Domain at the highest level of the DNS hierarchy
POPULARITY
Google introduced its new Ad Strength Best Practices Guide which got hosts Kristine Schachinger and Jim Hedger to pine for the days when the SEO world used cool names like "Ad Strength" to describe stuff. Google has again been declared a monopoly by yet another US court while, just to keep up, a UK based class action over Google's search dominance has been approved. It wasn't a great week for Google legally. It wasn't a great week technically either as a bug continues to exclude the first image in many Product Snippet image carousels. A Financial Times interview with Google head of search Elizabeth Reid suggests Google is getting strong user feedback about AIO results and is looking for new ways to connect originating websites with information in AIO results. We go on to discuss censorship in social media, particularly at Facebook and TwiXter. Bing Answer Snippets is starting to self-reference back to its own search results. Google says structured data does not make your site rank better, again. Google also noted that international search TLDs (ie: Google.ca, Google.co.uk. Google.fr, etc...) will be phased out in 2026 though localization will continue to play a factor in certain result sets. All this and a lot more in a fast paced newsy sort of edition.Support this podcast at — https://redcircle.com/webcology/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
Chapters 00:00 Introduction to Unstoppable's Domainer Q&A03:03 DomainGaffer's Journey into Domaining05:32 Building with Bolt.new: A Creative Approach08:29 The Value of Building Domains vs. Flipping11:22 Emerging Tools and Technologies in Domain Development14:15 The Golden Age of Domain Investing17:21 Lessons Learned in Domain Investing19:49 Understanding Renewal Fees and TLDs22:52 Using Expired Domains for Investment Opportunities33:32 Analyzing Domain Names: The Data Perspective40:13 The Shift Towards Alternative TLDs44:28 Finding Value in Domain Names48:26 Acquisition Strategies for Domains53:55 Leveraging AI in Domain Investing58:12 First Sales and Lessons Learned01:04:21 Closing Thoughts on Domain Investing
Welcome to the Security box, podcast 228 for the last week of February. With 28 days in February, this will be the last podcast of the month. I can't believe it! On this podcast we're going to cover news, notes, the landscape and thanks to the Pennsylvania">https://patf.us/">Pennsylvania Assistive Technology Foundation we're bringing you a webinar that you're going to get something out of that talks about identity theft. We'll also talk about domains. Yes, we're seeing ones that were talked about in the past in new twists, so we better rehash this topic and talk about how you can stay safe. If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.
Dinis Guarda citiesabc openbusinesscouncil Thought Leadership Interviews
Harrison Seletsky is the Director of Business Development at SPACE ID, a platform that helps users register and use Web3 domain names across all EVM-compatible chains. His work focuses on advancing decentralised identity solutions and positioning SPACE ID as a leader in the Web3 space.Harrison worked as the Growth and Strategy Lead at NFTrade, a leading NFT platform. He also gained experience in cryptocurrency and blockchain investments at Emerging Star Capital and worked in finance at Prager Metis CPAs, LLC. Harrison studied at Penn State University, earning a degree in Accounting and a Minor in Entrepreneurship. Harrison is also a blockchain and Web3 innovation speaker at events like NFT NYC 2022 and 2023, sharing his vision for the future of decentralised technologies.To read more about Harrison Seletsky, please visit https://businessabc.net/wiki/harrison-seletskyHarrison Seletsky Interview Questions00:00-2:16 Introduction 2:17- 5:07 Harrison's background7:04- 10:16 SPACE ID: Humanizing Crypto Wallets7:04- 10:16 Web3 IDs: Simplifying Access and Usability10:17- 14:11 Secured Crypto Transactions with SPACE ID14:12- 20:22 Unified Web3 Identity for Easy Access20:23- 23:51 SPACE ID Partners with Metamask23:52- 29:16 Web3 and Traditional Finance29:17- 32:01 SPACE ID Token32:02- 35:51 SPACE ID's Vision35:52- 38:08 Driving Web3 Growth with SDK and API Integration38:09- 43:34 Advancing Web3 Adoption43:35 -48:05 Web3 Gaming: Unified IDs and Monetization48:06- 50:05 2025 Vision: Revolutionising Digital Identity50:06- 51:05 ClosureAbout SPACE IDSPACE ID, established in 2022 and based in Singapore, provides a universal name service network that connects people, assets, and decentralised applications (dApps) across blockchains. It serves as an online marketplace for domain name investments, enabling users to search, register, trade, and manage domain names across all top-level domains (TLDs) and name