Blog

Latest Cyberthreats and Advisories - March 10, 2023

Mar 10, 2023

3.10 Threats By John Weiler 

Mexico timeshare scams, the DoppelPaymer ransomware gang gets busted and a major data leak rocks Oakland, California. Here are the latest threats and advisories for the week of March 10, 2023.  

Threat Advisories and Alerts 

FBI Issues Warning About Mexico Timeshare Scam  

The U.S. Federal Bureau of Investigation (FBI) has issued an advisory about timeshare scams in Mexico, which affected over 600 people and resulted in roughly $39.6 million in victim losses last year. How does the scam work? Owners of timeshares in Mexico receive an unexpected email or phone call from fraudsters requesting to sell or rent their timeshare. When owners agree to sell, they then pay an upfront fee to cover supposed closing costs, advertisements fees and similar expenses. Not surprisingly, this is usually the last time victims hear from the fraudsters. Owners can protect themselves by treating unexpected phone or email inquiries about their timeshare with caution and researching any timeshare resale companies they’re considering.   

How to Use Two-Step Verification When a Service Changes Its Rules  

Twitter’s recent removal of two-step verification by SMS for non-Twitter Blue subscribers may leave some users unsure of how to secure their accounts. The U.K. National Cyber Security Centre (NCSC) recently published an article addressing the issue. If a service changes their two-step verification offerings, users still have options. For example, Twitter users can still use two-step verification by using an authenticator app, backup code or a security key.  

Emerging Threats and Research 

DoppelPaymer Ransomware Suspects Arrested in International Effort  

Two alleged members of the notorious DoppelPaymer ransomware group were detained last week as police from Germany, Ukraine and the Netherlands joined forces with Europol and the U.S. Federal Bureau of Investigation (FBI). On February 28, police officers raided the house of a suspect in Germany while simultaneously interrogating another supposed DoppelPaymer member in Ukraine. Since its first appearance in 2019, DoppelPaymer ransomware has left a trail of devastation, extorting €40 million from U.S. victims and attacking the University Hospital in Düsseldorf, Germany, which led to the death of a female patient.  

Zero Trust Security Gains Widespread Adoption in Europe  

A new report by research and advisory firm Forrester reveals that more than two-thirds of European organizations are developing a strategy to use zero trust security. The public sector is leading the way in adoption, with 79% of German organizations prioritizing the technology, and the U.K. (68%) and France (66%) not far behind. “Among European security decision makers at government or public sector organizations, 82% believe their enterprise architecture is invested in and supports zero trust in their organization,” noted the report.  

Ransomware Attack on City of Oakland, California, Escalates to Data Leak  

The February 8th ransomware attack on the city of Oakland, California, has escalated, with the perpetrators now leaking sensitive data. The Play ransomware group is behind the attack and began leaking data last week, which consists of a 10GB multi-part RAR archive that reportedly contains employee information, confidential documents, passports and other private information.  

EPA Aims to Protect U.S. Drinking Water Supplies from Cyberattacks  

As U.S. critical infrastructure faces an increasing number of cyberattacks, the Environmental Protection Agency (EPA) released requirements for public water systems (PWSs) to safeguard drinking water supplies. A survey preceding the new requirements found that many of the country’s PWSs are vulnerable, relying on under-protected and outdated systems. The program is part of the Biden administration’s ICS Cybersecurity Initiative to protect critical infrastructure.  

To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.