in security by breaking it down to “something we know, something we have, and something we are.” It is this abstraction between the entity and the digital identity that attackers are exploiting, and this is the fundamental basis of identity risk.
By thinking about digital identities in this way, what we are really saying is that they are
a strategic threat on par with, but fundamentally different from, vulnerability management. With nothing to patch, each malicious request needs to be dealt with individually, as it were. If modern vulnerability management is all about prioritization, modern identity risk management is essentially all about the ability to detect bots and differentiate them from real human users. The next logical step is quantifying the error rate of detecting these attacker-controlled bots. This is the basis on which we can begin to manage the risk of
the “unpatchables.”
Tech Features
Shure’s Growth Story in the Middle East and Beyond

As the region accelerates its digital and cultural transformation, professional audio will only grow in importance.
By Yassine Mannai, Associate Director Sales, Shure MEA

The Middle East and Africa (MEA) region is witnessing an extraordinary moment of profound transformation as nations continue to reimagine their respective economies. Cities across this vibrant region are increasingly positioning themselves as global hubs, anchored on rapid technological shifts. From national diversification agendas such as Saudi Arabia’s Vision 2030 to the UAE’s expanding cultural economy and Africa’s urbanization, the region is rethinking how it communicates, collaborates, and entertains. Against this backdrop, professional audio integration has emerged as the key enabler. Pro audio is no longer viewed as luxury; it has become a strategic pillar of productivity, culture, and trust.
For Shure, this represents fertile ground for growth. The company’s trajectory in the region is anchored on a clear multi-prong approach: sustainable value creation through localization, strong partnerships, and continuous education. Rather than chasing short-term wins, the focus is on building strong ecosystems where audio technology empowers organizations to achieve their ambitions.
A Partner in Regional Growth
Demand for professional audio is being fueled by three key drivers. First, the large-scale investments in infrastructure and cultural projects trend in the region is creating an appetite for reliable, scalable audio solutions. Second, with hybrid work and learning still active, audio systems now serve as must-have tools for collaboration, ensuring clarity and engagement. Third, the entertainment and events industry continues to flourish, with audiences expecting immersive sound experiences with emotional connection.
Shure’s presence in conferences, cultural centers, and classrooms underscores its adaptability. By aligning closely with each sector’s needs, the company is not just supplying equipment – it is shaping how people experience communication and culture. Providing the ultimate IT and meeting room solutions is one thing, ensuring that end-user requirements in meeting spaces are consistently met is where the rubber meets the road, which makes factors such as quality, form factor, and smart solutions that leverage technology for seamless integration crucial.
A Strategy Anchored on Three Pillars
Shure’s growth blueprint rests on localization, partnerships, and education.
- Localization ensures that global standards are adapted to regional requirements. A broadcaster in Abu Dhabi may demand wireless mobility, while a university in Riyadh seeks scalable, user-friendly systems. Meeting these nuanced needs requires agility and customization.
- Partnerships with distributors, integrators, and resellers expand reach and sustain service excellence. These trusted relationships are critical to delivering value on the ground.
- Education equips professionals with the right skills to maximize technology investments. Through training initiatives, Shure empowers AV specialists to deploy and maintain systems effectively, ensuring customers achieve long-term returns.
Technology and Innovation at the Forefront
We strongly believe that the future of audio in the region will be shaped by three defining trends.
- Immersive experiences are becoming a cultural norm, and audio must now create impact as much as it delivers clarity.
- AI and intelligent systems are moving from concept to reality making adaptive audio that responds to its environment the way to go.
- Hybrid environments will remain central to work and education even as physical and virtual interactions merge with audio determining whether collaboration succeeds or fails.
A century of sound, a future of possibility
This year, Shure marks its 100-year anniversary. Few technology brands reach such a milestone, and fewer still do so with their reputation for quality and trust intact. For customers and partners in MEA and beyond, the centennial is not merely a celebration of heritage. It is a reassurance that Shure’s next century will be guided by the same principles that made it a global leader – with innovation, reliability, and customer focus at the core.
As the region accelerates its digital and cultural transformation, professional audio will only grow in importance. For IT leaders, this means viewing sound not as an afterthought, but as a strategic layer of infrastructure – one that underscores effective communication, collaboration, and connection.
Shure’s growth story is far from complete. The company’s next chapter is being written in partnership with the region’s institutions and enterprises. And in an age where voices need to be heard clearly across physical and digital spaces, Shure’s mission remains simple: to deliver sound that empowers progress.
Tech Features
ASUS Techsphere Forum: Empowering Business Leaders Through Next-Gen Hardware Innovation