services. The company's goal is to simplify interactions in the Web3 space by bridging blockchains with a unified name service.The SPACE ID ecosystem includes innovative tools like the Web3 Name SDK, which supports domains such as .eth, .bnb, and .arb, making asset transfers across Ethereum Virtual Machine (EVM) chains straightforward. Its SPACE ID 3.0 platform helps communities launch their top-level domains (TLDs) with ready-to-use tools, domain marketplaces, and management APIs.To read more about SPACE ID, visit- https://businessabc.net/wiki/space-idUseful Links and Resourceshttps://www.linkedin.com/in/harrison-seletsky?originalSubdomain=ilhttps://coinmarketcap.com/academy/author/harrison-seletskyhttps://space.id/About citiesabc.comhttps://www.citiesabc.com/ About businessabc.nethttps://www.businessabc.net/About fashionabc.orghttps://www.fashionabc.org/ About Dinis Guardahttps://www.dinisguarda.com/https://businessabc.net/wiki/dinis-guardaSupport the show
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
In this episode of the Defensive Security Podcast, we discuss the anticipated rise of Mac malware, the economic implications of new top-level domains (TLDs) for phishing, innovative phishing techniques using corrupt documents, and the risks associated with open-source software. We also explore the concept of risk homeostasis in cybersecurity, examining how users' perceptions of security … Continue reading Defensive Security Podcast Episode 288 →
In this week's episode, the hosts discuss the potential discontinuation of .io domains, the historical and geopolitical nuances of TLDs like .tv and .io, and the complexities of managing and pricing domain names.Follow the show and be sure to join the discussion on Discord! Our website is workingcode.dev and we're @WorkingCodePod on Twitter and Instagram. New episodes drop weekly on Wednesday.And, if you're feeling the love, support us on Patreon.With audio editing and engineering by ZCross Media.Full show notes and transcript here.
Seth (@sethlaw) and Ken (@cktricky) are back this week with some hot takes on the recent cancellation of OWASP's San Francisco Developer Days that were running alongside Global AppSec San Francisco. OWASP has struggled to engage the development community over the years and this is no surprise for anyone in AppSec/ProdSec. This is followed by review of the ALBeast (why do all vulnerabilities have to be branded?) and how our past selves were correct in identifying dangerous TLDs as being exploitable.
Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week's major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT worker gets caught in the act. My conversation with Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast.” Researchers wonder if proving you're human proves profitable for Google. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast," talking about what to expect on Bluehat on the N2K media network. You can catch the podcast every other Wednesday. Their latest episode launching today can be found here. Selected Reading A Hacker ‘Ghost' Network Is Quietly Spreading Malware on GitHub (WIRED) CrowdStrike blames test software for taking down 8.5 million Windows machines (The Verge) BreachForums v1 database leak is an OPSEC test for hackers (Bleeping Computer) Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication (Dark Reading) Schneider Regional Medical Center hit by ransomware attack (Beyond Machines) New phishing report names and shames TLDs, registrars (The Verge) FTC Issues Orders to Eight Companies Seeking Information on Surveillance Pricing (FTC) Meta bans 63,000 accounts belonging to Nigeria's sextortionist Yahoo Boys (The Record) How a North Korean Fake IT Worker Tried to Infiltrate Us (KnowBe4) Forget security – Google's reCAPTCHA v2 is exploiting users for profit (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
XYZ founder discusses his company's evolution. New top level domains have been out for a decade now. One of the most interesting top level domain companies is XYZ. It's known for .xyz, but now operates a total of 35 domain extensions. On today's show, XYZ founder Daniel Negari reflects on the past ten years, his […] Post link: Daniel Negari reflects on 10 years of new TLDs – DNW Podcast #490 © DomainNameWire.com 2024. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.
Fred Hsu discusses some of his company's plans for new top level domains tied to web3 communities. It's been just six months since I had Fred Hsu, co-founder of D3, on the podcast. The company has made many announcements since then, and it's becoming clear that it will be one of the more significant portfolio […] Post link: .Ape in to new TLDs – DNW Podcast #480 © DomainNameWire.com 2024. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.
