Security

    • Root crypto rollover now slated for October

      ICANN has penciled in October 11 as the new date for rolling the DNS root’s cryptographic keys, a delay of a year from its original plan. The so-called KSK rollover will see ICANN remove the deprecated 2010 Key Signing Key, leaving only the 2017 KSK active. The KSK acts as the “trust anchor” for DNSSEC across the whole internet.

      Kevin Murphy/ DomainIncite- 16 readers -
    • Registries reject lower fees for anti-abuse prowess

      Registries have largely rejected a proposal for them to be offered financial incentives to lower the amount of abuse in their gTLDs. That’s despite the idea gaining broad support from governments, intellectual property interests and restricted-registration registries. The concept of ICANN offering discounted fees to registries that proactively fight abuse was floated by the ...

      Kevin Murphy/ DomainIncite- 10 readers -
  • Research finds homograph attacks on big brands rife

    … Apparent domain name homograph attacks against major brands are a “significant” problem, according to research from Farsight Security. The company said last week that it scanned for such attacks against 125 well-known brands over the three months to January 10 and found 116,113 domains — almost 1,000 per brand. Homographs are domains…

    Kevin Murphy/ DomainIncite- 10 readers -
  • Big changes at DomainTools as privacy law looms

    … issues or trying to hunt down serial cybersquatters and copyright infringers, Chen said. “[Customers are] very concerned, because their ability to use this data as part of their incident response is critical, and the removal of the data from that process really does injure their ability to do their jobs,” he said. How far these use cases…

    Kevin Murphy/ DomainIncite- 21 readers -
  • New Trump appointee slams ICANN after security group shutdown

    … by Donald Trump back in May, replacing Obama appointee Larry Strickling, who left the agency in January. He’s the first NTIA chief since ICANN’s inception not to enjoy the special position of power over ICANN granted by the old IANA contract, which was scrapped in September 2016. Tweet Tagged: abu dhabi, gac, iana, ICANN, ntia, security, ssr-2 …

    Kevin Murphy/ DomainIncite- 18 readers -
  • Concern as ICANN shuts down “independent” security review

    … independent security review. The Security, Stability and Resiliency of the DNS Review, known as SSR-2, is one of the mandatory reviews that got transferred into ICANN’s bylaws after the Affirmation of Commitments with the US wound up last year. The review is supposed to look at ICANN’s “execution of its commitment to enhance the operational…

    Kevin Murphy/ DomainIncite- 19 readers -
  • Exploit makes all Wi-Fi vulnerable. Is it time to panic?

    … A leading security expert recently discovered an exploit in the algorithm that keeps most Wi-Fi devices secure. The exploit, named KRACK, allows a bad actor to hijack your Wi-Fi and tunnel in to any of your Wi-Fi enabled devices. This means that your private information could be compromised or any sort of malware could be injected into your…

    Greg's Corner- 18 readers -
  • 1700+ Valid Passwords to IoT Devices Found Online

    … The Internet of Things is continuing to grow in popularity, providing consumers with many great options. Marketers are making lots of money promoting these things, and taking advantage of the added web traffic. According to security researchers, however, the security related to them is quite low, and may have just gotten worse. There is a list…

    Michael Levanduski/ Performance Marketing Insider- 14 readers -
  • Websites may be using your computer to mine for cryptocurrency

    … Advertising and the internet have a contentious relationship to say the least. While advertising is where the majority of content creators make their money, there are many drawbacks to taking in advertiser money. Many advertising programs, like Google’s Adsense, seem to have arbitrary policies that see some creators penalized while others do…

    Greg's Corner- 14 readers -
  • 10 tips to make your Magento online store more secure

    … an ecommerce platform, and it’s clear how critical security for any Magento e-store would be. Magento keeps on releasing security patches to keep client websites secure; however, the responsibility of doing everything possible to secure your Magento store also rests with you, the customer. There are several customizations, security settings…

    Amanda Disilvestro/ Search Engine Watch- 13 readers -
  • Time to change your password again after massive spam list discovered

    … Cybersecurity experts have discovered a record-breaking spam operation which has compromised a number of email accounts. This spam attack, dubbed Onliner, has harvested over 700 million email addresses. A great number of these email accounts had their passwords divulged as well. Even the operator of Have I Been Pwned, whose website can tell you…

    Greg's Corner- 31 readers -
  • Twitter Is a Vulnerable Attack Vector: Protect Yourself and Your Customers

    … At this point, you are using social media not only for marketing purposes but also to speak to your customers. But when your customers speak to you are they following proper security measures, or are they using social media inappropriately? And if they are, what are you going to do about it? Furthermore, what are you going to do to prepare your…

    Growmapin Social- 11 readers -
  • Man who invented P@$$w0rd guidelines regrets it

    … Anyone who has held a job that required a computer in the past decade and a half has been subjected to the tedious practice of having to change their password every 30 to 90 days. Then that password has to have an uppercase letter, a number, a symbol, an Egyptian hieroglyph, some ancient Sanskrit, your DNA sequence and that unpronounceable icon…

    Greg's Corner- 20 readers -
  • Over 750 domains hijacked in attack on Gandi

    … Gandi saw 751 domains belonging to its customers hijacked and redirected to malware delivery sites, the French registrar reported earlier this month. The attack saw the perpetrators obtain Gandi’s password for a gateway provider, which it did not name, that acts as an intermediary to 34 ccTLD registries including .ch, .se and .es…

    Kevin Murphy/ DomainIncite- 15 readers -
  • Moving your website to HTTPS / SSL: tips & tricks

    … lines to the file, check that the configuration is still valid by running service nginx configtest. If so, reload Nginx by running service nginx reload. Become a technical SEO expert with our Technical SEO 1 training! » $ 199€ 199 - Buy now » Info Strict Transport Security header The Strict Transport Security Header (HSTS) is another handy feature…

    Yoast- 18 readers -
Get the top posts daily into your mailbox!