Ian Campbell
@neurovagrant
Followers
2K
Following
16K
Media
2K
Statuses
53K
Security ops engineer and researcher for @DomainTools, writer, voracious reader. he/him. Opinions here mine only. Autistic/depressed/anxious/hungry.
Massachusetts
Joined January 2009
RT @GelosSnake: The pattern is simple:.- Dev gives vague instruction.- AI has production access.- Literal interpretation.- Catastrophic dam….
0
1
0
RT @GelosSnake: Introducing a new attack vector: AI-Induced Destruction. After a shared volume of incident responses, we can confirm: AI co….
0
19
0
RT @780thC: CyberAv3ngers: From Infrastructure Hacks to Propaganda Machines in the Iran-Israel Cyber War.@DomainToo….
dti.domaintools.com
As the conflict between Iran and Israel escalated in early 2025, it quickly expanded beyond missiles and airstrikes into a broader battle for digital and psychological dominance. Among the most...
0
9
0
RT @DomainTools: Looking for smart reads & listens in cyber? .@Neurovagrant shares what’s buzzing on our team’s radar this week:. 🎧 @Malteg….
dti.domaintools.com
Recommended cybersecurity podcasts, books, blog posts, reports, and essential tools from DomainTools Investigations
0
3
0
RT @SecuritySnacks: DTI reveals a phishing campaign targeting defense and aerospace firms linked to the Ukraine conflict. The infrastructur….
0
4
0
RT @SecuritySnacks: .@neurovagrant shares his top cybersecurity picks: podcasts, blogs, research papers, and more! . Starting with "To Catc….
0
4
0
I'm super proud of my employer @DomainTools and our DT Investigations team under @DanOnSecurity today. Consider this historical analysis piece on Russian disinfo actors the first of many disinformation-related pieces to come!.
New research from DTI: Russian actors use low-cost, privacy-protected domains for #disinformation. Key points:.🔸Fake news portals.🔸Typosquatting.🔸Bulletproof hosting.🔸Preferred registrars.🔸Emerging trends.Stay informed & read more here:
0
5
8
stay frosty out there, friends. homebrew typosquat serving malware.
@JeroenGui @ryanchenkie assuming brewe[.]sh - . Created: 2024-12-22.Registrar: Dynadot.Host: Hostinger.NS: dyna-ns[.]net.IP: 46[.]202.159[.]95. I've got no other domain hits for that IP; DNS has it hitting hostinger's cloud. going back to 2024-12-01 I see brewi[.]sh and brewx[.]sh as well.
0
0
2
RT @ryanchenkie: ⚠️ Developers, please be careful when installing Homebrew. Google is serving sponsored links to a Homebrew site clone tha….
0
3K
0
RT @DomainTools: Proud to see our own @neurovagrant quoted in @helpnetsecurity regarding #cybersecurity career tips and guidance 👏.
0
2
0
Flash back to the Rio Olympics of 2016 - of course now I'm wondering if JD Vance was involved.
Hearing an Olympic kayaker may have capsized after hitting a submerged sofa. Story of day & possibly the week if true. #kayaksofa #Rio2016.
0
0
1
I hear Delta was offered compensation for their outage prior to filing suit but were unimpressed with the partial travel voucher and a bag of nuts.
0
1
2
VP Kamala Harris is absolutely up to the task of being elected. The dynamics will shift surprisingly fast. Be ready to help.
1
0
2
Just a reminder that I'm mostly at neurovagrant at masto dot deoan dot org these days. But some of y'all, I just can't quit.
0
1
3
Just a note for folks, we've added a second set of CSVs with human-readable timestamps instead of epochal in case folks are hunting manually rather than importing into a platform. They're located in a subfolder in the same place on Github.
0
1
1
Hey folks, we're seeing some real badness aimed at Web3 domains right now, along with many others. We've released passive DNS records from 2024-07-01 onward for sites highlighted by the community (not all necessarily compromised) to help investigators and blue teamers.
.@cryptonews relayed widespread social media reports of Web3-related domain takeovers of Squarespace-held domains. Using @0xngmi’s list as a guidepost, passive DNS records can be found on CTI Grapevine here:
1
1
1
RT @DomainTools: .@cryptonews relayed widespread social media reports of Web3-related domain takeovers of Squarespace-held domains. Using @….
0
3
0