The line on the opening slide— “Every company will be an AI company”—wasn’t tossed out as a provocation. At the ASUS Techsphere Forum 2025 in Dubai, it landed as an operating instruction. The message across keynotes, the Intel segment, and two candid panels was strikingly consistent: AI stops being theatre the moment you standardize three things—the workspace (where people actually work), the runtime (so models are portable), and the portfolio (so you manage dozens of use cases like a product backlog, not a parade of proofs-of-concept).

Subrato Basu, Managing Partner, Executive Board

Srijith KN,
Senior Editor,
Integrator Media
A quick reality check on market size so we’re not drinking our own Kool-Aid: the global AI market in 2025 is roughly $300–$400B, depending on scope (software vs. software + services + hardware). Reasonable consensus ranges put 2030 at ~$0.8–$1.6T. In other words, still early—but already too big to treat as a side project.

ASUS: PUT AI ON THE ENDPOINT—AND MAKE IT GOVERNABLE
ASUS’s enterprise stance is disarmingly practical. As Mohit Bector, Commercial Head (UAE & GCC) at ASUS Business, framed it, the fastest way to make AI useful is to put it where the work happens (the endpoint) and to make it governable. Concretely, that means:
- NPUs for on-device inference (privacy, latency, battery life).
- Manageability (fleet policy, remote control, security posture you can actually audit).
- Longevity (multi-year BIOS/driver support) so IT can set an AI-ready baseline and keep it stable.
ASUS thinks about the modern workplace as an Enter → Analyse → Decide loop, this is where the workday actually speeds up—quietly, relentlessly, at the endpoint:
- Enter: the device captures signals—voice, docs, screens, forms, sensors.
- Analyse: retrieval-augmented reasoning + analytics produce options, risks, and rationales.
- Decide: humans choose; agents act—raise tickets, update ERP/CRM—with audit trails.
It isn’t about one blockbuster use case. It’s about standardizing the canvas, so small wins compound every week.

INTEL: FROM SLOGAN TO STACK (AND WHY THE AI PC MATTERS)
Intel’s deck made the “every company will be an AI company” claim implementable. Four slide-level words—Open, Innovative, Efficient, Secure—double as a buyer checklist:
- Open: less cost, no lock-in. The same models should move across CPU/GPU/NPU and PC → Edge → Datacentre/Cloud without rewrites.
- Innovation: treat AI PCs with NPUs, edge systems, and cloud clusters as one continuum.
- Efficient: lead on performance per dollar and per watt; energy and cost are first-class design goals.
- Secure: your data and your models are IP; run locally when you should, govern tightly when you don’t.
A “Power of Intel Inside” platform slide stitched this together:
- AI software & services: OpenVINO as the portability layer to convert/optimize/run models across heterogeneous silicon.
- AI PC: always-on, private inference for day-to-day assistants.
- Edge AI: near-machine intelligence for vision and time-series use cases.
- Datacentre & cloud AI: scale-out training/heavy inference (fraud graphs, multimodal analytics, enterprise RAG).
- AI networking: the fabric that keeps it all moving—securely.
Why the fuss about the AI PC? Because it’s the next enterprise inflection after Windows and Wi-Fi. Slides mapped tangible outcomes:
- Productivity: faster info-find, auto-drafts, note-taking.
- Communication: translation, live captioning, dictation, transcription.
- Collaboration: smart framing, background removal, eye tracking, noise suppression—without pegging the CPU.
- IT operations: endpoint anomaly detection, VDI super-resolution, remote screen/data removal.
- Security: client-side deepfake detection, anti-phishing, ransomware flags.
Under the hood, Intel’s definition is a division of labour: CPU for responsiveness and orchestration, GPU for high-throughput math/creation, NPU for low-power sustained inference—the always-on stuff that makes assistants truly useful. Add vPro + Core Ultra and you get the fleet controls and long-term stability IT actually needs.
One more practical bit I liked: Intel AI Assistant Builder—a portal to stand up local assistants/agents (with RAG) that can run on the PC fleet first, shrinking time-to-value from months to days/weeks and letting you prove the full E-A-D loop before you scale heavier jobs to edge/cloud.
When the “100M AI PCs by 2026” slide hit the screen, heads tilted from curiosity to calculation. The figures—bullish vendor projections (~100M by 2026; ~80% AI-capable by 2028)—invite a haircut, but the signal is unmistakable: endpoint AI is becoming the default.

