Crimestoppers new COVID-19 Fraud Hotline
This week, Crimestoppers launched a new hotline solely for COVID-19 related fraud. The hotline allows individuals with information to anonymously report their concerns or suspicions. To report any information please call: 0800 587 5030 or follow the link above.  

Internet Organised Crime Threat Assessment (IOCTA) 2020
The IOCTA is a report by Europol that highlights the dynamic and evolving threats from cyber crime. Key findings highlight the continued dominant threat from ransomware on organisations and their supply chains, as well as the future threat potential of DDoS attacks. The assessment also points to the prevalence and increasing sophistication of BEC attacks.

Diversity and Inclusion Week

Decrypting diversity: Diversity and inclusion in cyber security
Joint report released in July 2020 between the NCSC and KPMG UK is the first in a series to benchmark and track levels of diversity and inclusion in the cyber security industry.
Wisepay: School payments service hit by cyber-attack
Wisepay is advertised as a secure way for parents to send money to schools and colleges to pay for their children’s trips, sports event school meals etc. However, an attack on the wisepay website, involving a spoof page, meant that a hacker was able to harvest payment details of those who used the site between 2nd and 5th October. Attempted payments from around 300 UK schools are thought to have been affected by the scam. 
Malware and Ransomware Attacks

The latest NCSC Threat Report highlights an assessment carried out by Europol that has shown that many victims of ransomware attacks are not reporting the incidents to the police which makes attribution and prevention of further attacks more difficult.
What is Malware?

Malware is malicious software which can cause harm to organisations in many ways. Ransomware is a type of malware that prevents you from accessing your computer (or the data that's stored on it).

If able to run, malware can steal, delete, or encrypt your sensitive data. Certain malware can obtain credentials which allows further access to your organisation's systems, or even take control of your devices to attack other organisations.

Other malware types can even use your hardware to 'mine' cryptocurrency, or use services that may cost you money (e.g. premium rate phone calls).

Many malware infections can go undetected for months as attackers move through a network, collecting more information and compromising more machines to maximise criminal gains.
What is ransomware?

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network, such as the 
Wannacry malware that impacted the NHS in May 2017.  Occasionally malware is presented as ransomware, but after the ransom is paid the files are not decrypted. This is known as wiper malwareFor these reasons, it's essential that you always have a recent offline backup of your most important files and data.

Ransomware is more overt in the physical and reputational damage it causes. A recent trend has seen criminal gangs steal data before encrypting it, and then threaten to publish that data on public leak sites in order to pressure organisations into paying a ransom. 
Law enforcement do not encourage, endorse, nor condone the payment of ransom demands. If you do pay the ransom, there's no guarantee that you'll get access to your data or computer, and you will be paying criminal groups.

For useful information about mitigating malware and ransomware attacks visit NCSC Guidance -
NCSC Weekly Threat Report
Endpoint security pain point for cyber professionals
Annual list of most “dangerous” celebrities topped by familiar chat show host
Ransomware attacks not being reported
HP recently published a security bulletin to address multiple vulnerabilities in HP Device Manager, software that’s used to manage HP Thin Clients remotely. A combination of the three vulnerabilities could allow an attacker to gain remote command execution on the system through the HP Device Manager.
Krebs Security reported this week that Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot, a global menace that has infected millions of computers and is used to spread ransomware.
55 security flaws found in various Apple services
A team of five ethical ‘white hat’ hackers discovered a total of 55 vulnerabilities, 11 of which were deemed critical. For their work the team have earned almost $300,000 in bug bounty rewards with possibly more reward to come.


We Hacked Apple for 3 Months: Here’s What We Found
Details regarding Apples 55 security flaws written by the hackers that found them.
Google warns of severe 'BleedingTooth' Bluetooth flaw in Linux kernel

Intel recommends updating to Linux kernel 5.9 to mitigate a serious flaw Google found in the Linux Bluetooth stack.

What can we offer you?
Click here to subscribe to the Cyber Crime Sentinel Newsletter!
Get in Touch

Our lives are relying on technology more every day. Join us each Monday for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.

The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2020 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp