*************************************************** The domain name news is supported by auDA *************************************************** Big Changes At auDA < <http://www.domainer.com.au/big-changes-at-auda/> http://www.domainer.com.au/big-changes-at-auda/> What's Going On At auDA? < <http://www.domainer.com.au/whats-going-on-at-auda/> http://www.domainer.com.au/whats-going-on-at-auda/> Afilias set to get .hotel despite hacking claims < <http://domainincite.com/20877-afilias-set-to-get-hotel-despite-hacking-clai ms> http://domainincite.com/20877-afilias-set-to-get-hotel-despite-hacking-claim s> Cyber criminals target Australian businesses < <http://paidcontent.afr.com/liberty-international-underwriters/insurance/art icle/cyber-criminals-target-australian-businesses/> http://paidcontent.afr.com/liberty-international-underwriters/insurance/arti cle/cyber-criminals-target-australian-businesses/> NTIA Seeks Input as it Develops Initiatives to Increase IPv6 Adoption < <https://www.ntia.doc.gov/blog/2016/ntia-seeks-input-it-develops-initiatives -increase-ipv6-adoption> https://www.ntia.doc.gov/blog/2016/ntia-seeks-input-it-develops-initiatives- increase-ipv6-adoption> NamesCon confirms three more shows after being acquired < <http://domainincite.com/20880-namescon-confirms-three-more-shows-after-bein g-acquired> http://domainincite.com/20880-namescon-confirms-three-more-shows-after-being -acquired> au: Guest Post - Netfleet < <http://www.domainer.com.au/guest-post-netfleet/> http://www.domainer.com.au/guest-post-netfleet/> ********************** ICANN ********************** 15 Successful Candidates Have Been Selected for NextGen at ICANN57 15 individuals from various Universities in the Asian Pacific Region have been selected to participate with ICANN Community Members at the ICANN57 Meeting in Hyderabad India, 3-9 November 2016. < <https://www.icann.org/news/announcement-2016-08-19-en> https://www.icann.org/news/announcement-2016-08-19-en> LACTLD Comments on Two-Character ASCII Labels The LACTLD Board commented on a Public Comment Period at ICANN regarding Two-Character ASCII Labels. < <https://www.lactld.org/en/news/comentarios-de-lactld-sobre-etiquetas-ascii- de-2-caracteres/> https://www.lactld.org/en/news/comentarios-de-lactld-sobre-etiquetas-ascii-d e-2-caracteres/> Call for Public Comments on IANA IPR Agreements A call for public comments on the IANA IPR is now open. < <https://www.nro.net/news/call-for-public-comments-on-iana-ipr-agreements> https://www.nro.net/news/call-for-public-comments-on-iana-ipr-agreements> ********************** ccTLDs & gTLDs ********************** Big Changes At auDA Whilst there has been no official announcement from anyone at auDA, three of the previous Directors are no longer in "office". < <http://www.domainer.com.au/big-changes-at-auda/> http://www.domainer.com.au/big-changes-at-auda/> What's Going On At auDA? The latest Board Minutes from the auDA Board Meeting held on 20th June make for interesting reading. < <http://www.domainer.com.au/whats-going-on-at-auda/> http://www.domainer.com.au/whats-going-on-at-auda/> fTLD to make available single-character and certain two-letter names in .BANK and .INSURANCE. Previously reserved names in .BANK and .INSURANCE will become available on first-come, first-served basis subject to fTLD's Registrant Eligibility and Name Selection Policies. < <https://www.register.bank/august-16-2016/> https://www.register.bank/august-16-2016/> < <https://www.register.insurance/august-16-2016/> https://www.register.insurance/august-16-2016/> "Dave" becomes first .blog blogger Blogging pioneer Dave Winer has become the first person to start blogging at a .blog domain name. < <http://domainincite.com/20875-dave-becomes-first-blog-blogger> http://domainincite.com/20875-dave-becomes-first-blog-blogger> It's Time: Apply For Early Access to Your Own .blog Domain Name If you've been looking for the perfect address for your blog, it's about to get even easier. Millions of new .blog domain names (like yourname.blog) will be available this November - and starting today, you can apply to secure your own domain name. < <https://en.blog.wordpress.com/2016/08/18/its-time-apply-for-early-access-to -your-own-blog-domain-name/> https://en.blog.wordpress.com/2016/08/18/its-time-apply-for-early-access-to- your-own-blog-domain-name/> de: DNSSEC: New Hardware, New Key After five years of