Wes shares the story of how the Taliban stole his .af domain. Scott and Wes discuss top-level domain (TLD) best practices, how to find unique custom domain names for your website, and how to avoid having yours stolen. Show Notes 00:00 Welcome to Syntax! 00:16 Brought to you by Sentry.io 01:11 The story of how the Taliban stole my domain. 05:10 When you purchase a domain, does that country receive the registration fee? Country Code Top-Level Domain Infrastructure Top-Level Domain Generic Top-Level Domain Sponsored Top-Level Domain 07:29 Notion lost their .so domain. Notion 09:18 .ai domain names. 09:53 Other popular TLD options. tolin.ski wes.io 12:05 What are the best TLDs? 13:18 iwantmyname Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott:X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads
This episode contains: We're recording just after Valentine's Day. Sorry, we didn't get you anything, EXCEPT FOR THIS PODCAST! Ben was a bit disappointed in Valentine's Day this year... he's also working on "not wasting his midlife crisis." He chats about layoffs and opportunities and productivity, but Steven thinks that perhaps Ben's having a midlife revelation. Ben's reading The 4-Hour Workweek by Timothy Ferris. Steven and Devon have been managing democracy in HELLDIVERS 2. Devon doesn't know how to define video games, or perhaps he knows too much how to define video games. HELLDIVERS is pretty much the video game equivalent of Starship Troopers, with all the satire involved. Steven also really enjoyed Blue Eyed Samurai on Netflix. Not science fiction, but it's worth your time. Guess what? Ben's dental company had a major data breach. It's time to freeze your credit FOR FREE at the following addresses to to avoid ID theft: https://www.equifax.com/personal/credit-report-services/credit-freeze/ https://service.transunion.com/dss/login.page https://www.experian.com/freeze/center.html Unless you're planning on taking out a new credit card or buying anything in the next few days, you should freeze your credit. If they are asking you for money, you're in the wrong place. It took Ben 15 minutes to do it, big thanks to password managers. Ben is now the Credit Score Fairy. This Week on the Internet: Not all TLDs are Created Equal. In light of the recent cancellation of the queer.af domain registration by the Taliban, the fragile and difficult nature of country-code top-level domains (ccTLDs) has once again been comprehensively demonstrated. When the United Kingdom decided to leave the European Union, it fell foul of the EU's rules for the registration of domains under the “eu” ccTLD. To register (and maintain) a domain name ending in .eu, you have to be a resident of the EU. When the UK ceased to be part of the EU, residents of the UK were no longer EU residents, and lost their .eu domain names. Also, after Russia invaded Ukraine in February 2022, the Ukranian Vice Prime Minister asked ICANN to suspend ccTLDs associated with Russia. While ICANN said that it wasn't going to do that (they should change their name to ICANT), because it wouldn't do anything useful, some domain registrars (the companies you pay to register domain names) ceased to deal in Russian ccTLDs, and some websites restricted links to domains with Russian ccTLDs. Generic TLDs (gTLDs) like .com, .net, .gov and other really cool new gTLDs like .rocks, .ninja, and .supplies are far better to register. https://www.hezmatt.org/~mpalmer/blog/2024/02/13/not-all-tlds-are-created-equal.html This Week in Space: Tiny moon of Saturn holds young ocean beneath icy shell. Saturn's moon Mimas harbors a global ocean beneath its icy shell, discovered through analysis of its orbit by Cassini spacecraft data. This ocean formed just 5-15 million years ago, making Mimas a prime candidate for studying early ocean formation and potential for life. This discovery suggests life-essential conditions might exist on seemingly inactive moons, expanding our search for life beyond Earth. Guess where else we've discovered oceans? Devon says "Earth." Ben knows he got that info from SeaQuest DSV. Saturns rings may have always been there for us, but what have they done for us lately? https://www.sciencedaily.com/releases/2024/02/240207120512.htm Patreon-only mid-pod: Ben has changed his note taking game, using Obsidian. Steven has rewatched Deadpool and Deadpool 2. Will X-Men 97 be terrible or radical? Science Fiction Book Club: This week we're doing a spoiler-filled review of the novella Emergency Skin by N.K. Jemisin. An explorer returns to gather information from a climate-ravaged Earth that his ancestors, and others among the planet's finest, fled centuries ago. The mission comes with a warning: a graveyard world awaits him. But so do those left behind—hopeless and unbeautiful wastes of humanity who should have died out eons ago. After all this time, there's no telling how they've devolved. Steel yourself, soldier. Get in. Get out. And try not to stare. https://www.goodreads.com/book/show/49669410-emergency-skin TLDR: Ben and Steven loved it, but Devon was a little lukewarm and wished it was longer and more nuanced. Next week in the Science Fiction Book Club we'll discuss Randomize by Andy Weir. Get it for free if you have Amazon Prime and be informed for next week's discussion: https://www.amazon.com/Randomize-Forward-collection-Andy-Weir-ebook/dp/B07VDJBKNJ
