(Sep 4) An updated rubygems package that fixes two security issues is now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate [More…]
Comment
(Sep 3) Anton Kortunov reported a heap corruption in ImageMagick, a program collection and library for converting and manipulating image files. Crafted GIF files could cause ImageMagick to crash, potentially leading to arbitrary code execution. [More…]
When the African nation of Mali announced that it was going to provide free .ml domains from July, their goal was to put Mali back on the map. It appears they have now succeeded, but perhaps not in the way they had intended — thanks to the free domains, Mali now has the most phishy top-level domain of any country in the world.
Nearly 6% of the .ml domains in Netcraft’s survey are currently blocked for hosting phishing sites, making it by far the phishiest TLD. In comparison, the second most phishy TLD, .bt (Bhutan), has only 0.7% of its sites blocked for phishing.
.ml domains can be quickly and easily registered at Freenom, which is owned by the Netherlands-based Freedom Registry. Registrants are required to create an account with a valid email address, and a CAPTCHA is used to try and prevent automated registrations. Domains can be registered for between 1 and 12 months initially, with an unlimited number of renewals. Domains which contain more than 3 characters are free.
It is not surprising to see free domain names being used in phishing attacks, but some TLDs have managed to tackle such fraud with astounding efficacy. The .tk TLD was taken advantage of extensively by phishers in 2011, prompting its registrar, Dot TK (another subsidiary of Freedom Registry), to introduce an anti-abuse API to allow trusted partners to shut down sites that use the .tk ccTLD. This dramatically reduced the average uptime of phishing sites which used .tk domains, making it a less attractive platform for fraudsters. Indeed, .tk does not even appear within the top 50 phishiest TLDs today; however, considering .tk and .ml share the same owner, this makes it somewhat surprising to see .ml being so heavily abused already.
Despite the obvious appeal of a free and easily registered domain name when orchestrating a phishing attack, the phishiest TLDs are not always free, nor easy to register. Back in June, Morocco had the phishiest TLD (.ma), although it has since fallen to 12th place. As well as not being free, the administrative contact for an .ma domain must be established in Morocco; however, people living outside Morocco can still register an .ma domain through third parties.
Netcraft provides services to help protect domain registries, brand owners and hosting companies.
You can also protect yourself against the latest phishing attacks by installing Netcraft’s Anti-Phishing Extension and help protect the internet community by reporting potential phishing sites to Netcraft by email to [email protected] or at http://toolbar.netcraft.com/report_url
In the September 2013 survey we received responses from 739,032,236 sites, 22.2M more than last month.
nginx gained 7.4M hostnames this month, and the web server is now used by more than 15% of the web. Within the Million Busiest websites, however, nginx’s market share dipped slightly but remains just under 15%. Seeking to capitalise on nginx’s success (usage of nginx has almost doubled in the last two years), Nginx Inc. has launched nginx Plus, a commercial variant of the nginx web server. nginx Plus provides additional services not available in the open-source version including on-the-fly configuration which has drawn mixed feedback from the community.
Apache contributed most to this month’s growth, with a net gain of 9.7M hostnames; however, for the second consecutive month, Apache’s market share remains below 50%. Apache’s market share has been falling steadily since June 2012 (when it had a 64% share of the market) — despite its current downward trend, Apache is still the most commonly seen web server, its market share is greater than nginx, Microsoft, and Google combined. Microsoft, on the other hand, had the largest drop in hostnames this month, 2.4M, and lost market share across all sites and within the Million Busiest sites. Microsoft is getting closer to the official release of Windows Server 2012 R2 on the 18th October 2013. Even before the official release, IIS 8.5 is seemingly in use already — more than 300 sites reported using IIS/8.5 during this month’s survey.
At the end of August, ICANN signed 13 new generic top level domain (gTLD) agreements with a number of private organizations. The agreements define new gTLDs including .estate, .guru, .voyage, .holdings. These agreements follow the first set, published in July, that have been signed since ICANN decided to drop a number of restrictions on top level domain name registrations. Netcraft has not yet seen any domains within the four TLDs agreed in July (all of which use non-latin characters encoded using the punycode representation).
In a study published earlier in August by ICANN assessing dotless domain security and stability a number of key risks have been identified that ICANN will need to mitigate before dotless gTLDs (e.g. accessing http://com/ directly) can be safely implemented. This puts on hold Google’s intentions to run .search as a dotless domain (http://search). The .home and .corp gTLD applications are also on hold, and identified as high risk after a study was published addressing the consequences of name collisions.
| Developer | August 2013 | Percent | September 2013 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 336,622,050 | 46.96% | 346,288,706 | 46.86% | -0.10 |
| Microsoft | 163,098,703 | 22.75% | 160,691,763 | 21.74% | -1.01 |
| nginx | 104,311,568 | 14.55% | 111,680,078 | 15.11% | 0.56 |
| 30,550,914 | 4.26% | 34,806,502 | 4.71% | 0.45 |
| Developer | August 2013 | Percent | September 2013 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 100,900,152 | 53.62% | 99,354,736 | 52.30% | -1.32 |
| nginx | 20,786,590 | 11.05% | 24,426,727 | 12.86% | 1.81 |
| 20,833,163 | 11.07% | 22,527,229 | 11.86% | 0.79 | |
| Microsoft | 22,167,582 | 11.78% | 20,177,662 | 10.62% | -1.16 |
For more information see Active Sites
| Developer | August 2013 | Percent | September 2013 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 569,270 | 56.93% | 569,628 | 56.96% | 0.04 |
| nginx | 148,930 | 14.89% | 146,401 | 14.64% | -0.25 |
| Microsoft | 132,902 | 13.29% | 131,326 | 13.13% | -0.16 |
| 25,818 | 2.58% | 31,902 | 3.19% | 0.61 |
The following issues have been fixed:
[-] Administrators were unable connect to remote MySQL servers if their passwords contained the ampersand (“&”) symbol. (141662)
[-] Panel failed to back up subscriptions with additional vhost/ssl/nginx settings with XML-unescaped symbols (141708)
[-] (Linux only) Panel did not concatenate chained certificates bundles provided by Geotrust to the main certificate in the nginx configuration. (113865)
[-] Customers could not use the controls on the “File Sharing” tab if they set the preferred domain with the “www” prefix.
[-] (Linux only) Customers could not access the “File Sharing” tab after Panel was upgraded to version 11.5 if client.id for the administrator was not 1. (141589)
[-] File sharing did not work for domains with international domain names.
[-] (Linux only) PhpMyAdmin failed to export databases with the error “502 Bad Gateway” (141734)
[-] (Linux only) Some upgrade scripts failed if the client.id for administrator was not 1. (141589)