2020 and the SSL, a small prediction exercise

Browsers and Certification Authorities, the battle continues. 2019 was a busy year, with growing differences of opinion between browsers makers and Certification Authorities, an explosion in the number of phishing sites encrypted in HTTPS and significant progress on the depreciation of TLS v1.0. Discussions on extended validation, more generally the visual display of certificates in browsers, and the reduction of the duration of certificates have taken a prominent place. None of these discussion... Read More

Fake mobile applications: a growing threat to brands and consumers

With over 5 million mobile applications available today on the major apps stores like Google Play and App Store, over 2 000 new applications uploaded every day and almost 2 billion applications downloaded in France in 2018, mobile apps have rapidly grown over the last 10 years to become an essential element of the digital world. According to a research done by FEVAD, the revenue from mobile commerce is estimated to 22 billion euros in France in 2018, i.e. ¼ of online sales. Thus, mobile app... Read More

The financial industry, the target of more and more costly attacks on the DNS

Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS. The Efficient IP’s Global DNS threat annual report shows a constant growth of the DNS attacks’ number and the financial impacts, with an average financial loss of 1.2 million euros in 2019. This amount was est... Read More

ICANN66 at Montreal – A contrasting summit

During the first half of November, the 66th ICANN Summit was held in Montreal, Canada. This third and final annual summit devoted to policies applicable to Internet naming was eagerly awaited as the topics under discussion are numerous. At its closing, however, it left many participants a little bit disappointed. A preview of the topics and postures during the weekend before the official launch of the Summit The weekend before the official opening of the Summit is usually an opportunity to get a... Read More

Nameshield signs up the Paris Call in order to actively contribute to the Internet’s stability

Just one year ago, in the context of the first Paris Peace Forum, the French President, Emmanuel Macron, launched the Paris Call for trust and security in cyberspace. This call is a political declaration aiming to express a mobilization on the stability in the cyberspace and strengthens the efforts of the international community and many actors involved in the digital security issues. This text reminds some principles that we think are fundamental, like the application of the international right... Read More

The alarming Kaspersky report: nine times more attacks aiming connected objects than in 2018

Last October 15, Kaspersky, the antivirus software company, published an edifying report about the volume of cyberattacks directly aiming connected objects. Although the industry expected that this new generation of objects would be directly targeted by cyberattacks, the increase in the cyberattacks number is alarming and lets easily imagine the security flaws that the connected objects present. According to the estimation presented by Kaspersky, between the beginning of 2018 until mid-2019, the... Read More

Satori Botnet: The hacker facing up to 10 years imprisonment did not act alone

We now know more about the cyberpirate, Nexus Zeta, whose real name is Kenneth Currin Schuchman, who distinguished himself with the creation of the Satori botnet. Pleading guilty to the charges regarding Satori botnet creation, his confessions describe the implementation of this attack using IoT flaws. For reminder, a botnet is a set of infected computers remotely controlled by a cybercriminal. The machines that belong to a botnet are often called “bots” or “zombies”. The aim: to spread a malwar... Read More

50 years after Arpanet, the Internet’s ancestor

On October 29, 1969 UCLA sends the very first e-message to Stanford Research Institute through Arpanet network (Advanced Research Projects Agency Network) laying the foundation for today’s networked world. Arpanet, the Internet’s precursor  Arpanet is the first data transfer network developed by the Advanced Research Projects Agency (ARPA) which belonged to the U.S. Defense Department. The first Arpanet node was set up at UCLA on August 30, 1969, the second node, at the Stanford Research ... Read More

Soon a maximum duration of one year for SSL certificates?

What is happening? The industry actors plan to reduce the lifetime of SSL/TLS certificates, allowing the HTTPS display in browsers, to 13 months, i.e. almost half of the present lifetime of 27 months, in order to improve security. Google through the CA/Browser Forum has indeed proposed this modification, approved by Apple and a Certification Authority, making it eligible to vote. During the next CA/B Forum meetings, if the vote is accepted, the modification of the requirements will come into eff... Read More

NBA: Phishing doesn’t spare sports institutions

On last May 10th, in a press release, the Pacers Sports & Entertainment (PSE) organization, owner of the NBA’s basketball team the Indiana Pacers, revealed that they were the victim of a sophisticated phishing attack at the end of 2018. For reminder, phishing is a technique used to obtain personal information in order to commit an identity theft.  This is a «social engineering» technique, i.e. consisting in exploiting not an IT flaw but a «human flaw» by deceiving web users through an e... Read More