Attack on the domain name system: the priority is to protect your access

Last weekend, the media has widely communicated on the consequences of an unprecedented attack that targeted the domain names. Indeed, during the night of 22-23 February ICANN reported the large-scale attacks on the domain names: it is DNS hijacking. These attacks consist in “replacing the authorized servers addresses” with “addresses of machines controlled by the attackers”, as explained by the organization, allowing the attackers to examine the data in order to find passwords, email addresses ... Read More

DNS Flag Day: Are you ready?

Lately, the DNS keeps being talked about! After the first KSK rollover of October 2018, then the deactivation of the former KSK key on last January 11, here comes the time of the DNS Flag Day! DNS Flag Day: What is it all about? The Flag day is an expression used in IT to indicate the deadline and/or radical change. Let us remember that when it was created, the weight of cybercrime threats affecting the DNS infrastructure didn’t exist. If the security was relegated to the background, the evoluti... Read More

GDPR – What is the impact on your SSL certificates?

The European Data Protection Regulation (GDPR) came into effect on 25th May and its impact on the management of your SSL certificates portfolio is not neutral. All Certification Authorities have previously always relied on the WHOIS of the domain name that needs to be certified in order to validate that the certificate applicant has the domain name technical operator’s agreement. In order to validate an order, one of the authentication steps involved sending an email to one of the email addresse... Read More

A high school student tries to change his grades thanks to phishing

Phishing is cybercriminals’ means of choice to hijack users‘ data, posing as a trusty company and then encouraging them to deliver personal information. We are often more inclined to think that this technique is reserved to hackers who try to steal banking or very sensitive information, and yet! An American student of Ygnacio Valley High School, in California, had a great time reproducing identically the website on which his teachers connect to enter marks and comments. This same student then em... Read More

Webstresser.org, the source of million DDoS attacks have been dismantled

The good news just arrived, Webstresser.org, one of the websites most responsible of million DDoS attacks has been dismantled. This shutdown has been possible thanks to Europol’s active intervention. For reminder, a DDoS is a cyberattack. The operating mode is to saturate queries servers so the websites hosted on these same servers cannot operate for web users anymore. Many countries hand in hand to dismantle the network According to the National Crime Agency’s research, Webstresser.org has been... Read More

Google makes HTTPS encryption mandatory for its 45 new TLDs : .dev / .app / .how…

In a recent article in this blog, we mentioned the arrival of Chrome 68 in July 2018 and the fact that HTTP will be considered “not secure” from then on. Well, this is not the only weapon that Google is planning to use to encourage large-scale adoption of encrypted websites. You may not be aware, but Google has submitted a number of applications to ICANN as part of the new TLD program, and as a registry, they have secured the management of 45 top-level domains*. Just as the .bank an... Read More

“Win an airline ticket with a value of 500€” or other online scams attempt

Recently, many frauds campaigns offering free Nike shoes here and IKEA vouchers of 500€ there have been going on. Last case in date, a fraudulent e-mails campaign announcing the winning of airline tickets with a nice value of 500€, graciously offered to the winners of a supposed contest proposed by Air France airline company. This scam has circulated around France and was shared on social networks, by e-mails and even relayed on WhatsApp. A misleading typography: typosquatting If we look at the... Read More

Who wants fake tickets? Santa Claus vs Typosquatting

Disneyland Paris freely offers 4 tickets on Facebook! You just have to go here: Then we arrive here: A fine website stamped Disneyland Paris that asks us if we have already visited the park. Then in step 2, if we have liked it. In step 3, you have to share and like the publication in order to open the door of our precious Facebook data to this website: Myriad of fake comments below this screen are making us dream of these famous 4 free tickets instead of the 56€ for each tickets. Once the ste... Read More

Slamming: a scam still too common

The slamming is a fraud aiming to deceive companies in order to sell by emails unsolicited services for domain names. These slamming attempts are easily recognizable and play on their contacts lack of knowledge in some cases. The slammers propose services that you didn’t solicit with your official registrar (registration, whois’update, owner or registrar transfer…) at high prices. These emails are sources of anxiety and lead you to take a quick decision. For example, a standard slamming email w... Read More

PyeongChang Olympic Games: Cyberattack

It’s during the opening ceremony of the PyeongChang Winter Olympic Games that a cyberattack has aimed at the host infrastructure IT department. Around 45 minutes before the start of the event, the servers and WI-FI network have been hit by an attack, which fortunately has not impacted the ceremony. However, in the Olympic Village, the press zone has been deprived of Internet connection and television. Furthermore, the official website of the PyeongChang 2018 Olympic Games has been unreachable f... Read More