In this episode of the WP Minute podcast, host Matt discusses various WordPress news and topics.He starts by highlighting a WordPress.com initiative to encourage people to transfer their domain registration from Google Domains to WordPress.com. Matt also talks about a joint effort by open source projects, including WordPress, to raise concerns about the proposed Cyber Resilience Act in the European Union.He mentions an article about the new WordPress editor, Gutenberg, and concludes by remembering and honoring two individuals who made significant contributions to the WordPress community. Matt encourages listeners to subscribe to the podcast and mentions available sponsorships.WordPress.com offers to pay domain transfer fees for the first millionWordPress.com is offering to cover the transfer fee for the first million domains that move from Google to WordPress.com. This also extends the domain registration for an additional year.WordPress.com commits to matching or even lowering the renewal price that users were paying with Google Domains. This applies to over 400 top-level domains (TLDs) they offer. They also promise to keep domain prices low, only raising them if their wholesale costs increase.WordPress.com has been a domain name provider for over a decade and is committed to the open and inclusive web. They aim to support users' ability to truly own their content and identity on the web. Users don't need a site or hosting plan to manage their domains with WordPress.com.LinkWordPress, Drupal, Typo3, and Joomla join forcesOpen Source Matters, Inc. (Joomla), Typo3, WordPress, and the Drupal Association have issued a joint letter to the legislators of the European Union raising concerns about the proposed Cyber Resilience Act. This is a significant move as these four organizations collectively serve over 50% of the European websites.The organizations argue that the proposed regulation could undermine effective software practices due to its ban on “unfinished software”. They also express concern that the expansive definition of “commercial activity” could deter the contributions of many developers to open source software.The groups see this as an opportunity to explain the unique role that Free and Open Source Software (FOSS) plays in the software that underpins much of the web and to develop a model for how regulation should be applied to it. They also aim to educate legislators and policy-makers about the shared values that open source communities have with the European Union.LinkThis project is moving hella fastThe author expresses their love for Gutenberg, the block editor for WordPress, but also highlights its rapid pace of development. They note that this speed can sometimes leave developers behind, especially due to the shift from PHP to JavaScript (JS).The author discusses the challenges of debugging Gutenberg, particularly when encountering errors. They note that unlike PHP, where errors are logged in a file, JS errors are logged in the browser console. This shift in error handling can be confusing for developers used to PHP.The author criticizes the lack of proper documentation for Gutenberg, particularly when it comes to resolving specific errors. They argue that the current documentation is inadequate and that developers often have to search through GitHub issues to find solutions to their problems. They believe this is one of the reasons why some developers have negative feelings towards Gutenberg.LinkRemember those that have passedWordPress dedicates this page to the memory of those we've lost. They've shaped our project and enriched our community. As we remember their passion and commitment to WordPress and open source software, we celebrate their spirit.Forever in our hearts, their legacy endures through every line of code and every user they've impacted.LinkFrom the grab bag!Here are some other interesting links from the week.https://www.underrepresentedintech.com/webinars/sponsor/https://wptavern.com/classicpress-community-considers-re-forking-woocommerce-for-classic-commerce-v2https://jonathanbossenger.com/2023/07/28/the-state-of-wordpress-developer-tools-survey-results/https://us.wordcamp.org/2023/schedule/ ★ Support this podcast ★
Episode 171 contains the notable Digital Marketing News and Updates from the week of July 24-28, 2023.1. Google and Microsoft Ad Revenue Up: What Does This Mean for Marketers? - Google and Microsoft both reported strong earnings for Q2 2023, with ad revenue growth outpacing overall revenue growth. Google's ad revenue was up 3.3% year-over-year (revenue increased by $1.85 billion from the previous year, while YouTube ad revenue was $7.67 billion, up from $7.34 billion in 2022), while Microsoft's ad revenue was up 8%. Google's ad revenue growth was driven by growth in Search and YouTube. Microsoft's ad revenue growth was driven by growth in Bing and LinkedIn. LinkedIn's overall revenue increased by $197 million, driven by stronger interest in its Talent Solutions recruitment offerings. But LinkedIn saw a decline in overall ad spend in the most recent period, though Microsoft also reduced its overall marketing spend to offset this. On another front, LinkedIn is also still reporting that it has 202M+ users in United States.Based on LinkedIn's reports from earlier this year, is that the platform has seen A 22% increase in views of updates in the main feed year-over-year A 25% increase in public conversations in the app YoY Newsletter creation increased 10X in 2022 What you really need to know, however, is who of your target audience is active in the app, and for that, you