Random in Security is a summary of the cybersecurity news.
Interesting Reads#
Criminals offer reporter money to hack BBC#
When cybercriminals slide into your DMs with six-figure job offers, you know journalism is getting interesting. A BBC reporter received direct offers from criminal groups trying to recruit insiders for network access—proving that sometimes the weakest link isn’t technical, it’s financial desperation. The reporter did what any sensible person would do: documented everything and wrote about it instead of buying that yacht.
Phone scams with caller ID#
Even security-aware journalists aren’t immune to well-crafted social engineering. A New York Times reporter nearly fell for a sophisticated phone scam that combined spoofed caller IDs, legitimate-looking bank numbers, and high-pressure tactics to extract Zelle transfers. The scary part? Caller ID showed the real Chase number, and the scammers had convincing scripts that mimicked actual fraud prevention procedures—because why hack systems when you can just hack humans?
Mic-E-Mouse#
Your computer mouse is now a surveillance device—congratulations! Researchers demonstrated that high-performance optical sensors in cheap gaming mice can pick up acoustic vibrations from your desk surface and reconstruct speech with 80% speaker identification accuracy and 16.79% word error rate. The attack works through compromised software that turns $50 mice into inadvertent microphones, proving that the IoT security nightmare extends to devices we never considered “smart.” Watch the pipeline demonstration and wonder what other mundane peripherals are secretly narcs.
MITRE ATT&CKcon 6.0#
The premier gathering for threat-informed defense nerds returns October 14-15, 2025, in McLean, VA. MITRE ATT&CKcon 6.0 brings together the cyber community for 20 sessions covering the ATT&CK framework, lightning talks, and a keynote by cyber intelligence veteran Lillian Teng. Virtual attendance opens September 3rd, but in-person tickets ($375 industry/$275 government) historically sell out—because nothing says “I love adversarial behavior modeling” quite like traveling to Virginia.
Cybercrime-as-a-service takedown: 7 arrested#
Europol dismantled a massive SIM-box operation that rented phone numbers from 80+ countries to enable phishing, smishing, and various scams across Europe. Law enforcement seized 1,200 SIM-box devices containing 40,000 active SIM cards that helped create over 49 million fake online accounts—because apparently running a telecommunications fraud empire is easier than getting a legitimate business license. The operation netted seven arrests and shut down infrastructure responsible for €4.5 million in Austrian losses alone, plus the obligatory crypto seizure ($333,000 USD).
MITRE Attack Flow v3.0.0#
MITRE Attack Flow v3.0.0 is the latest update to the framework for visualizing how attackers chain ATT&CK techniques together to achieve their objectives. The open-source tool converts complex attack sequences into machine-readable, visually comprehensible flow charts that show parallel paths, logical relationships, and critical chokepoints—basically turning “they compromised everything” into actionable detection engineering. SOC Prime’s integration now auto-generates flows from threat reports using AI, because manually mapping every APT campaign is so 2024.
Tools#
- GeoSpy - AI-powered geolocation intelligence platform for analyzing images and identifying locations
- rayhunter - Rust-based IMSI catcher detector that identifies cell-site simulators (stingrays) using Orbic mobile hotspots
- Purple Team Exercise Framework - Structured methodology for building and maturing Purple Team programs from ad-hoc exercises to dedicated operations
- Singularity - Linux kernel module rootkit for modern 6.x kernels providing process hiding, file concealment, and ICMP-triggered reverse shells
- caddy-c2 - Caddy v2 module that filters HTTP traffic based on C2 profiles for Cobalt Strike, Empire, Nimhawk, and NimPlant
- krakenhashes - Distributed password cracking system with web interface for coordinating GPU/CPU resources across multiple agents
- screenpipe - 24/7 local screen and audio recorder with API access for building AI applications on your digital history
- openrecall - Privacy-first, fully open-source alternative to Windows Recall with local AI-powered searchable screenshot capture