WHAT THE PANELLISTS REALLY TAUGHT US
RAKEZ (Free Trade Zone)
Posture: Execution-first. Make AI practical on the shop floor and trustworthy in the back office—governed from day one.
What they drive:
- Diagnostics (OEE baselines, defect maps) + data-readiness scans (MES/ERP) so pilots don’t stall.
- Reference lines/sandboxes where vendors prove accuracy, safety, throughput before purchase.
- Template playbooks: CV-QC, predictive maintenance, warehouse vision, invoice extraction/3-way match—each with SOPs, KPIs, integration steps.
- Curated vendors + shared services (labelling, model hosting/monitoring, SOC for AI) to reduce MSME cost/complexity.
MSMEs: “Bookkeeping-in-a-box” to clean ledgers and free cash; pre-negotiated PoC packs (fixed price/timeline, acceptance metrics); compliance starter kit (consent, retention, safety, escalation).
Enterprises: Multi-site rollout playbooks, edge + cloud reference architectures (identity-aware RAG, policy-constrained agents), and assurance artifacts (model cards, change control, audit trails).
Outcome lens: OEE ↑, FPY ↑/DPMO ↓, MTBF ↑/MTTR ↓, faster close cycles, fewer incidents—AI that moves the P&L and passes audit.
Note – FPY — First Pass Yield; OEE — Overall Equipment Effectiveness; DPMO — Defects Per Million Opportunities; MTBF — Mean Time Between Failures (repairable systems); MTTR — Mean Time To Repair
Oracle (Consulting / Applications cloud)
Posture: AI belongs inside the workflows where finance, HR, supply chain, and service teams live. Expect talk tracks like: ground answers in your own records (RAG with policy), instrument before/after outcomes, and treat AI features as part of ERP/HCM/CX—not a sidecar chatbot. The ask from buyers: prove the Enter → Analyse → Decide gains in real workflows (FP&A forecasting lift, supplier risk scoring, HR talent match quality).
Zurich Insurance (BFSI)
Posture: AI as a force for good, scaled with governance. Think hundreds of use cases: claims triage, fraud/anomaly detection, internal knowledge bots—human-in-the-loop where stakes are high, and IoT-style prevention to reward good behaviour. The key is measurement: fewer false positives, shorter cycle times, clearer audit trails—and elevated roles, not replaced ones.
Group-IB (Cyber / Threat Intel)
Posture: AI to defend—and defend against AI. SOC copilots that summarize and enrich alerts, deepfake/phishing detection, behaviour analytics across identities and endpoints, and the emerging discipline of security of AI (prompt-injection defences, LLM gatewaying, data loss controls for AI apps). If you’re rolling out agents, involve your security team early.
Dhruva Consultants (Tax Tech Transformation)
Posture: RegTech + AI to reduce compliance cost and risk. Document AI to normalize invoices/contracts, anomaly detection for mismatches and fraud flags, and a pragmatic “bookkeeping-in-a-box” on-ramp for MSMEs. Non-negotiables: auditability, versioning, segregation of duties for anything that touches filings.
Prime Group (Labs/Certification)
Posture: Risk-scored processes—every lab step tagged with expected outputs, data access, and fallbacks. Near-term wins: smarter scheduling and test selection; long-term horizon: a Mars-ready lab by 2050 aligned with the UAE’s space ambitions. It’s operational excellence today, exploration mindset tomorrow.
Education (Heriot-Watt University, Dubai)
Posture: candid and useful: human-led pedagogy; AI-assisted admin and decision support. HWU brings talent pipelines (AI/Data Science programs), translational research, and applied robotics capacity (think Robotarium-style ecosystems). This is the repeatable talent + research engine enterprises can plug into—capstones, CPD, joint R&D—that shortens the path from idea to pilot.
WHY UAE HAS A STRUCTURAL ADVANTAGE: RAKEZ × HWU