can use LinkedIn's Audience insights, and/or your company page analytics, to glean more info on your specific active audience. Taking into account that LinkedIn is seeing ‘record levels' of engagement, these types of data notes can help to inform your strategy, and reach the people that are engaging with your business.2. Meta's Ad Revenue Up 12% In Q2 - Meta's ad revenue increased by 12% in the second quarter of 2023 compared to the year-earlier period, surpassing expectations.Advertising revenue for Q2 2023 was $31.5 billion compared to $28.2 billion in the same period in 2022. This success helped drive total Meta revenue to grow 11% year-on-year from $28.8 billion in Q2 2022 to $32 billion in Q2 2023.Meta's Q2 2023 performance also showed impressive growth in user engagement. Facebook's daily active user count increased by 5% to reach 2.06 billion. The number of monthly active users was 3.03 billion, up 3% year-on-year. The “family of apps” category, which includes Instagram and WhatsApp, saw a 7% year-over-year rise in daily active users, totalling 3.07 billion. The number of monthly active users in this category also increased by 6% to 3.88 billion. This is the first time that Meta has achieved double-digit growth since the fourth quarter of 2021, with much of its strong performance driven by growth in ad revenue. This sends a clear message that digital advertising is bouncing back after it took a setback due to the economic downturn. Now, forecasters are predicting increased ad spend for later on in the year, which will create more opportunities for marketers.3. Google: DSA And GDA Advertisers Should Upgrade To Performance Max - Google announced two voluntary upgrades to Performance Max for Dynamic Search (DSA) and Google Display (GDA) advertisers. The AI-driven platform optimizes performance across channels by allowing users to customize their inputs, making it more responsive to individual business needs. Advertisers have seen an average increase of 15% – 20% in conversions after upgrading to a unified campaign strategy.One of the recent enhancements in Performance Max prevents your campaign from serving ads on traffic related to certain brands. This would offer more control over search results. Advertisers can now specify landing page URLs or exclude certain URLs at the campaign level, offering greater customization via brand settings.Performance Max customizes your entire Search ad to match consumer intent better using automatically created assets. These automatic assets will soon appear in the asset reporting table, giving users more control. Performance Max also simplifies the implementation of audience strategies through goals directly integrated into the campaign, like new customer acquisition. Google plans to add re-engagement goals in Performance Max later this year to help retain existing customers. Instead of manually managing complex user lists and exclusions, Google will automatically distinguish between new and existing customers.Although voluntary, the self-upgrade process is highly recommended to start with Performance Max for DSA and GDA campaigns. Advertisers who choose to upgrade can use best practices offered by Google to ensure new Performance Max campaigns are set up for success.4. TikTok Text Posts: A New Way to Express Yourself - TikTok has announced a new feature called "Text Posts" that allows users to share text-only content on the platform. Text Posts can be up to 1000 characters long and can include images, stickers, and hashtags.The introduction of Text Posts is a significant development for TikTok, as it allows users to share more creative and expressive content on the platform. Text Posts could also be valuable for businesses as they present a new avenue for content creation and customer engagement on TikTok.5. Google Merchant Center Adds Customer Support: What You Need to Know - Google Merchant Center is a free service that allows businesses to manage their product listings on Google Shopping. Google has launched a new customer support feature on Merchant Center. The new tool enables retailers to input their customer support information and returns policy. Merchant Center is then able to share these details with shoppers without them ever having to leave the program.Google explained the importance of providing customer service information via a statement issued on Merchant Center: "Customer service is important for your business and your customers because it allows you to help customers solve any issues with your product or service. "It also helps you build trust with your customers. So it's important that your customers know how they can reach you for support." Here's how Google said retailers can add their customer support information: Log into Merchant Center. Once on the Home page, navigate to the Add customer support info card. Select Add info. Input the following customer support information: Customer service telephone number Customer service email address Customer service web page URL (i.e. link to a customer service form) Select the “Live chat support available” toggle if your business supports this Select the “Chat bot support available” toggle if your business supports this After providing the relevant information, select your preferred contact method. Once these steps are complete, scroll down to the bottom of the page and click ‘Save'. 