Ian Campbell's Avatar

Ian Campbell

@neurovagrant.bsky.social

Security ops engineer and investigator @ DomainTools, writer, voracious reader. he/him. Opinions here mine only. Autistic/depressed/anxious/hungry. https://dti.domaintools.com

265 Followers  |  231 Following  |  731 Posts  |  Joined: 26.07.2023
Posts Following

Posts by Ian Campbell (@neurovagrant.bsky.social)

hm, wonder if shit is about to get wild

07.03.2026 21:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

well said

and also, this ruins pretty much every day of mine now, not just mondays

05.03.2026 22:24 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

To reiterate something I said to my boss that ruined yet another one of her Mondays, "We're going to have to reeducate the entire world on cyber security in short order as everyone seems to have forgotten everything." This is less about the package attack and more about the triage bot.

05.03.2026 21:18 β€” πŸ‘ 46    πŸ” 17    πŸ’¬ 1    πŸ“Œ 0

As if a well-coordinated challenge phrase and response, one of my Distinguisheds answered this with:

"It's a mistake to make sand think. It's a bigger mistake to make sand conspire."

05.03.2026 20:05 β€” πŸ‘ 58    πŸ” 8    πŸ’¬ 0    πŸ“Œ 1
Preview
DomainTools Investigations | Cybersecurity Reading List - Week of 2026-03-02 A broken snowblower belt taught me something cybersecurity professionals often forget β€” saying "I don't know" isn't failure. It's where the real work begins.

There has been SO MUCH good threat intel reading lately and I have had ZERO TIME. But still, here are some gems from the last month, largely dominated by multiple great posts by GTIG, but also including Infoblox, Gitlab TI, and more.

dti.domaintools.com/securitysnac...

05.03.2026 20:01 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

The DomainTools security team has published a comprehensive report on the current 2026 infrastructure of Russian disinformation group DoppelgΓ€nger (aka RRN) and their latest operational priorities

They also have a new RSS feed, so update that too

dti.domaintools.com/research/dop...

05.03.2026 18:35 β€” πŸ‘ 15    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
Post image

a learned co-conspirator just perfectly phrased it thus: "the horrors of giving the angry vibrating crystals agency in an adversarial environment"

grith.ai/blog/clineje...

05.03.2026 19:51 β€” πŸ‘ 121    πŸ” 39    πŸ’¬ 2    πŸ“Œ 10

Just a reminder, we published massive, in-depth research on Monday analyzing backend and development data from Russian disinformation threat actor Doppelganger to illuminate their methods and patterns. Very much worth a read!

05.03.2026 15:40 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Specialist, Influence Operations - Global Security Organization View our opening for Specialist, Influence Operations - Global Security Organization and learn more about what it's like to work at TikTok!

US, Washington DC - TikTok - Specialist, Influence Operations - Global Security Organization

They've got some other interesting DC roles open; AML, anti-bribery, and more.

(I am not affiliated with TikTok or at all involved in this hiring process.)

lifeattiktok.com/search/76128...

04.03.2026 15:51 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Hell of a story out today on Russian facial surveillance tech being used in Iran: www.linkedin.com/feed/update/...

www.spiegel.de/ausland/iran...

forbiddenstories.org/iran-regime-...

03.03.2026 17:55 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
DomainTools Investigations | DoppelgΓ€nger / RRN Disinformation Infrastructure Ecosystem 2026 Analysis of the DoppelgΓ€nger / RRN disinformation ecosystem. Learn how this DevOps-style infrastructure uses automated media impersonation, TLD rotation, and cloud-native hosting to target global audiences and evade enforcement.

DomainTools Investigations researchers have spent the past several weeks pulling apart data from Russian threat actor Doppelganger to analyze recent campaigns and explore its technical and organizational structures.

#infosec #threatintel #cybersecurity

dti.domaintools.com/research/dop...

02.03.2026 19:42 β€” πŸ‘ 3    πŸ” 3    πŸ’¬ 1    πŸ“Œ 1
Preview
Cyber Threat Researcher (Europe or LATAM, Remote) Company Overview: Intel 471 empowers enterprises, government agencies, and other organizations to win the cybersecurity war using the real-time insights about adversaries, their relationships, threat...

Europe or LATAM, Remote - Intel 471 - Cyber Threat Researcher

(I am not affiliated with Intel 471 or at all involved in this hiring process.)

intel471.bamboohr.com/careers/313

02.03.2026 14:38 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I’m too lazy for the infosec-to-farm or infosec-to-blacksmith pipeline, but I figure the right undead minions may be able to handle either.

01.03.2026 03:16 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Photo showing a book called Forbidden Rites: a necromancer’s manual of the fifteenth century, by Richard Kickhefer

Photo showing a book called Forbidden Rites: a necromancer’s manual of the fifteenth century, by Richard Kickhefer

TFW you impulse-order a book and then completely forget about it until it arrives.

28.02.2026 01:18 β€” πŸ‘ 6    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

I have been remiss in having forgotten to mention that Da Boss, Daniel Schwalbe, will be speaking tomorrow at BSides Seattle! Go see him work his magic.

Bonus points if you ask him what the "F" in "DFS" stands for.

#infosec #cybersecurity #bsidesseattle

27.02.2026 23:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Engineering Manager I - Cyber Threat Intelligence | Datadog Careers We're building a platform that engineers love to use. Join us, and help usher in the future.

US - Remote / ET - Datadog - Cyber Threat Intelligence Engineering Manager I

(I am not affiliated with Datadog or at all involved in this hiring process.)

careers.datadoghq.com/detail/71810...

