Welcome reader to your Sunday CybersecurityHQ report.

Headlines

● A September 37th FBI alert warned of the rise in dual ransomware attacks that target the same victims. According to the alert, this form of attack frequently includes a combination of data encryption, exfiltration, and financial losses. The dual attacks have been happening in close succession, anywhere from two to 10 days.

Along with dual attacks, the alert highlighted new data destruction tactics being used in ransomware. These include the use of data wipers, which can be set to execute at a specific time.

● The cybersecurity and insurance platform Paladin Cyber has officially rebranded to Upfort. The move encapsulates the company’s transition from SaaS cybersecurity for small-to-medium companies, which has been its bread and butter since it launched in 2017. Now, Upfort plans to equally emphasize its cyber insurance programs, which extensively use automated tools.

As The CEO and Co-Founder Xing Xin put it, “We are thrilled to introduce Upfort, building upon our successes and offerings to bring AI-powered solutions to insurers and brokers that can transform the way cyber insurance is underwritten and sold.”

● The UAE Cyber Security Council joins the first Jordan Cyber Security Summit. The event, known as DOT Cyber Summit 2023, brought together several government officials in the region along with more than 400 cybersecurity experts.

The inclusion highlights the increasing focus on cybersecurity that the UAE is taking. In the words of Ahoud Ali Shaheil, Director-General of Ajman Digital Government, "The [UAE] has strengthened its efforts by launching the National Cyber Security Strategy, which aims to create a safe and flexible cyber environment in the country that helps citizens achieve their aspirations and enables companies to evolve and grow by enhancing the integrated cyber security system." The move comes less than two weeks after releasing their 50-year plan for cybersecurity.

Interesting Read

In this blog post from Trend Micro, the major scams of the week are pored over in some detail. Their focus is on phishing scams, a reminder of how powerful official-seeming emails and notifications can be, especially to the untrained eye. These are usually quite simple operations, but they wind up collecting personally identifiable information on a wide range of people.

The impact is actually quite striking. The total number of phishing sites continues to skyrocket. By the end of last year, they had leaped to over 1.35 billion. The sheer number of these scams makes them a major cybersecurity risk, even if they lack sophistication.

Cybersecurity Career Opportunities

• Principal Engineer, Security & Privacy

  • Uber

  • Full-time

  • Seattle, WA, US

• Chief Compliance Officer

  • CAN Community Health

  • Full-time

  • Sarasota, FL, US

• Lead Security Architect

  • National Grid

  • Full-time

  • Waltham, MA, US

For the latest openings in cybersecurity careers, check CybersecurityHQ.