productive operation with DNSSEC and the preceding testbed, time had come to replace the cryptographic hardware (Hardware Security Module, HSM) used for signing the .de zone. < <https://www.denic.de/en/whats-new/news/article/dnssec-new-hardware-new-key/ > https://www.denic.de/en/whats-new/news/article/dnssec-new-hardware-new-key/> dk: The written consultation has ended Yesterday DIFO's written consultation on the fight against cypercrime ended. < <https://www.dk-hostmaster.dk/english/news/news-single/artikel/the-written-c onsultation-has-ended/> https://www.dk-hostmaster.dk/english/news/news-single/artikel/the-written-co nsultation-has-ended/> fi: New prices for domain names and other news The new prices of domain names will come into effect as the new operational model is introduced on 5 September 2016. Now is a good time to check that you have correctly registered yourself as a registrar and to go over how registrars can start managing domain names that have no registrar. < <https://domain.fi/info/en/index/fi_uudistuu/newsletter/2016/62016.html> https://domain.fi/info/en/index/fi_uudistuu/newsletter/2016/62016.html> One hundred .ie domains registered every day since January One hundred .ie domains were registered every day in the half-year period from 1 January to 30 June, a total of 18,179, according to our latest figures. < <https://www.iedr.ie/blog/one-hundred-ie-domains-registered-every-day-since- january/> https://www.iedr.ie/blog/one-hundred-ie-domains-registered-every-day-since-j anuary/> ********************** NEW TLDS ********************** Afilias set to get .hotel despite hacking claims Afilias is back on the path to becoming the registry for .hotel, after ICANN decided claims of hacking by a former employee of the applicant did not warrant a rejection. < <http://domainincite.com/20877-afilias-set-to-get-hotel-despite-hacking-clai ms> http://domainincite.com/20877-afilias-set-to-get-hotel-despite-hacking-claim s> Uniregistry to release over one million domains through registrar channel New TLD companies took a handful of approaches to premium domain names. Some, like Donuts, made almost all of their premium domain names available through the registrar channel at a premium. Others held back their premiums and listed them with marketplaces. < <http://domainnamewire.com/2016/08/19/uniregistry-release-one-million-domain s-registrar-channel/> http://domainnamewire.com/2016/08/19/uniregistry-release-one-million-domains -registrar-channel/> Neustar Using Their DotBrand For Registry Services Neustar have had their dotbrand, .neustar, for a while. At the moment it's not very visible, but that could be changing. < <http://www.internetnews.me/2016/08/15/neustar-using-dotbrand-registry-servi ces/> http://www.internetnews.me/2016/08/15/neustar-using-dotbrand-registry-servic es/> Weekly Launch Guide August 22, 2016 SPOTLIGHT: The sunrise phase of dot(.)blog has started and will require additional defensive consideration by brand owners for various reasons. Please note: Two character and Three character domain names will be available during the Sunrise phase. < <https://www.cscdigitalbrand.services/blog/weekly-launch-guide-june-2016-cop y-copy-copy-copy-copy-copy-copy-copy-copy-copy/> https://www.cscdigitalbrand.services/blog/weekly-launch-guide-june-2016-copy -copy-copy-copy-copy-copy-copy-copy-copy-copy/> ********************** DNS SECURITY ********************** Unsecured DNSSEC Easily Weaponized, Researchers Warn Researchers this week described how a DNSSEC-based flood attack could easily knock a website offline and allow for the insertion of malware or exfiltration of sensitive data. < <https://threatpost.com/unsecured-dnssec-easily-weaponized-researchers-warn/ 119969/> https://threatpost.com/unsecured-dnssec-easily-weaponized-researchers-warn/1 19969/> DNSSEC abusable for massive DDoS amplification attacks Research by information services provider Neustar shows that a security feature for the domain name system to combat hijacking can be subverted and used to amplify denial of service attacks. < <http://www.itnews.com.au/news/dnssec-abusable-for-massive-ddos-amplificatio n-attacks-434243> http://www.itnews.com.au/news/dnssec-abusable-for-massive-ddos-amplification -attacks-434243> Typosquatting: Easy Attack Vector That Produces Results Every week here at SurfWatch Labs our team of threat analysts write about new vulnerabilities, malware