Local context matters. RAKEZ (Ras Al Khaimah Economic Zone) is more than a location; it’s an adoption on-ramp aligned with MoIAT’s Industry 4.0 programs (ITTI/Transform 4.0). Translation: factories—especially MSMEs—get real help to deploy vision-led quality, OEE analytics, and worker-safety use cases, with policy scaffolding and incentives attached.
Pair that with Heriot-Watt University as a talent/research flywheel and you have a short, well-lit path from concept to production: execution zone + skills engine. That’s a genuine regional edge.
SUMMARY
Techsphere’s most important contribution wasn’t a prediction; it was a design pattern. ASUS gives you the enterprise substrate (AI-ready endpoints you can actually govern). Intel gives you the principles and plumbing (OpenVINO portability; CPU/GPU/NPU continuum; PC → Edge → Cloud). The panellists supplied proof patterns across industries. And the UAE context—RAKEZ for execution, HWU for talent/research—shortens the distance from idea to impact.
If “every company will be an AI company,” the winners won’t be the first to demo—they’ll be the first to standardize. Start at the endpoint, insist on portability, manage a portfolio, and make the Enter → Analyse → Decide loop measurable. That’s how the slide turns into the balance sheet.
_________________________________________________________
- Glossary of Technical Acronyms
- OEE — Overall Equipment Effectiveness (measures manufacturing productivity: availability × performance × quality).
- FPY — First Pass Yield (percentage of units passing production without rework).
- DPMO — Defects Per Million Opportunities (defect rate in Six Sigma terms).
- MTBF — Mean Time Between Failures (average time between breakdowns of a repairable system).
- MTTR — Mean Time To Repair (average time to repair a failed component/system).
- AI / IT Terms
- NPU — Neural Processing Unit (specialized chip for AI inference, optimized for low-power sustained workloads).
- CPU — Central Processing Unit (general-purpose processor for orchestration, responsiveness).
- GPU — Graphics Processing Unit (parallel processor for high-throughput math and AI training/inference).
- RAG — Retrieval-Augmented Generation (technique where AI models query external knowledge bases before generating answers).
- ERP — Enterprise Resource Planning (integrated system for core business processes like finance, supply chain, manufacturing).
- MES — Manufacturing Execution System (software for monitoring and controlling production).
- VDI — Virtual Desktop Infrastructure (running desktop environments on centralized servers).
- SOC — Security Operations Center (hub for cybersecurity monitoring and response).
- IP — Intellectual Property (protected data, models, or designs).
- Industry & Enterprise Acronyms
- BFSI — Banking, Financial Services, and Insurance (industry vertical).
- FP&A — Financial Planning & Analysis (finance function for budgeting, forecasting, performance analysis).
- HCM — Human Capital Management (HR technology and processes).
- CX — Customer Experience (customer-facing processes and software).
- ITTI — Industrial Technology Transformation Index (UAE Ministry of Industry and Advanced Technology initiative under Industry 4.0).
The ASUS Techsphere Forum, organized by Integrator Media, brought together C-suite leaders from diverse industry verticals to explore how evolving hardware standards are shaping the future of work. The event highlighted the growing role of AI-enabled PCs, showing how advancements in endpoint hardware can directly support business needs. By balancing industry-specific requirements with insights on hardware innovation, the forum offered executives a clear view of how these technologies can enhance productivity and deliver measurable value across the wider business community.
Tech Features
From Display to Destination: How LED Tech Is Rewriting Outdoor Retail in the GCC

