The dangers of Wildcard certificates

TLS/SSL certificates are used to authenticate servers (mostly Web) and encrypt traffic between websites and users. Thus, they ensure the integrity of the data exchanged and prevent data spying. The digitalization of the company and the world in general, as well as the browsers’ desire to impose HTTPS:// by default, have multiplied exponentially the need for certificates. To meet these growing needs, the wildcard certificate (*.domainname.com) is increasingly being considered by companies. ... Read More

Discover the Cybervictime.net website, launched on the occasion of the Cybersecurity Month

October is the month in Europe that celebrates cybersecurity. Every year, the aim of this operation is to make users aware of digital security issues, both on a personal and professional level. Many players are mobilized on this occasion to alert on cyber risks and inform on existing protection measures. It is in this context that the website cybervictime.net was launched! This website is a digital manual of easy to implement solutions to protect your computer and your digital life. You will fin... Read More

New document available on the Nameshield’s website: “5 minutes to understand – The protection of your domain names”

Domain name is the first link between the web user and your website. It is thanks to the domain name that you are found on the Internet, that you are visible, that your identity is displayed and that you develop your business on the net. It is a digital asset of your business. The management and configuration of these domain names usually requires access to a management interface. The absence of a security policy can be dramatic. Find in this “5 minutes to understand” document, avail... Read More

HTTPS://: China doesn’t like confidentiality and blocks the ESNI extension

According to a joint report by iYouPort, the University of Maryland, and the Great Firewall Report, TLS connections using the preliminary encrypted SNI extension (ESNI) are being blocked in China. A new step towards censorship and a desire to be able to track Internet users. What is SNI (Server Name Indication)? When an Internet user consults a website in HTTPS://, it means that the site is secured by an SSL/TLS certificate. The consultation of the website begins with the establishment of the se... Read More

Interpol warns of alarming rise in cyberattacks during COVID

In a new study of August 2020, INTERPOL measured the impact of COVID-19 on cybercrime. The results reveal that while the primary targets of cyberattacks usually remain individuals and SMEs, these have significantly expanded to large organizations and governments during the COVID period, revealing a new underlying trend. The fact that working from home was massively implemented has obviously increased vulnerabilities which cybercriminals have been able to exploit seeking to take advantage of the ... Read More

Phishing, slamming and other fraudulent e-mails: stay alert during the summer holidays!

Every year, the summer holidays often announce the upsurge of fraudulent e-mails mass campaigns. During annual holidays, cybercriminals try to profit from these periods, when the vigilance is sometimes lowering, to launch phishing e-mails. What are phishing and slamming? Phishing is used by cybercriminals to obtain personal information in order to commit an identity theft. In the world of phishing (79% of companies affected in 2019), the slamming is a well-known variant that consists in encourag... Read More

The importance of reverse DNS

Reverse DNS is often unknown to domain name managers, especially when the names are hosted by major hosting companies. Reverse DNS allows you to resolve from an IP address to an FQDN. This is the exact opposite of the classic use of DNS, which associates domain names to IP addresses. The reverse DNS allows to answer the question: I have an IP address, what is the FQDN related to it? Reverse DNS operates by creating a reverse DNS zone in which DNS PTR records (for Pointer Record) will be configur... Read More

Companies’ cybersecurity – 5th edition of CESIN’s annual barometer

Every year, the Club of Experts in Information and Digital Security (CESIN) publishes its barometer of companies’ cybersecurity in order to better understand the perception and concrete reality of cybersecurity and its issues within CESIN member companies. Last January, CESIN unveiled the results of its OpinionWay survey, carried out from the 2nd of December 2019 to the 7th of January 2020 among its 253 members, Chief Information Security Officer (CISO) of major French groups. Cyberattacks: Fewe... Read More

Let’s Encrypt, do not confuse confidentiality and security

Let’s Encrypt was recently the subject of discussions in the small world of TLS certificates, by suddenly revoking 3 048 289 certificates which should not have been issued. A bug in its validation software prevented CAA registrations controls, and the certificates in question should not have been initially issued. These significant disruptions resulted from this mass revocation, but it is difficult to complain about a free service. I am often asked what I think of Let’s Encrypt, and I ... Read More

Nameshield renews its ISO 27001 certification

Nameshield Group is an expert in domain names, DNS, TLS/SSL certificates management. Through our experience gained from world-renowned customers with ever-increasing security requirements, we have also become technical experts in Information security. That is why we have implemented an Information Security Management System (ISMS). In 2017, we obtained the ISO 27001 certification of this ISMS for our activities of domain names portfolio, DNS and TLS/SSL certificates management. Nameshield Group ... Read More