27.02.2026 19:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Sr. Technical Program Manager, Amazon Cyber Threat Intelligence As a Senior Technical Program Manager in the Amazon Cyber Threat Intelligence organization, you will be a critical part of an organization focused on influencing the security culture within Amazon. Am...

USA, multiple offices - Amazon Cyber Threat Intelligence - Sr. Technical Program Manager

(I am not affiliated with Amazon or at all involved in this hiring process.)

TX, Austin
VA, Arlington
WA, Seattle
NY, New York
MD, Annapolis Junction
VA, Herndon

www.amazon.jobs/en/jobs/3189...

26.02.2026 15:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
DomainTools Investigations | SecuritySnack - Idolized Crypto Scams An analysis of an active cryptocurrency scam operation impersonating Trump, Musk, and Truth Social across 250+ domains β€” uncovering shared wallet infrastructure, on-chain laundering pipelines, and the tactics used to fake legitimacy.

New research from our investigations team on a cluster of 250 cryptocurrency scam domains, wallets, trackers, and other indicators.

Apparently people continue to believe that Elon or Trump want to double users' crypto deposits.

dti.domaintools.com/securitysnac...

github.com/DomainTools/...

26.02.2026 15:47 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

These dogs are having the time of their lives following this week's historic blizzard in the Northeast. Please enjoy. 14/10 for all

25.02.2026 00:53 β€” πŸ‘ 15447    πŸ” 2722    πŸ’¬ 255    πŸ“Œ 326
Preview
Yves Jeanrenaud (@yjeanrenaud@tech.lgbt) Attached: 1 image I made an app. https://play.google.com/store/apps/details?id=ch.pocketpc.nearbyglasses Nearby Glasses is here to warn you when smart glasses are nearby. I hope it's useful for some...

not the cyberpunk future i wanted or expected, but certainly a cyberpunk future of some sort tech.lgbt/@yjeanrenaud...

24.02.2026 11:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Probably says something about me that every time a storm finally passes, the first feeling I identify is that I already miss the howling wind.

24.02.2026 01:23 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Meta Director of AI Safety Allows AI Agent to Accidentally Delete Her Inbox Meta Superintelligence Labs’ director of alignment called it a β€œrookie mistake.”

not inspiring a lot of confidence www.404media.co/meta-directo...

23.02.2026 15:21 β€” πŸ‘ 297    πŸ” 72    πŸ’¬ 9    πŸ“Œ 23

FRESH POD UP!
securityconversations.com/episode/gitlab…

21.02.2026 19:49 β€” πŸ‘ 3    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Screencap from the miniseries showing several winter-dressed men amidst snowfall, looking uncertain.

Screencap from the miniseries showing several winter-dressed men amidst snowfall, looking uncertain.

One of my favorite things to do on days like today is cue up Stephen King's "Storm of the Century" - a very underrated 1998 miniseries about a massive winter storm hitting a small island town in Maine.

Howlin' outside still, boy howdy.

23.02.2026 15:07 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
a woman in a blue jacket is sitting in a classroom looking up at the sky . Alt: a woman in a blue jacket is sitting in a classroom looking up at the sky sighing.

Another day, another AI generated PR.

21.02.2026 10:17 β€” πŸ‘ 20    πŸ” 2    πŸ’¬ 3    πŸ“Œ 0
Preview
Wikipedia blacklists Archive.today, starts removing 695,000 archive links If DDoSing a blog wasn't bad enough, archive site also tampered with web snapshots.

The headline does not convey how completely batshit this story is. The Archive Today (archive.ph etc) admin weaponized the site's captcha to attack a blogger who wrote about them and *altered archived screenshots* as part of the attack.

arstechnica.com/tech-policy/...

21.02.2026 02:23 β€” πŸ‘ 3777    πŸ” 1518    πŸ’¬ 58    πŸ“Œ 142
Preview
Security Analyst, Incident Response Lyft Security Analyst, Incident Response is where you apply online to the Security Analyst, Incident Response role.

Mexico - Lyft - Security Analyst, Incident Response

(I am not affiliated with Lyft or at all involved in this hiring process.)

app.careerpuck.com/job-board/ly...

19.02.2026 23:05 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Hackers made death threats against this security researcher. Big mistake. Allison Nixon had helped arrest dozens of members of The Com β€” a loose affiliation of online groups responsible for violence and hacking campaigns. Then she became a target.

Anonymously threatening a security researcher seems like a shooting-yourself-in-the-dick level bad decision. Kudos to Allison Nixon for not taking any shit.

www.technologyreview.com/2026/02/16/1...

19.02.2026 21:56 β€” πŸ‘ 306    πŸ” 75    πŸ’¬ 12    πŸ“Œ 6
Preview
Senior Security Operations Analyst Costa Mesa, California, United States

US - Anduril - Senior Security Operations Analyst

(I am not affiliated with Anduril or this hiring.)

job-boards.greenhouse.io/andurilindus... (HQ)

job-boards.greenhouse.io/andurilindus... (SEA)

job-boards.greenhouse.io/andurilindus... (DC)

job-boards.greenhouse.io/andurilindus... (BOS)

18.02.2026 15:23 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day | Google Cloud Blog UNC6201 utilizes a newly discovered zero-day in Dell RecoverPoint for Virtual Machines to deliver BRICKSTORM and subsequently backdoors.

New from GTIG/Mandiant: From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day

#threatintel #infosec #cybersecurity

cloud.google.com/blog/topics/...

17.02.2026 19:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0