The .CY registry announces the registration of first level .cy domain names, i.e.domainname.cy
The owners of second level registered domain names, can also apply for the same domain names with a first level extension .CY.
Please note that the 2019 Decree does not provide for commitment on any domain names and thus, all requests will be examined on First Come First Served basis.
To submit a request, don’t hesitate to contact our customer support.
With over 5 million mobile applications available today on the major apps stores like Google Play and App Store, over 2 000 new applications uploaded every day and almost 2 billion applications downloaded in France in 2018, mobile apps have rapidly grown over the last 10 years to become an essential element of the digital world.
According to a research done by FEVAD, the revenue from mobile commerce is estimated to 22 billion euros in France in 2018, i.e. ¼ of online sales. Thus, mobile applications represent a fast growing market.
Studies have shown that 68% of consumers identified as loyal to a specific brand have downloaded that brand’s app. Conversely, statistics indicate that 40% of users will go to a competitor after a bad mobile experience. Companies have then quickly come to realize that ensuring that their customers have a high quality and secured mobile experience when downloading and using their branded applications is the key to consumer loyalty.
As brands’ mobile applications have grown in popularity with consumers, the number of fake mobile applications being released into the market by malicious actors has also exploded. Fake mobile apps can be dangerous because they are associated with fraud attacks, and have become a growing threat to consumers. Indeed, they have increased by 191% from 2018 to 2019. The McAfee Mobile Threats report indicates that almost 65 000 new fake apps were detected in December 2018.
Despite the precautions taken by most major apps platforms to mitigate the number of malicious applications uploaded on their platform, cybercriminals continue to find ways to bypass these security measures.
A recent example, the fake Samsung app which has tricked 10 million Android users. This app named “Updates for Samsung” promises firmware updates, but in reality is not affiliated to Samsung. Once downloaded, the app proposes ads first and foremost. To download an update, the user must pay a fee of $34.99. However, this operation is completely free of charge since the firmware update is directly accessible from the smartphone’s settings.
Given the importance and omnipresence of mobile applications, it is absolutely essential for companies to incorporate into their brand protection and security strategies, a mobile application protection and a monitoring implementation of mobile apps present on the market.
Every second, a malicious application is active and poses a threat to brands and consumers. To face this, Nameshield proposes an online monitoring of mobile apps present on the applications stores, allowing to identify the ones that might be infringing your brands and assists you in the actions to implement.
For more information about our monitoring solution, don’t hesitate to contact your Nameshield’s consultant.
The general availability of .MADRID, the geographical extension of Madrid, the capital city of Spain is near. Managed by the Comunidad de Madrid registry, this extension was launched last April following the calendar below:
Some requirements must be respected to register a .MADRID domain name. A .MADRID name’s registration is reserved to individuals or legal entities possessing a link with the Madrid Community:
The date of the general availability planned for December 17 2019, is approaching, if you wish more information on your .MADRID registration, don’t hesitate to contact your Nameshield’s consultant.
Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS.
The Efficient IP’s Global DNS threat annual report shows a constant growth of the DNS attacks’ number and the financial impacts, with an average financial loss of 1.2 million euros in 2019. This amount was estimated at 513 000€ in 2017 and 806 000€ in 2018.
If all the industries are affected by cyberattacks, 82% of the companies surveyed have been affected and 63% have suffered a traffic disruption, the financial industry pays a more important price with 88% of impact. Conducted with 900 persons from nine countries of North America, Europe and Asia, the study indicates that financial companies suffered 10 attacks in average during the 12 last months, i.e. an increase of 37% compared to last year.
The increase of the costs is only one of the DNS attacks’ consequences for the financial services industry. The most common impacts are the cloud services’ downtime, experienced by 45% of financial organizations, and internal applications downtime (68%). Furthermore, 47% of financial companies have been the victims of frauds by phishing attacks aiming the DNS.
The survey clearly shows the insufficient security measures implemented for the DNS securing. The delay in applying security patches is a major problem for the organizations of this industry. In 2018, 72% of the interviewed companies admitted that a 3 days’ delay was necessary to implement a security patch in their systems, 3 days during which they are exposed to attacks.
