[Threat Intelligence] Three more lookup items that should be checked for Threat Intelligence

1)      Brand Protection & Monitoring

Periodically determine if there is any malicious website faking the company to conduct phishing activities.

Search Engines: Google, Bing, and Yahoo

Checklist:

1.1) Check if there are any websites using similar top-level domain names to fake the company.

1.2) Check whether there are any other websites faking the company in the Internet.

2)      Passive Internet-faced Vulnerability Lookup

Regularly look up those cyberspace search engines in order to discovery those Internet-faced vulnerabilities associated with the company.

Search Engines: Shodan (shodan.io) and ZoomEye (zoomeye.org)

Checklist:

       2.1) Search keywords “XXXX” and “XXXX”, respectively.

       2.2) Check if there is any vulnerability linked to the aforementioned two domains.




3)   Internet Asset Blacklist/Reputation Checking
Periodically check if the company's domains are sitting in SPAM/Reputational Blacklists.

Search Engines: VirusTotal (https://www.virustotal.com/gui/home/url) and Talos Intelligence (https://www.talosintelligence.com/reputation_center/)