developments and cyber-attacks. One attack vector that is not mentioned very frequently but can be a significant threat for organizations and consumers alike is a technique called typosquatting. < <https://blog.surfwatchlabs.com/2016/08/17/typosquatting-easy-attack-vector- that-produces-results/> https://blog.surfwatchlabs.com/2016/08/17/typosquatting-easy-attack-vector-t hat-produces-results/> Poorly configured DNSSEC servers at root of DDoS attacks Administrators who have configured their domains to use DNSSEC: Good job! But congratulations may be premature if the domain hasn't been correctly set up. Attackers can abuse improperly configured DNSSEC domains to launch denial-of-service attacks. < <http://www.infoworld.com/article/3109581/security/poorly-configured-dnssec- servers-at-root-of-ddos-attacks.html> http://www.infoworld.com/article/3109581/security/poorly-configured-dnssec-s ervers-at-root-of-ddos-attacks.html> Massive Email Bombs Target .Gov Addresses Over the weekend, unknown assailants launched a massive cyber attack aimed at flooding targeted dot-gov (.gov) email inboxes with subscription requests to thousands of email lists. According to experts, the attack - designed to render the targeted inboxes useless for a period of time - was successful largely thanks to the staggering number of email newsletters that don't take the basic step of validating new signup requests. < <http://krebsonsecurity.com/2016/08/massive-email-bombs-target-gov-addresses /> http://krebsonsecurity.com/2016/08/massive-email-bombs-target-gov-addresses/ > Cyber Security's New World Order Researchers this week revealed the discovery of computer malware so sophisticated that it managed to hide undetected within enterprise and government computers for five years. < <http://www.forbes.com/sites/jonmarkman/2016/08/18/cyber-securitys-new-world -order/> http://www.forbes.com/sites/jonmarkman/2016/08/18/cyber-securitys-new-world- order/> Getting Real About Rio: Physical Security is Not the Only Security to Worry About ... Unfortunately, health and safety concerns are not the only risks to worry about in Rio. Major sporting events are a prime target for cybercrime due to the worldwide attention and visibility. In 2008 the Chinese Olympics were subject to around 12 million attacks online per day and in 2012 London faced a total of 156 million security-related events, six of which were major cyber-attacks. With the LizardStresser botnet being recently deployed to target financial institutions, government organizations and ISPs in Brazil, attackers have already exposed identified vulnerabilities in critical areas. < <https://www.arbornetworks.com/blog/insight/getting-real-rio-physical-securi ty-not-security-worry/> https://www.arbornetworks.com/blog/insight/getting-real-rio-physical-securit y-not-security-worry/> OWASP TOP 10: Unvalidated Redirects and Forwards (#10) The tenth and final vulnerability on the list are Unvalidated Redirects and Forwards. This category of vulnerabilities is also known as Open Redirect and occurs when an attacker is able to redirect a user to an untrusted site when the user visits a link located on a trusted website. < <https://blog.detectify.com/2016/08/15/owasp-top-10-unvalidated-redirects-an d-forwards-10/> https://blog.detectify.com/2016/08/15/owasp-top-10-unvalidated-redirects-and -forwards-10/> Webinar: Getting Your Arms Around Cybersecurity Sometimes the problem isn't too little insight into security; it may be too much information about potential security risks. Everyone has heard stories of companies breached, not because they had too little security data, but because the volume of security events and threat data made it difficult to discern what was important. < <https://community.infoblox.com/t5/Company-Blog/Getting-Your-Arms-Around-Cyb ersecurity/ba-p/7385> https://community.infoblox.com/t5/Company-Blog/Getting-Your-Arms-Around-Cybe rsecurity/ba-p/7385> Operation Ghoul: a New Actor Hunts for Industrial and Engineering Organizations Using Off-the-Shelf Malware The Kaspersky Lab Global Research and Analysis Team has discovered new wave of targeted attacks against the industrial and engineering sectors in multiple countries around the world. Using spear-phishing emails and malware based on commercial spyware kit, criminals hunt for valuable business related data stored in their victims' networks. In total over 