Only 65% of the financial institutions use or plan to integrate a trusted DNS architecture, they seem to be always late and not to be sufficiently aware of the risks associated to this central point of their infrastructure. The evolution of the threats on the DNS is constant, the attacks are many and complex. It is essential to quickly react to better protect yourself.
Industry, trade, media, telecom, health, education, government, service… many others sectors are affected by the attacks. Some solutions exist. ANSSI publishes every year the guide of good practices regarding the DNS resilience, which details many recommendations in order to be protected. Relying on an Anycast network; possessing a protection system against DDoS attacks; having a monitoring of DNS traffic and a team able to take action quickly; possessing an efficient security policy … As many measures essential to the resilience and efficiency of the DNS network against these damaging attacks in terms of financial and image impact.
Hoping to see at last better figures in the 2020 report.
During the first half of November, the 66th ICANN Summit was held in Montreal, Canada. This third and final annual summit devoted to policies applicable to Internet naming was eagerly awaited as the topics under discussion are numerous. At its closing, however, it left many participants a little bit disappointed.
The weekend before the official opening of the Summit is usually an opportunity to get an overview of the topics and postures involved. Not surprisingly, the expedited Policy Development Process (ePDP) which aims to develop a consensus rule to specify future conditions of access to personal data that are no longer published in the WHOIS, the domain name search directory, due to GDPR, is one of the major topics.
Among other related topics, the replacement of the same WHOIS by the RDAP (Registration Data Access Protocol) probably next year for generic domain names. This replacement is not insignificant when we know that WHOIS has been in use for nearly 35 years.
The body representing governments, the GAC, has weighed up the issue of domain name abuse, which has taken off considerably on the new generic extensions launched in 2012. When we know the rise of Internet practices aimed at weighing on elections in certain countries and the economic impact of computer attacks and hacking, we understand that this subject is being pushed by the GAC. While one of ICANN’s topics is to clarify in their texts the notion of malicious uses, this term refers to domains registered for phishing, malware, botnets and spam, the other part concerns the means to stem them. The existence of abusive domains indeed threatens the DNS infrastructure, impacts consumer safety and threatens the critical assets of public and commercial entities. Finally, and not surprisingly, the subject of a future round of new generic extensions has also been on many lips.
During the traditional opening ceremony, which brings together all the guests for one hour (2500 according to Goran Marby, ICANN CEO) in a huge room to listen to various speakers, including Martin Aubé of the Quebec Government’s Ministry of Economy and Innovation, Cherine Chalaby, one of the ICANN Board members whose term ends at the end of the year, told his audience that ICANN66 would be the “Best ICANN summit”. It must be said, however, that at the end of the week of debates and meetings, which followed one another at a sustained pace, while the subjects under discussion are really numerous, the feeling regarding this assertion was more than mixed for many participants.
First, the expeditious process for access to WHOIS non-public data is progressing with a framework constrained by ICANN and the Personal Data Protection Authorities. The outcome of this process is envisaged between April and June 2020 and it is currently a centralized model where ICANN would allow the future lifting of anonymity of data that are now masked due to GDPR which holds the line.
Then the subject that was probably most often mentioned during this new summit week concerned abuses with domain names. For ICANN, the subject is central because it is directly correlated to its totem: the stability of the Internet for which they are the responsible. Since February 2019, ICANN has been publishing some metrics on malicious practices identified through DAAR, their Domain Abuse Activity Reporting.
Their latest report presented in Montreal shows that 364 extensions (mainly new generic extensions from the 2012 round) revealed at least one threat posed by one of the domain names activated on these extensions. More worryingly, new generic extensions would still account for nearly 40% of malicious uses, compared to 60% for historical generic extensions. This figure should be highlighted with the volume of these two categories of extensions. Indeed, out of just over 200 million generic names, new generic domains represent only 15% of the total number of registered names. ICANN therefore wants this subject to be taken up by the entire community present in Montreal.
Proposals were made by the various bodies present, some of which went so far as to request a policy development process (PDP). This last proposal, if it were to obtain ICANN’s approval, would have the unfortunate consequence of postponing the hypothetical schedule for a next round of new extensions, a subject that interested many of the guests present in Montreal. Indeed, for ICANN, the problem of the concentration of malicious practices in the new generic extensions must be solved before any future round, so that the PDP still in progress on the review of the last round of 2012 has gone almost unnoticed.
If the rules are slow to evolve on malicious uses, your Nameshield consultant can already provide you with adapted solutions to your needs on this key matter.
Just one year ago, in the context of the first Paris Peace Forum, the French President, Emmanuel Macron, launched the Paris Call for trust and security in cyberspace. This call is a political declaration aiming to express a mobilization on the stability in the cyberspace and strengthens the efforts of the international community and many actors involved in the digital security issues. This text reminds some principles that we think are fundamental, like the application of the international rights and the Human rights in the cyberspace. It also highlights the need of a multi actors’ approach, to create standards which will allow us to fully benefit, i.e. in a reliable and secure way, from opportunities provided by the digital revolution.
Lastly, the Paris Call promotes the strengthening of the digital products and services’ security that we use for example, in our daily lives. The text aims in that sense, to prevent cyberattacks perpetrated by malicious actors, which threaten all the users of the cyberspace.
Aware that our Society’s development, on the economic, cultural and democratic fronts, requires a strengthened trust of the information that flows through the Internet, Nameshield, which has worked for 25 years to protect the digital identity of its clients; companies, local collectivities and administrations through the use of their domain names, wished to join this initiative and sign the Paris Call.
Its job consists in ensuring the integrity and resilience of the identity of individuals and organizations on the Internet, represented today by the domain name. By highly protecting data on domain name identity cards (Whois) and by providing a high availability and high performance service through the associated Domain Name System (DNS), Nameshield contributes to a large extent to the second principle of the Paris Call: Protecting the Internet. To prevent activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet.
Cornerstone of the Web, the Domain Name System (DNS) serves as the Internet directory. This protocol translates a domain name into an IP address, based on a database distributed on thousands of machines. If the DNS falls because of data corruption or a denial of service attack, all your websites and emails would become inaccessible, which is completely unthinkable nowadays! The DNS must be protected and must stay highly available.
Protocol created in the 1980’s, security flaws regarding the usual functioning of the DNS have been identified since its creation. That is why, a new secured protocol, DNSSEC, has thus been developed to ensure the authenticity of the exchanges through a certified signature. Other solutions can complete the resilience of your identity on the Internet: the registry lock, SSL certificates…
The security solutions proposed by Nameshield, an independent French company that stores its data in France and possesses its own anycast and resilient DNS infrastructure, certified ISO 27001 on all its domain names activity, are compliant with the ANSSI recommendations on the good practices regarding the domain names’ acquisition and exploitation.
In the context of the 2nd Paris Peace Forum, the Ministry of Foreign Affairs wished to illustrate the second principle of the Paris Call: Protect the Internet by highlighting the services proposed by Nameshield. The company is proud to be able to collaborate, at its level, with the actors implicated in digital security issues in order to make the Internet more reliable and thus contribute to the security of the cyberspace.
During a rebranding for marketing purposes, in the context of a merger or an acquisition for example, a company can change its website’s domain name.
At the search engines’ level, it is all the pages that change, as if this was a brand new website. Therefore, how not to lose the work done on the SEO and make a successful transition, in particular if the website is old?
In the case of a rather old website with an optimal referencing on the existing domain name, transferring a website on a new name can ruin the time-consuming work that is the SEO. If the decrease of the traffic from organic search is normal (and temporary), some advises can help lessen the downturn, at least during the transition period.
The first tip is to completely keep the website’s architecture, so that only the domain name changes in the URL.
Then, permanent redirections (301 redirections) must be created from each pages of the former website towards the corresponding page of the new website. Do not implement multiple redirections.
This process must be closely monitored to ensure that each 301 redirection is effective. The search engines will know that it’s not necessary to index the former name anymore but it’s the new one that must be indexed now. To ensure this, it is necessary to check that none of the former pages is accessible through the former domain name.
Google uses parameters linked to confidence indicators in its algorithm, thus to trusted websites, deemed as such by the search engine (indicators like the age of the website, the transparency of the legal notices, the ratio links number/words number per page, the links number pointing from other websites to this one, the extensions like .edu, .gov, the institutional websites, media websites, etc.) Hence, it can be interesting to quickly obtain the links from this kind of trusted websites at the time of the migration.
Along the same lines, reviewing your backlinks and requesting to the websites that refer to your website to update these links, so they link towards the new name, is an advantage. Of course, if you have many backlinks, concentrate on the more important backlinks regarding the referencing.
Lastly, it’s possible to directly inform Google of the changing through Google Search Console, the search engine will then update its index.
By submitting a sitemap file for the new website to the search engines, you will gain time in referencing by immediately giving to the engines the pages to index.
Make sure that the new domain name has the same proprietary information on its whois as the former domain name. Google may check these data.
Do note that on Bing you will need an average of 2 months to get your referencing back, and about 6 to 7 months on Google.
![[New gTLD] Launch of .NEW by Google](https://blog.nameshield.com/wp-content/uploads/2019/12/Sortie-du-.new-Google.jpg)
Following the launch of .APP, .PAGE, and .DEV among others, Google (Charleston Road Registry), launches the new extension .NEW in Sunrise period as of October 15, 2019.
If these conditions are not respected, the registry will consider the registration as non-compliant with the registration policy. In this case, the name will be placed on hold. The registrant will then be notified to correct and apply these conditions, if no action is taken, the domain will be blocked then deleted.
For more information on the conditions for registration of your .NEW, don’t hesitate to contact us.
Last October 15, Kaspersky, the antivirus software company, published an edifying report about the volume of cyberattacks directly aiming connected objects.
Although the industry expected that this new generation of objects would be directly targeted by cyberattacks, the increase in the cyberattacks number is alarming and lets easily imagine the security flaws that the connected objects present.
According to the estimation presented by Kaspersky, between the beginning of 2018 until mid-2019, the attacks would have reached the record of 105 million, i.e. nine times more than the previous year as a whole.
In order to conduct this research, Kaspersky used the trap technique by deploying more than 50 honeypots across the world. A Honeypot is a program that imitates the connected objects’ signature specifically created to attract cybercriminals. It was then possible to detect attacks from pirates that fell into the trap set for them. According to Kaspersky, during this experience, more than 20 000 sessions would have been infected every 15 minutes. 105 million attacks from 276 000 unique IP addresses have then been detected (compared to 12 million in 2018).
Furthermore, the report indicates that both in 2018 and 2019, China and Brazil are vying for the top position of the countries that served as the origin of the attacks launched.
The main malwares that use the security flaws of connected objects are well known (Mirai for example) and identified.
While we are aware that IoT is a privileged playground for pirates, the first security measures are far from being systematically applied. It’s essential for example to change the password installed by default for each connected devices’ purchase. For reminder, although technologies of cyber malice are indeed more and more sophisticated, the first gateway for pirates remains the users’ lack of vigilance.
As of October 19, 2019, internationally-based EU citizens can now register .EU or .ею domain names.
The .EU is the country code top level domain for the European Union. More than 3.6 million registrations spread out across Europe make this TLD a popular extension. Initially, this extension is only reserved to companies and individuals residing within EU and EEA member states. However in order to meet the needs of an ever-changing digital environment, EURid, the .EU registry, changes this eligibility criteria to extend it to all EU citizens living around the world.
“We are excited to be able to extend the registration criteria to EU citizens around the world. The .eu domain is now closer to your ambitions, achievements and dreams. It is the bridge connecting you to your friends and family – even if you live outside the EU. It will always show your roots, your outlook, and your cultural values.” – Marc van Wesemael, EURid`s CEO.
For more information on the conditions for registration of your .EU, don’t hesitate to contact us.
![[New gTLD] Launch of .NEW by Google](https://blog.nameshield.com/wp-content/uploads/2019/12/Sortie-du-.new-Google-1200x743.jpg)
