Ian Campbell

GreyNoise at it again, picking up a massive, coordinated campaign targeting US-based Microsoft stacks starting a few days ago, sounds like. Some day I’m gonna make @hrbrmstr.dev build me a morning dashboard I can just grab my coffee and shout “Damage report!” at.

mastodon.social/@hrbrmstr/11...

SHAPIRO: OK, so you've spent your career creating television without Al, and I could imagine today you thinking, boy, I wish I had had that tool to solve those thorny problems... SIMON: What? SHAPIRO: ...Or saying... SIMON: You imagine that? SHAPIRO: ...Boy, if that had existed, it would have screwed me over. SIMON: I don't think Al can remotely challenge what writers do at a fundamentally creative level. SHAPIRO: But if you're trying to transition from scene five to scene six, and you're stuck with that transition, you could imagine plugging that portion of the script into an Al and say, give me 10 ideas for how to transition this. SIMON: I'd rather put a gun in my mouth.

David Simon, creator of ‘The Wire’, being interviewed by Ari Shapiro (NPR)

'When authoritarians seize power, it is crucial to recognize courageous defenders of freedom who rise and resist,' the Norwegian Nobel Committee said as it announced Maria Corina Machado as the winner of the 2025 Nobel Peace Prize

From Assistant to Adversary: Exploiting Agentic AI Developer Tools | NVIDIA Technical Blog Developers are increasingly turning to AI-enabled tools for coding, including Cursor, OpenAI Codex, Claude Code, and GitHub Copilot. While these automation tools can enable faster development and…

Oh nice, Nvidia AI red team wrote up some of their attack framework and results from their BlackHat presentation. These folks are awesome.

developer.nvidia.com/blog/from-as...

Fascinating job alert: TikTok

Analyst, Influence Operations - Global Security Organization

lifeattiktok.com/search/75533...

YouTube video by SentinelOne LABScon25 Replay | Auto-Poking The Bear - Analytical Tradecraft In The AI Age | Wendiggensen & Palm

YESSSSSS LABScon 2025 videos have started going up. This was a fantastic talk by two Dreadnode folks on the nuts and bolts of an agentic system built for Russian internet content analysis, as well as the limitations, ways to properly assess it, and further implications.

youtu.be/zZUKMrz7TNU

Figma MCP Server Opens Orgs to Agentic AI Compromise A bug (CVE-2025-53967) in a popular Web design tool's option for talking to agentic AI allows command injection leading to remote code execution (RCE).

I love how we’re all just pretending MCP can be patched like any other software and the problem solved.

The nondeterminism is what Nvidia AI red teamer Rich Harang very presciently calls a “universal anti-pattern” that allows for these vulnerabilities.

www.darkreading.com/vulnerabilit...

Framework can make this right, but doubling down on supporting projects by a toxic dickhead that also gleefully celebrated mass tech worker layoffs “because DEI” is not apolitical or “big tent.”

It’s just another bro show.

In regards to Framework’s latest footgunning, two things:

1. Tech is and always has been political. Anyone saying otherwise simply wants to avoid being held accountable for their words and actions.

2. “Big tent” policies loudly express that you’re perfectly okay becoming the neighborhood nazi bar.

Addams family clip with Morticia repeating the family credo, which is the text above.

“We gladly feast on those who would subdue us.”

Was reminded of this tonight and need to carry it forward.

Weekly Geopolitical Risk Briefs At Silobreaker, we understand the critical impact that geopolitical conflicts can have on your organization. That's why we're excited to introduce our latest Geopolitical Risk Briefs. Our research tea...

Shout out to Silobreaker for putting out *really* well-done weekly geopolitical briefs that provide substantial, timely, and relevant analysis without feeling like a chore to make time for.

#threatintel #infosec #cybersecurity

www.silobreaker.com/resources/re...

www.linkedin.com/newsletters/...

Supercharge your workflows with our new n8n integration We’re excited to announce that Inoreader now integrates with n8n – one of the most popular platforms for workflow automation...

Oh, this could be a powerful combo. My article aggregator/RSS reader/more now integrates natively with n8n, which is a powerful platform to develop AI-centric workflows www.inoreader.com/blog/2025/10...

ICE bought vehicles equipped with fake cell towers to spy on phones  | TechCrunch The federal contract shows ICE spent $825,000 on vans equipped with “cell-site simulators” which allow the real-world location tracking of nearby phones and their owners.

ICE now owns roving vans with integrated cell site simulators

techcrunch.com/2025/10/07/i...

for commentary on this breaking news, i turn to my recently-made friend Ray Hunter

Luckily everyone else can too!

#infosec #privacy

www.eff.org/deeplinks/20...

Hey folks, just a reminder I'll be at BSides NoVA this weekend, giving a talk on DNS and domain intel in investigative journalism! It's an intersection of passions for me, so I'm wicked excited.

#infosec #cybersecurity #bsidesnova

bsidesnova-2025.sessionize.com/session/1001...

“But Captain,” I mutter to myself in the early morning quiet, “it’s only Tuesday.”

This Phrack timeline of the Kimsuky dump is wiiiiiiild.

phrack.org/issues/72/7_...

(we did some deeper analysis of the dump, linked below, but wow...)

( dti.domaintools.com/inside-the-k... )

If you need something to read this morning, we published research on Friday around an activity cluster targeting 18+ interests, especially gambling and porn.

Well. Also tax websites. Which I suppose is an adult interest. Sigh.

#threatintel #infosec

dti.domaintools.com/securitysnac...

Prompt||GTFO Registration Welcome to the Prompt Pit, where in a world of vibe slop, we're taking AI back from the marketers. Next upcoming episode: S02E01: Indiana Pit and the Raiders of the Lost Prompt When: 25 September, 20...

Prompt||GTFO events have been extremely educational for me as an AI skeptic, as well as fun and entertaining. Worth checking them out.

Google Form for getting the invite (or applying to present):

docs.google.com/forms/d/e/1F...

LinkedIn post with more info:

www.linkedin.com/feed/update/...

SecuritySnack: 18+E-Crime - DomainTools Investigations | DTI Starting in September 2024, a financially motivated cluster of more than 80 spoofed domain names and lure websites began targeting users with fake applications and websites themed as government tax si...

New, from us, today: coordinated cluster of dozens of domains delivering infostealers or phishing credentials, targeting users of TikTok, YouTube, gambling apps, and more. Domain profiles and deeper IOCs provided.

#infosec #cybersecurity #threatintel

dti.domaintools.com/securitysnac...

YouTube video by Radiohead - Topic Everything In Its Right Place

Happy 25th birthday of Kid A to all those who celebrate (me) www.youtube.com/watch?v=NUnX...

Last paper I read from Agarwal & Vasek was great. New one:

Fishing for Smishing: Understanding SMS Phishing Infrastructure and Strategies by Mining Public User Reports

Agarwal, Sharad; Papasavva, Antonis; Suarez-Tangil, Guillermo; Vasek, Marie.

discovery.ucl.ac.uk/id/eprint/10...

well played, M-W

*checking inbox a little compulsively*

c'moooon, big money, no whammies, big money no whammies, BIGMONEYNOWHAMMIES

Consumer Cyber Readiness Report

Today, @consumerreports.org @aspendigital.bsky.social @gca.bsky.social released the 4th Annual Consumer Cyber Readiness Report, co written by @gigastacey.bsky.social @jefflandale.bsky.social and I.

innovation.consumerreports.org/2025-Consume...

#CybersecurityAwarenessMonth 1/x

Okay nerds, someone pointed me at BSidesSF's CFP, which is musical theatre-themed.

Get on it!

sessionize.com/bsidessf2026

Hellllll yeah Infoblox!

Cybersecurity Reading List - Week of 2025-09-29 - DomainTools Investigations | DTI Commentary followed by links to cybersecurity articles that caught our interest internally.

Did that thing again where I reach deep into the DomainTools Investigations noosphere to mine our infosec egregores and present them on a monthly cadence.

or...y'know...drummed up a reading list of stuff that caught our attention.

#infosec #cybersecurity

dti.domaintools.com/cybersecurit...

Vane Viper: Russia–Cyprus AdTech Nexus Delivering Malware DNS analysis links Vane Viper's AdTech abuse to AdTech Holding and PropellerAds, delivering malware through fake software, APKs, and redirects.

In case you need more good weekend reading, make sure you've hit this Infoblox piece on Vane Viper.

It's absurdly well-done, weaving expert technical details with deep narrative to provide a thorough understanding of malicious adtech & related behavior.

blogs.infoblox.com/threat-intel...

Inside Salt Typhoon: China’s State-Corporate Advanced Persistent Threat - DomainTools Investigations | DTI Salt Typhoon is a Chinese state-sponsored cyber threat group aligned with the Ministry of State Security (MSS), specializing in long-term espionage operations targeting global telecommunications infra...

ICYMI, quick reminder that @domaintools.bsky.social Investigations published a comprehensive writeup on SALT TYPHOON yesterday.

I'm particularly proud of it, and we're getting really positive feedback on it.

#threatintel #infosec #cybersecurity

dti.domaintools.com/inside-salt-...

Tweet by @Joseph_Fasano_:| think about this student's email every day. Below that is the screenshot of an email: "Professor Fasano, Like Hamlet, I have hesitated to act for reasons I cannot articulate even to myself. May I have an extension on the Hamlet paper?"

*stares in empathy and relatability*