6. Google Cracks Down on Automated and AI-Generated Reviews - On August 28, 2023, the “Product Ratings policies” will be updated.. The updated Product Ratings policies addresses the issue of automated and AI-generated content in reviews. The new policies state that reviews that are primarily generated by an automated program or AI application should be flagged as spam using the attribute.The rules clearly state not to submit reviews that stem from conflicts of interest or contain inauthentic remarks. This includes reviews paid for, employee-written, or composed by individuals with a vested interest in the product.This is to ensure that users see genuine and helpful reviews when they are making purchasing decisions. To ensure compliance, Google combines automated and human evaluation methods. Machine-learning algorithms will support this effort while specially trained experts deal with more complex cases requiring context. Actions against violations can range from disapproving violating content or reviews, issuing warnings, or suspending accounts for repeated or severe offenses.You can read the updated product ratings policy here.Businesses can now use a new tool called the "Review Spam Report" to submit spam reviews to Google for review.7. Google Expands Site Names Support for Subdomains: Improve Your Visibility in Search - Google has expanded support for site names on subdomains through the alternateName property, allowing websites to display their preferred site name in search results. This is a significant improvement for websites with multiple subdomains, as it can help them to improve their visibility in search results.Previously, Google would only display the main domain name in search results, even if a website had a preferred site name for a subdomain. This meant that websites with multiple subdomains could be difficult to find in search results, as users would have to know the exact subdomain to visit the website.With the expanded support for site names on subdomains, Google will now display the preferred site name for a subdomain in search results if it is configured correctly. This will make it easier for users to find websites with multiple subdomains, and it could lead to an increase in traffic for these websites.As a reminder, the best way to indicate a preferred site name to Google is to make use of WebSite structured data, as explained in their site name documentation.Find out more in the blog post and in their documentation.8. Are .AI Domains Good for SEO? - There are two kinds of domain names. There are gTLD and ccTLD. A gTLD is a Generic Top Level Domain. These kinds of domains are not associated with any country and can be used worldwide. Typical gTLDs are .com, .net, .org, .biz, .xyz and so on. A ccTLD is a TLD (top level domain) that is associated with a specific country. Google uses ccTLDs to localize the websites that use them with the countries those TLDs are associated with. The .in TLD helps Google to determine which country that domain name is relevant to. This aligns with how people of the world generally expect the Internet to work..AI domains are country-code top-level domains (ccTLDs) that are associated with the island of Anguilla. However, they are also becoming increasingly popular for use by businesses and organizations around the world. In the July 2023 Google SEO Office hours session, Google's Gary Illyes answered the question about whether there was a downside to using the .AI domain since it's associated with the Caribbean island of Anguilla. “As of early June, 2023, we treat .ai as a gTLD in Google Search, so yeah, you can use it for your global presence””Gary's answer calls attention to the importance of verifying if a domain extension chosen for a website is treated as a ccTLD or a gTLD because that could make a difference in the website ability to rank worldwide.There are a few reasons why .AI domains may be a good choice for SEO. First, they are relatively short and easy to remember, which can make them more likely to be typed into search engines. Second, they are associated with the concept of artificial intelligence, which is a growing field of interest.However, it is important to note that .AI domains do not have any inherent SEO benefits. Whether or not they help your website rank in search results will depend on a number of other factors, such as the quality of your content and the number of backlinks you have.Google publishes the list of ccTLDs that are treated by Google as generic top level domains. The list shows that ccTLDs like .eu and .asia are treated like gTLDs. Other international domains that are treated like gTLDs are .ad, .co, .fm, .tv and of course .ai.9. Google's John Mueller: Programmatic SEO is Spam - Google's John Mueller has called out "programmatic SEO" as a form of spam. This type of SEO involves creating large numbers of low-quality landing pages that are designed to rank for specific keywords.Mueller said that programmatic SEO is often used to target "hyper-specific" keywords, such as "songs about dogs" or "maps of schools." These keywords are often not very competitive, so it is easy to rank for them with low-quality content.Mueller warned that programmatic SEO can lead to penalties from Google. He said that Google is "trying to get rid of this stuff" and that it is "not something that we want to see in the search results."
This week, we noticed that many, but not all, of the Google rank tracking tools were cooling, but then later this week, the SEO chatter heated up. Google Merchant Center says AI-generated reviews are spam. John, Gary...
