Microsoft: 92% of all Exchange servers have been patched or received mitigations for the ProxyLogon bugs

Since disclosing the major Microsoft Exchange vulnerability on the 12th March, Microsoft has claimed that approximately 92% of all exchange servers have been patched or have utilised temporary mitigations to protect against attacks that prey on the ProxyLogon vulnerabilities. While the vast majority have implemented these measures, it is believed around 30,000 servers around the world are still vulnerable to attacks.

Russian pleads guilty to Tesla ransomware plot

27 year old Russian, Egor Igorevich Kriuchkov, has pleaded guilty to plotting to extort money from car company, Tesla. Kriuchkov allegedly offered a sum of £721,000 ($1 million) to an employee to place ransomware onto the computer network of the company’s battery plant located in Nevada.

Prosecutors have stated that Kriuchkov acted on behalf of criminals abroad and alleged that he had planned to use the ransomware as a means to steal company secrets for extortion.

School cyber-attack affects 40,000 pupils’ email

The Harris Federation is the latest education organisation to be hit by a ransomware attack.

The Harris Federation, that runs 50 primary and secondary academies in and around the London area, has had its emails temporarily disabled after a cyber attack that left data on their systems hidden and encrypted.

Police CyberAlarm

The Police CyberAlarm is a useful and free tool launched as part of The National Cyber Crime Programme by the National Police Chiefs Council (NPCC) intended to help organisations and businesses monitor and report any malicious activity they may experience from the internet.  This tool will enable organisations to strengthen security and minimise vulnerabilities.

The Police CyberAlarm acts as a sort of security camera, as it monitors traffic experienced by a registered member’s internet connection and will detect and offer reports of suspected malicious activity. Vulnerability scanning can also be added and utilised in order to scan an organisations external IP addresses and website for vulnerabilities.


How does it work?
All you need to do is register and install a CyberAlarm Virtual Server that will gather and process traffic logs from your firewall/internet gateway. Once installed, CyberAlarm will begin to collect, analyse and report metadata back 
to the Police CyberAlarm Server. This data is then received by the Police CyberAlarm Server and is utilised to create reports on potential malicious activity seen by the members CyberAlarm. Most importantly, the data provides useful information regarding threat trends seen across the member network. This reported intelligence can then be used to aid organisations in updating their defences so that they are better prepared against the latest cyber threats.

This intelligence is also utilised by Police Cyber Crime Units in order to enhance the understanding and widen the UK cyber crime threat picture. This will also enable Cyber Crime Units to identify, pursue and prosecute cyber offenders.
What are the Benefits of Joining Police Cyber Alarm?

  • Membership is completely free and members will receive weekly or monthly reports regarding activity discovered on their devices and machines.
  • Police CyberAlarm intelligence is utilised to provide reports detailing the latest threats and potential attacks, enabling member organisations to minimise any vulnerabilities, update their blacklist or input other security measures to strengthen security.
  • The Police CyberAlarm Vulnerability Scanning can also be utilised by organisations to scan their websites and external IP addressed for any known vulnerabilities.

Who is the Police CyberAlarm for? 
The Police CyberAlarm is intended for small and medium business regardless of sector. All these organisations need to join in is a firewall and an internet connection.
What about my Businesses Privacy?
The Police CyberAlarm only collects metadata (or logs) relating to suspicious activity from internet gateway such as firewalls. These logs only include information about how data was sent or received. This data collected DOES NOT contain any data from your organisation via your internet gateway (i.e. IP addresses for external connections, amount of data transferred, the port used to process the data and the time and date). The aim of Police CyberAlarm is to protect personal data, intellectual property and trade secrets.

To find out more about Police CyberAlarm or to register as a member visit:
Fleeceware Apps Bank $400M in Revenue

Around 204 ‘fleeceware’ apps with over a billion combined downloads have banked more that $400 million in revenue. Fleeceware is a type of malware seen in mobile applications that come with often hidden and expensive subscription fees. These manipulative apps often offer ‘free’ trials to text the app but the automatic payments can be extortionate with prices sometimes reaching up to $3,400 per year according to Avast. Often users continue to be charged even after they have deleted the application.
Microsoft Offers Up To $30K For Teams Bugs

Microsoft has launched a bug bounty program for the Teams desktop videoconferencing and collaboration app, with a pay out of up to $30,000 for finding security vulnerabilities.  The top payouts will go to those who expose the vulnerabilities with the most risk to user data.

New Android Malware Spotted Posing as System Update

A sophisticated malware that masquerades as the System Update app on Android devices has been spotted by Zimperirum zLabs. This RAT is intended to steal user and handset data including text messages, GPS data, images/video files, call logs, contact lists, operational information and more.

VMware fixes bug allowing attackers to steal admin credentials

Software Company VMware has released an update after a high severity vulnerability was discovered in vRealize Operations, an AI powered IT operation management system for hybrid, private and multi-cloud environments.

The security flaw had the potential to allow attackers to steal admin credentials by exploiting vulnerable servers.

What can we offer you?
Get in Touch
Click here to subscribe to the Cyber Crime Sentinel Newsletter!

UK Education and Childcare Sector Alert and Resources

The National Cyber Security Centre has released the following guidance to schools - Cyber Security for Schools.  This page houses free resources for everyone working with schools. The education sector has recently been affected by a number of cyber incidents. 

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals

Support for UK education sector after growth in cyber attacks

New NCSC guidance aimed at the UK Early Years education and Childcare sector
The new guidance, produced in association with key stakeholders in the Early Years sector, will help organisations protect the growing amounts of sensitive information held on children and their families, from both accidental damage or from online criminals.

Get in touch with us if your school or organisation would like support with staff training. 

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040
to report and obtain advice about fraud or cyber crime
Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.


The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2021 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp