Effective Threat-Hunting Queries in a Redacted World

A decade ago, hunting for adversary infrastructure was often as simple as monitoring a domain registrant’s name or phone number in public WHOIS records. As bad actors have moved first toward privacy protection services and then gained further obscurity behind laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), many in the cybersecurity industry have lamented the loss of unredacted WHOIS records as an end to effective hunting.

Read full article on Threat Post

 


Date:

Categorie(s):