Informationssicherheit einfach verstehen - Cyber Security und Sicherheit im digitalen Raum
Heute geht's um die neuen Top Level Domains von Google. Was macht sie gefährlich? Klingt doch eigentlich ganz harmlos und sinnvoll. Aus Perspektive der Informationssicherheit gibt es hier allerdings gleich mehrere Gründe, warum du im alltäglichen Umgang mit diesen TLDs besonders wachsam sein solltest. Mit Sicherheit wirst du in der nächsten Zeit mit neuen Domain-Endungen konfrontiert werden. Ich erkläre dir in dieser Episode deshalb mit anschaulichen Beispielen, wie dein Vertrauen im Handumdrehen ausgenutzt werden kann und dein Unternehmen Opfer von Schadsoftware und Hacking-Angriffen werden kann - und das allein wegen einer winzigen neuen TLD. Denn: Der Teufel steckt im Detail. Wie du dich trotz dieser Sicherheitsrisiken nicht komplett gegen neue Entwicklungen dieser Art verschließen musst, dafür habe ich natürlich auch ein paar Ansätze für dich. LINKS: [Mr. D0X's Blog](https://mrd0x.com/) [Meine Website](https://www.paul-stengel.de) [Kontaktiere mich bei LinkedIn](https://www.linkedin.com/in/paul-g-stengel-771947216/) DIR GEFÄLLT WAS DU HÖRST? Dann hinterlasse mir bitte eine 5-Sterne-Bewertung auf Apple Podcasts, eine Rezension und abonniere den Podcast. Vielen Dank für deine Unterstützung! Hier bei Apple Podcasts bewerten und abonnieren: https://podcasts.apple.com/de/podcast/informationssicherheit-einfach-verstehen-cyber-security/id1694694337 Dieser Podcast wird produziert von Podcastliebe, deiner Full Service Podcast Agentur. Mehr dazu: https://podcastliebe.net
Episode 170 contains the notable Digital Marketing News and Updates from the week of July 17-21, 2023.1. Sell Directly on TikTok with WooCommerce - WooCommerce and TikTok have partnered to allow WooCommerce merchants in the United States to sell directly on TikTok. This new program, currently in beta, gives store owners access to an audience of over 150 million, 61% of which engage in ecommerce behavior.To participate in the program, merchants must have a WooCommerce store in the United States and be approved by TikTok. Once approved, merchants can create a TikTok Shop and start selling their products.TikTok Shops offer a number of features that can help merchants sell more products, including: The ability to create product catalogs and tags The ability to run product ads The ability to track sales and performance The WooCommerce and TikTok partnership is a great opportunity for merchants to reach a new audience and grow their businesses.2. TikTok Launches Ads Transparency Library: See Who's Advertising What - TikTok has launched a new Ads Transparency Library (Commercial Content Library), which provides users with more information about the ads they see on the platform. The library includes information such as the advertiser, the target audience, and the creative used in the ad.The Ads Transparency Library is a welcome addition to TikTok, as it gives users more control over the ads they see. It also helps to increase transparency and accountability for advertisers.Having access to this data can give marketers a better understanding of campaign performance and the TikTok algorithm. This key information will help reveal what creatives work, what ideas don't work and more. Having this data at hand will enable marketers to make more informed decisions, potentially maximizing reach and ROI.Access to TikTok's Commercial Content Library is available to everyone globally. However, only data from Europe is available. TikTok said that its team is already working on ways to include advertising data from more countries, such as the U.S., in the future. But a date for this release is yet to be confirmed.Read TikTok's official blog post to find out more about its ads transparency library.3. Meta : How to Integrate Your Brand with Threads - Social media app Threads, Meta's new Twitter alternative, has seen a nearly 70% decline in the number of daily active users since its July 7 peak, according to market intelligence firm Sensor Tower, spoiling their explosive launch just two weeks ago and paling in comparison to Twitter. Now Meta is providing guidance to brands on how to integrate with Threads, its ephemeral messaging app for teenagers. The guidance includes tips on how to create "epic entrances," engage followers, and run challenges or contests.Meta suggests that brands make a grand entrance on Threads by combining images, memes, and open-ended questions to announce their arrival. They should also engage followers by creating interactive content, such as polls or quizzes. Additionally, brands can run challenges or contests to encourage users to create and share content on Threads.The guidance also emphasizes the importance of using puns and talking about Threads in order to promote the app. Finally, Meta suggests that brands explore Threads' existing tools, such as stickers and GIFs, to create engaging content.4. 