PyeongChang Olympic Games: Cyberattack

It’s during the opening ceremony of the PyeongChang Winter Olympic Games that a cyberattack has aimed at the host infrastructure IT department. Around 45 minutes before the start of the event, the servers and WI-FI network have been hit by an attack, which fortunately has not impacted the ceremony. However, in the Olympic Village, the press zone has been deprived of Internet connection and television. Furthermore, the official website of the PyeongChang 2018 Olympic Games has been unreachable f... Read More

FIC 2018: Nameshield’s DNS Premium solution labelled France Cybersecurity

These 23 and 24 January, has taken place in Lille, the 10th edition of the International Cybersecurity Forum (FIC). With 7000 participants, 240 partners and 60 represented nationalities, it is a major event in terms of cybersecurity and digital confidence, gathering all the actors in France and in Europe. On this occasion, and for its first participation as a partner, Nameshield was given the France Cybersecurity label for its DNS Premium solution. The Nameshield’s labelled DNS Premium solution... Read More

SSL certificates reduction to 2 years maximum

The CAB forum, organization which defines the SSL certificates issuing and management rules approved the SSL certificates reduction to a duration of 2 years against 3 previously. Initiated by the browsers Chrome and Mozilla heading, this decision moves in the direction of an always more secured Internet by forcing the actors to renew more often their security keys and to stay on the last standards of the market. This decision will be applicable to all Certification Authorities from March 1st 20... Read More

South Africa, domain names and brands: the advantage of a simultaneous registration

The domain name is to the virtual, what the brand is to the real. It is actually a little more complicated but this small sentence allows to associate brands and domain names. It’s in the context of this shared vision, that the South African brands registration Office, CIPC has developed a partnership with the registry of .ZA, the South Africa geographic extension. Thus, the brand applicants can choose the “domain name” option, registering that way the two protections. This is here the first co... Read More

A bad phishing story

A victim of phishing from 2015, asked her bank for a refund of 3300€, which was the amount diverted by a fraud author. However, during the legal procedure, the Justice has cancelled the judgement of the local court of October 2017, which has requested to the bank of the victim to refund the corresponding amounts of the phishing operation. The reason of this cancellation? The victim has deliberately communicated some confidential data regarding her credit card, by falling into the trap of a... Read More

A phishing attack more and more sophisticated

Recently, some Amazon users have been the victims of a quite sophisticated phishing attack. They received a fake e-mail from Amazon, alerting them that someone attempted to connect to their account by trying to change their password. A six digit code was transmitted with the instruction to call a number to verify the user’s identity. If the web users were not the source of these actions, they were invited to follow a specific procedure to secure their account. When they called the supposed Amaz... Read More

The blockchain at the service of domain names

The case of Ethereum foundation and the «.ETH » extension. Ethereum is a foundation created during 2015, by Vitalik Buterin, a 21 years old Canadian. This foundation aims to promote the Ethereum blockchain technology, created by this young computer engineer, who proposes in addition to a virtual currency, like the Bitcoin blockchain, the possibility to create applications ensuring traceability, inviolability and sustainability of the transactions they manage. To allow to the greatest number of ... Read More

Disastrous consequences of a domain name non-renewal

The American telecommunication company, Sorenson Communication, has forgotten to renew a domain name for only a few days in June 2016. The decision has fallen at the end of September 2017, Sorenson Communication has to pay a fine of 3 million dollars. Why such a high amount? The domain name which has fallen back into public domain was carrying a critical service for some users! It was the “Video Relay System” which telecommunication companies must provide to deaf people and persons with vocal d... Read More

The continuation of the Equifax case or how the controls implemented in the context of an ISMS (ISO 27001) can help to prevent security incidents?

October 3rd, 2017, Equifax’s ex CEO, Rick Smith, had to explain to the American Congress how the private data of almost one out of two Americans could be hacked. Let us briefly recall the chronology of events (for more information, we invite you to read Adriana Lecerf’s complete article): March 9th, 2017: An Apache Struts flaw is detected. Less than a week after, the security patch is validated and planned, but the latter is not applied on all the servers. March 15th, 2017: a scan is carried o... Read More

The CAA becomes mandatory in the small SSL’s world

Or how to benefit from it to implement a certification strategy specific to your company? In January 2013, a new type of DNS Resource Record has appeared to improve the control chain in the SSL certificates issuing. This record, called CAA for Certificate Authority Authorization, allows to specify for a given domain name which Certification Authorities are authorized to issue certificates. It’s an extremely interesting creation, in particular for big companies and groups, which technical teams ... Read More