In the Gulf’s fast-evolving retail landscape, one thing is clear: attention is everything. With consumers moving between screens, stores, and digital channels in seconds, capturing that attention outdoors is becoming a high-stakes game. That’s why LED display technology is rapidly becoming the new storefront essential, especially when paired with interactivity.

Retailers across the UAE, Saudi Arabia, and Qatar are investing in large-format LED displays that do more than just promote products; they invite shoppers in. Whether it’s a vivid display on a flagship store’s exterior or an interactive screen at a luxury mall, brands are embracing motion, light, and tech to cut through the noise. Across malls in Dubai, Doha, and Riyadh, it’s no longer uncommon to see storefronts come alive with animations, responsive visuals, or even gesture-based content.
“Retailers today are competing not just for sales, but for attention, and in this region, that means making a bold visual impact,” said Zac Liang, General Manager – Gulf Area, Unilumin Group. “That’s why more brands are investing in outdoor LED displays that don’t just advertise, they engage.”
While many regions are adopting this trend, the Middle East is scaling fast. According to Grand View Research, the digital signage market in the Middle East and Africa is expected to grow from USD 1.66 million in 2024 to USD 2.80 million by 2030, with the GCC leading the charge thanks to infrastructure development, smart city strategies, and a strong mall culture. This growth is being fueled by the rising demand for immersive experiences, particularly in high-traffic outdoor retail environments.
The shift isn’t just about visuals; it’s also about interactivity. LED displays equipped with touchscreens, motion sensors, and augmented reality are turning passive browsing into active engagement. Shoppers can explore digital lookbooks, scan QR codes for real-time offers, or interact with content that responds to their presence. These experiences help bridge the online-offline divide, giving brands a powerful edge in driving foot traffic and customer engagement.
“Interactivity is no longer a luxury; it’s a necessity,” Liang added. “Our clients in the Gulf are asking for displays that do more than play content. They want screens that connect, respond, and adapt in real time.”
Unilumin has been at the forefront of this transformation. The company made waves by being the first in the LED industry to introduce MIP/COB technology for outdoor displays in China; the technology is now making its way into major Middle Eastern markets. At the 19th Hangzhou Asian Games, Unilumin deployed over 4,200 square meters of LED screens across key venues. Its outdoor COB display at West Lake, the world’s first outdoor high-brightness COB screen, not only lit up the event but became part of the visual narrative of the games.
That same energy is now flowing into the Gulf, where malls, airports, and open-air retail zones are hungry for solutions that combine aesthetics, interactivity, and performance. From arch-shaped LED portals in Dubai to street-facing media walls in Doha, the region is becoming a live canvas for digital storytelling.
The future of outdoor retail in the GCC isn’t just about visibility; it’s about visibility with purpose. Interactive LED displays give brands the power to stop shoppers mid-scroll, pull them off the sidewalk, and get them through the door. In a market where first impressions are everything, those few seconds on the street could mean the difference between a passerby and a purchase.
-
Tech News1 year ago
Denodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
VAR6 months ago
Microsoft Launches New Surface Copilot+ PCs for Business
-
Tech Interviews2 years ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News3 months ago
Nothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
Tech News2 years ago
Brighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
Editorial10 months ago
Celebrating UAE National Day: A Legacy of Leadership and Technological Innovation
-
VAR1 year ago
Samsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms
-
Cover Story7 months ago
Unifonic Leading the Future of AI-Driven Customer Engagement