130 organizations from 30 countries, including Spain, Pakistan, United Arab Emirates, India, Egypt, United Kingdom, Germany, Saudi Arabia and other countries were successfully attacked by this group. < <http://www.kaspersky.com/about/news/virus/2016/Operation-Ghoul> http://www.kaspersky.com/about/news/virus/2016/Operation-Ghoul> The real cost of the IT security talent shortage: 200 per cent premium on recovery costs Large businesses that struggle to attract sufficiently skilled IT security experts end up paying up to three times more to recover from a cybersecurity incident. < <http://newsroom.kaspersky.eu/en/texts/detail/article/the-real-cost-of-the-i t-security-talent-shortage-200-per-cent-premium-on-recovery-costs/> http://newsroom.kaspersky.eu/en/texts/detail/article/the-real-cost-of-the-it -security-talent-shortage-200-per-cent-premium-on-recovery-costs/> Does Your Cyber Threat Intelligence Tell a Story? I began at SurfWatch Labs several years ago with one primary directive: be a story teller. Cybercrime impacts everyone, I was told, yet many business owners, executives and employees know next to nothing about cybersecurity. < <https://blog.surfwatchlabs.com/2016/08/20/does-your-cyber-threat-intelligen ce-tell-a-story/> https://blog.surfwatchlabs.com/2016/08/20/does-your-cyber-threat-intelligenc e-tell-a-story/> Cyber criminals target Australian businesses Cyberattacks by international criminal gangs against Australian companies have surged over the past 12 months and the consequences of a security breach are growing more severe. < <http://paidcontent.afr.com/liberty-international-underwriters/insurance/art icle/cyber-criminals-target-australian-businesses/> http://paidcontent.afr.com/liberty-international-underwriters/insurance/arti cle/cyber-criminals-target-australian-businesses/> ********************** DOMAIN DISPUTES & SEIZURES ********************** The Impact of Reverse Domain Name Hijacking on Supplemental Filings in UDRP Cases by Doug Isenberg In another blog post, I wrote about the sometimes confusing circumstances in which domain name dispute panelists will consider supplemental, or additional, filings from the parties (in addition to a complaint and response) in cases under the UDRP. < <http://www.gigalaw.com/2016/08/17/impact-reverse-domain-name-hijacking-supp lemental-filings-udrp-cases/> http://www.gigalaw.com/2016/08/17/impact-reverse-domain-name-hijacking-suppl emental-filings-udrp-cases/> Websites associated with the Olympic Games are unsafe New research from NetNames released today has shown that 89% of websites currently offering travel services, such as tickets and hotel rooms, or live online streams, for the 2016 Rio Olympic Games are not registered to the official Rio 2016 Olympic and Paralympic body, the International Olympic Committee. < <https://bdaily.co.uk/business-in-sport/27-07-2016/websites-associated-with- the-olympic-games-are-unsafe/> https://bdaily.co.uk/business-in-sport/27-07-2016/websites-associated-with-t he-olympic-games-are-unsafe/> Protect your brand and reputation online Many global brands constantly fight against counterfeiting and have endured damages caused by people both purchasing and selling fake goods online. As such MarkMonitor's Simon Whitehouse advises bosses on how to protect their brands and reputations online. ... Another element of protecting a brand online is for businesses to maximise the value of their domain portfolios in light of the developments in the Internet name space. < <http://realbusiness.co.uk/article/34315-protect-your-brand-and-reputation-o nline> http://realbusiness.co.uk/article/34315-protect-your-brand-and-reputation-on line> ********************** REGISTRAR & WEBHOSTING ********************** ccTLDs: Expand Your Brand Internationally Selecting a domain can be an overwhelming process, especially for those of us who struggle with the simple decision of what to eat for lunch. If you're thinking of expanding internationally, you have a different choice to make- which ccTLDs should you go with? < <https://www.101domain.com/blog/uncategorized/country-code-top-level-domains -cctlds-key-expanding-brand-online> https://www.101domain.com/blog/uncategorized/country-code-top-level-domains- cctlds-key-expanding-brand-online> How to Buy a Domain Name That's Already Registered Just because a domain name is already registered doesn't mean you can't buy it. Many people