MI5 warns of spies using LinkedIn to trick staff into spilling secrets

Intelligence agency MI5 states that over the last 5 years more than 10,000 UK nationals have been targeted by faked LinkedIn profiles linked to hostile states. This figure includes those in key industries such as security and military officials, government departments, pharmaceutical experts and defence contractors.

Users are being called to ‘Think Before You Link’ as professionals who accepts requests from a malicious account or who are offered a speaking, travel or business opportunity may in fact be coerced into sharing confidential information or industry secrets.

Cyber security training for school staff

The NCSC has released a new free cyber security training package for school staff in the hopes of raising awareness and help schools improve their cyber resilience.

The education pack can be used by both schools and other aspects of the education sector, it is available as a scripted presentation pack for group delivery that can be presented in both physical and virtual settings.

UK and US call out Russia for SolarWinds compromise

On the 15th April both the UK and US revealed that Russia’s Foreign Intelligence Service (SVR) was responsible for a string of cyber incidents including the SolarWinds compromise. The NCSC has deduced that the SVR was likely responsible for the authorised access to SolarWinds Orion software and following targeting.

US Agencies the Departments of Homeland Security’s Cybersecurity Infrastructure Security Agency, the FBI and the US National Security agency have published a cyber security advisory with mitigations advice available at:

Firmware Attacks

According to a recent study commissioned by Microsoft firmware attacks are on the rise with reports showing that over 80% of enterprises have been subjected to at least one firmware attack in the past two years, however only 29% of security budgets are assigned to the protection of firmware.
What is a Firmware Attack?

The term ‘firmware’ refers to the software embedded into a device that allows it to function. Firmware tends to hold the highest of privileges, cyber criminals can utilise this to bypass traditional controls, a computers operating system or any malware detection software. Firmware code is located in the device's hardware meaning that it is a level below the operating system and is often where vulnerabilities lie. Once a malicious actor has gained their why onto your device this gives them the opportunity to spy on your activity, take remote control of your device, deploy malware, steal data and much more.
Firmware vulnerability can have a major impact to organisation for example, in 2019 several city governments in the US where held hostage by the ‘RobbinHood’ ransomware that utilised firmware to gain root access to the victims computers and encrypt their files.

How to Protect Yourself against Firmware attacks
  • Keep your firmware up to date- while many individuals and organisations now understand how important software patching is many do not think to patch their firmware. It is best practice to employ updates as soon as they become available to minimise security risks.
  • Stay away from unknown or untrusted USB’s- hackers can place malware on to the firmware itself, a malicious USB could potentially deliver malware to your device.
  • Protect your Bootloaders- a bootloader is responsible for starting firmware when the device is started up, if the bootloader is vulnerable then it is easier for a malicious actor access your firmware and bypass your protection methods.
Read the full study here:

Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store

A new group of malicious Android apps on the Google play store have been found carrying out billing fraud. The fraudulent apps are posing as harmless downloads such as photo editors, puzzles and wallpaper apps and belong to the ‘Joker’ malware that, when downloaded, is able to hijack SMS message notifications and subsequently make unauthorised purchases. These particular apps have attracted over 700,000 downloads before being removed with users primarily in Southwest Asia and the Arabian Peninsula.
Logins for 1.3 million Windows RDP servers collected from hacker market

1.3 million login names and passwords of currently and previously compromised Windows Remote Desktop servers have been leaked by the largest hacker marketplace for stolen RDP (Remote Desktop Protocol) credentials.
FormBook: A Well-known Commercial Malware Learns New Tricks

FormBook is a commercially available malware service that has been around since 2016, however the latest version is armed with new capabilities. FortiGuard Labs researchers have uncovered the novel phishing campaign that is targeting the personal data of its victims by sending a phishing email that consists of malicious PowerPoint document as an attachment that can spread the malware. The emails masquerade as a follow on email to an old purchase order, luring the victim into viewing a slideshow for details, brochures and prices however, as soon as the victim clicks or even just hovers around the slideshow with their mouse the FormBook payload is delivered.  
Attackers Test Weak Passwords in Purple Fox Malware Attacks

Weak passwords used over Windows Message Block (SMB) protocol commonly play a part in the attacks that result in the spread of Purple Fox malware. Researches have shared a list of weak passwords that Purple Fox commonly brute force when targeting the SMB protocol.
What can we offer you?
Get in Touch
Click here to subscribe to the Cyber Crime Sentinel Newsletter!

Cyber Security Awareness Webinars: Schools and Education

Join our online webinar aimed at schools and educational organisations and discover how cyber attacks and ransomware are being used to target them. Get the latest advice and cyber awareness training for all staff.

Please note: All participants are screened before being invited to the event. Please use your corporate email address when registering.

Cyber Choices: Virtual School and Education Events

Join our online webinars aimed at schools and educational organisations for advice and support on how we can help young people make informed cyber choices and use their cyber skills in a legal way.

Please note: All participants are screened before being invited to the event. Please use your corporate school email address when registering.

UK Education and Childcare Sector Alert and Resources

The National Cyber Security Centre has released the following guidance to schools - Cyber Security for Schools.  This page houses free resources for everyone working with schools. The education sector has recently been affected by a number of cyber incidents. 

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals

Support for UK education sector after growth in cyber attacks

New NCSC guidance aimed at the UK Early Years education and Childcare sector
The new guidance, produced in association with key stakeholders in the Early Years sector, will help organisations protect the growing amounts of sensitive information held on children and their families, from both accidental damage or from online criminals.

Get in touch with us if your school or organisation would like support with staff training. 

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040
to report and obtain advice about fraud or cyber crime
Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.

Our colleagues in the West Midlands Police Economic Crime Unit also produce cyber and fraud focused business newsletters. If you wish to subscribe to their newsletter, please e-mail  - 


The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2021 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp