iThreat News
Is your #OPSEC program complete?
Do you have wide-reaching monitoring in place for rapid detection of Internet postings of sensitive data about your products, key staff, and facilities?
We can help! Learn more at http://iThreat.com.
We agree with Digital Guardian’s work of categorizing Operational Security into 5 steps:
1) Identify sensitive data.
2) Identify possible threats.
3) Analyze security holes/ vulnerabilities.
4) Appraise risk level.
5) Get countermeasures in place.
#opsec #security #cso
How do dig tools work? How do they benefit me? iThreat’s CleanDNS analysts regularly leverage these lookups to uncover additional infrastructure and evidence of domain abuse to increase the impact of mitigation efforts.

Using Online dig Resources in Domain Investigations
TL;DR Google’s dig tool and digwebinterface.com allow investigators to quickly obtain real-time DNS records for a domain. Google’s dig too…
diggingdns.com
Have you ensured your executives are properly using 2FA for a safer online presence? Are you monitoring for leaks of their PII? Is SMS two-factor authentication as secure as it seems? #2FA #OpSec

Do you use SMS for two-factor authentication? Don't.
Do 2FA the right way to keep hackers at bay.
www.cnet.com
iThreat can help you find PII BEFORE the bad guys do. First off, what is OpSec and how does it affect you?

Why OPSEC Is for Everyone, Not Just for People with Something to Hide
Stuart Peck shares three things you can do right now to dramatically improve you operational security (OPSEC).
www.tripwire.com
If you’re investigating a domain that has been around since at least 2017 and you don’t have access to paid resources, there are still a few ways to find historical WHOIS records.
#WHOIS #GDPR #research #DNS #records

Where to Obtain Historic WHOIS Records for Free
Even in the wake of GDPR, sometimes a historic whois record can hold information vital to your research. While some of the paid resources can have mor…
diggingdns.com
On this important day, PIR would like to congratulate Joe Biden and Kamala Harris on their inauguration. May we come together in support of a peaceful transfer of power in the U.S. and transcend that which has divided us in the past to help improve our world for the future.
iThreat’s new blog is for the community that wants to know more about DNS, but gets lost in the posts out there. The goal is to provide answers about domains, understanding about exposure during investigations, and knowledge along the way.

Digging DNS
Digging into what makes the Internet work
diggingdns.com
“Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles.” #threatintelligence

Dating Site Bumble Leaves Swipes Unsecured for 100M Users
Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, an…
threatpost.com
“Jeff Bedser, CEO of IThreat, APTLD Member, and a prominent expert in DNS, presented on the nature and causes of DNS abuse and elaborated on possible avenues and practical solutions for ccTLDs to be able to cope with the challenge.” #threatintelligence

Asia Pacific Top Level Domain Association
APTLD (Asia Pacific Top Level Domain Association) is an organization for ccTLD (country-code Top Level Domain) registries in the Asia Pacific region
aptld.org