offer their own domains for sale, and often it's cheaper than you might expect. < <https://blog.namecheap.com/buying-registered-domain-names/> https://blog.namecheap.com/buying-registered-domain-names/> Namecheap lands on Inc. 5000 with $76 million in revenue Domain name registrar Namecheap made the 2016 Inc. 5000 list, coming in at #2,944 with 117% three-year growth. < <http://domainnamewire.com/2016/08/18/namecheap-lands-inc-5000-76-million-re venue/> http://domainnamewire.com/2016/08/18/namecheap-lands-inc-5000-76-million-rev enue/> ********************** IPv4/IPv6 ********************** NTIA Seeks Input as it Develops Initiatives to Increase IPv6 Adoption We are on the verge of an explosion in the number of Internet-connected devices, from smartwatches to connected refrigerators, furniture and thermostats. Some experts predict that there will be as many as 200 billion connected devices around the world by 2020, or about 25 devices per person. < <https://www.ntia.doc.gov/blog/2016/ntia-seeks-input-it-develops-initiatives -increase-ipv6-adoption> https://www.ntia.doc.gov/blog/2016/ntia-seeks-input-it-develops-initiatives- increase-ipv6-adoption> Incentives, Benefits, Costs, and Challenges to IPv6 Implementation NTIA is seeking input to guide NTIA in future IPv6 promotional activities. Through this Notice, NTIA invites adopters and implementers of IPv6 as well as any other interested stakeholders to share information on the benefits, costs, and challenges they have experienced, as well as any insight into additional incentives that could aid future adoption, implementation, and support of IPv6. < <https://www.ntia.doc.gov/federal-register-notice/2016/incentives-benefits-c osts-and-challenges-ipv6-implementation-0> https://www.ntia.doc.gov/federal-register-notice/2016/incentives-benefits-co sts-and-challenges-ipv6-implementation-0> Forum discussion delivers context on IPv6 in the Asia Pacific At the recent Asia Pacific Internet Governance Forum (APrIGF) held in Taipei, Taiwan, I organized a session on IPv6 in the Asia Pacific region. < <http://blog.apnic.net/2016/08/19/forum-discussion-delivers-context-ipv6-asi a-pacific/> http://blog.apnic.net/2016/08/19/forum-discussion-delivers-context-ipv6-asia -pacific/> IPv6 Performance - Revisited Every so often I hear the claim that some service or other has deliberately chosen not to support IPv6, and the reason cited is not because of some technical issue, or some cost or business issue, but simply because the service operator is of the view that IPv6 offers an inferior level service as compared to IPv4, and by offering the service over IPv6 they would be exposing their clients to an inferior level of performance of the service. But is this really the case? < <http://www.potaroo.net/ispcol/2016-07/ietf96.html> http://www.potaroo.net/ispcol/2016-07/ietf96.html> ********************** MISCELLANEOUS ********************** NamesCon acquired by WorldHostingDays World Hosting Days, a conference for the webhosting industry, has acquired the domain name industry's flagship conference NamesCon. < <http://domainnamewire.com/2016/08/19/namescon-acquired-worldhostingdays/> http://domainnamewire.com/2016/08/19/namescon-acquired-worldhostingdays/> NamesCon confirms three more shows after being acquired NamesCon says it has booked the venue for three more years of domain name conferences, following its acquisition this week. < <http://domainincite.com/20880-namescon-confirms-three-more-shows-after-bein g-acquired> http://domainincite.com/20880-namescon-confirms-three-more-shows-after-being -acquired> A new Trademark King? Domainers need to watch out. A number of companies owned my Michael Gleissner are filing questionable trademark applications, including ones that match domain names he doesn't own. < <http://domainnamewire.com/2016/08/19/new-trademark-king-domainers-need-watc h/> http://domainnamewire.com/2016/08/19/new-trademark-king-domainers-need-watch /> Knitting together things to things on the Internet by Monika Ermert Eight working groups of the IETF are covering aspects of the Internet of things, full time or partly. And as if that wasn't enough, a ninth one will be addressing issues in Low-Power Wide-Area Networks. < <https://www.centr.org/news/blog/knitting-together-things-to-things-on-the-i nternet.html> https://www.centr.org/news/blog/knitting-together-things-to-things-on-the-in ternet.html> DNA University Fireside Chat: Healthy Domains Initiative Learn more about the Healthy Domain Initiative through this edition of the DNA Fireside Chat. The HDI was founded to further the healthy development and evolution of the Domain Name Industry and the domain name technical space. < <http://www.thedna.org/dna-university-fireside-chat-healthy-domains-initiati ve/> http://www.thedna.org/dna-university-fireside-chat-healthy-domains-initiativ e/> Reflections from APrIGF 2016, Taipei Last month, I attended the 2016 Asia Pacific Internet Governance Forum (APrIGF) in Taipei, Taiwan. It is a forum for discussions on Internet governance issues from the Asia Pacific regional perspective. < <https://blog.apnic.net/2016/08/19/reflections-aprigf-2016-taipei/> https://blog.apnic.net/2016/08/19/reflections-aprigf-2016-taipei/> ********************** DOMAINING & AFTERMARKET ********************** au: Guest Post - Netfleet Today we have a guest post from the recently appointed Business Manager at Netfleet - Nikki Scholes. Back in July, we announced her appointment here. At that time, we invited Nikki to do a guest post about her vision and objectives for Netfleet. She has now obliged. < <http://www.domainer.com.au/guest-post-netfleet/> http://www.domainer.com.au/guest-post-netfleet/> "Domain For Sale" Landing Pages - what do you use and why? It's a topic that is ever-evolving and one that I've changed my go-to solution on a number of times over the years. < <http://morganlinton.com/domain-for-sale-landing-pages-what-do-you-use-and-w hy/> http://morganlinton.com/domain-for-sale-landing-pages-what-do-you-use-and-wh y/> Trio of 6-Figure Sales - Two of Them New gTLDs - Top This Week's Domain Sales Chart Two of the past week's four biggest domain sales were 3-letter .coms. No surprise there because that popular category always attracts serious money. The other two however, including the week's biggest sale, came from the new gTLD category that, at this early stage, still has a limited aftermarket track record. < <http://dnjournal.com/archive/domainsales/2016/20160817.htm> http://dnjournal.com/archive/domainsales/2016/20160817.htm> ********************************* CHILD PROTECTION & ONLINE SAFETY ********************************* Porn sharing site targeting Aussie schoolgirls taken down THE website of an international pornography ring targeting female students at more than 70 Australian schools has been taken down thanks to the bravery of an underage girl who appeared on the sick forum. < <http://www.news.com.au/lifestyle/real-life/news-life/porn-sharing-site-targ eting-aussie-schoolgirls-taken-down/news-story/ff7ff0b163d0311fcae6c5d8ebbdc ef8> http://www.news.com.au/lifestyle/real-life/news-life/porn-sharing-site-targe ting-aussie-schoolgirls-taken-down/news-story/ff7ff0b163d0311fcae6c5d8ebbdce f8> au: Parent says school blamed female students for explicit images posted online by others A parent of a student at Kambrya College, a state school in Melbourne's south-east, says she was "mortified" by the way the school responded to victims of a website that carried sexually explicit images of underage female school students. < <https://www.theguardian.com/technology/2016/aug/19/explicit-website-that-ta rgeted-australian-schoolgirls-shut-down> https://www.theguardian.com/technology/2016/aug/19/explicit-website-that-tar geted-australian-schoolgirls-shut-down> ********************** MISCELLANEOUS ********************** au: Compelling case for online dispute resolution Introducing technological innovation into justice systems around the world has been a slow march, but the internet of things and the growth of mobile technology are driving legal service providers to step up and respond in ways that digital natives expect, according to an expert in online dispute resolution. < <http://www.lawyersweekly.com.au/news/19358-compelling-case-for-online-dispu te-resolution> http://www.lawyersweekly.com.au/news/19358-compelling-case-for-online-disput e-resolution> ------ David Goldstein email: <mailto:david at goldsteinreport.com> david at goldsteinreport.com web: <http://goldsteinreport.com/> http://goldsteinreport.com/ Twitter: <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.cynosure.com.au/mailman/private/dns/attachments/20160822/cda00568/attachment-0001.html>Received on Sun Aug 21 2016 - 14:03:12 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:12 UTC