30 New Ecommerce Metrics in GA4: Get More Insights into Your Shopping Performance - Google Analytics 4 (GA4) has just announced an expansion of its ecommerce measurement capabilities, adding 30 new dimensions and metrics. These new metrics provide more granular data on items, promotions, and shopping behavior, making it easier for marketers to track and analyze their ecommerce performance.Some of the new metrics include: Item Name: The name of the product that was purchased. Brand: The brand of the product that was purchased. Category: The category of the product that was purchased. Promotion Name: The name of the promotion that was used to purchase the product. Checkout Step: The step in the checkout process where the purchase was made. Gross item revenue (The total revenue from items only, excluding tax and shipping) Gross purchase revenue (The total revenue from purchases made on your website or app) Refund amount (The total amount from refunds given on your website or app) These new metrics can be used to answer questions such as: What are the most popular products? What brands are performing well? What promotions are driving sales? Which checkout steps are causing the most abandonment? The addition of these new metrics is a significant boost for ecommerce marketers, providing them with more data to track and analyze their performance. These changes to GA4 make it easier to see meaningful ecommerce data. Marketers will no longer have to build custom reports to access key revenue metrics.5. Google Updates Misrepresentation Policy: What You Need to Know - Google has updated its Misrepresentation policy with detailed information on how marketers can build trust. The document advises what steps and precautions brands should take to make sure their products and offers are eligible to be served in Search.The updated policy includes new requirements for brands to provide clear and transparent information about their products and offers. This includes information about the product's availability, pricing, and shipping. Brands are also required to provide accurate and up-to-date information about their reviews and testimonials. For each issue specified, Google provided specific instructions that brands should follow: Business Identity Ensure that the official business name is provided and that there is consistency across the registered business name and domain name. Make sure a brand's website features an ‘About Us' page as this establishes authenticity and helps customers to understand their unique journey. Link out to the brand's social media profiles from the website so that customers can follow those accounts should they so wish. Transparency Make sure website content and messaging is completely clear and include details regarding shipping, returns and privacy policies. Ensure honesty and transparency about the brand's business model and how the company operates. Online reputation Display honest reviews and testimonials about a brand's products and services to help customers understand how to use them. Feature any badges or seals of approval from official third-party sources. Clearly display how customers can get in touch. Be sure to tell customers if the brand publishes a blog post. Make sure customers know if the brand was mentioned in a third-party article. Professional design Make sure that the brand's website has an SSL certificate to reassure customers that their sensitive data is stored securely. The brand's website should be easy to navigate and shouldn't contain any unnecessary redirects or redirects to broken links. Try to avoid placeholders where possible as this gives Google and the customer the impression that the website is still under construction and not yet ready for SERPs. Google explained that there are several steps brands can take to help it to understand their business faster and more accurately: Create and verify a Google Business Profile. Share up-to-date information in the Merchant Center under the Business information settings. Link relevant third-party platforms to Merchant Center. Follow Google's SEO guidelines to ensure a strong customer experience is provided. Opt into the Google Customer Reviews or other third-party review services to improve eligibility for seller ratings. Match product data in the product feed with your website to make sure that customers are seeing the same information across both platforms. Google is also taking steps to crack down on misrepresentation in the Merchant Center. Merchants who violate the policy may have their products removed from Google Search and Shopping results.Read Google's “Building Trust with your Customers” guide for more information on its Misrepresentation policy.6. Avoid Spam Risks with Your Domain Name - Google advises against choosing cheap top-level domains (TLDs), such as .xyz or .club, due to the increased risk of spam. These domains are often used by spammers because they are inexpensive and easy to register.Google's Search Relations Team (John Mueller, Gary Illyes, and Martin Splitt) in the Jul 20, 2023 podcast episode recommended that website owners choose TLDs that are well-known and reputable. They also suggest considering branding and marketing factors, not just SEO, when choosing a TLD.Google's Search Relations team debunked the misconception that having a TLD matching your keywords provides an inherent SEO advantage. When Splitt asked if owning a domain like fantastic.coffee could offer any SEO benefits for a coffee shop, Illyes responded with a definitive “No.”For more on website domain best practices, check out the full episode of Google's podcast.P.S: I covered this is Episode 163. Now Google is talking about the same issue. 7. Your Domain Name Matters: Don't Forget the Branding - Another update from the latest episode of Google's Search Off The Record podcast. Google's John Mueller has advised that domain name selection should prioritize long-term branding over keyword-centric SEO strategies. Keywords in domain names do not impact Google search rankings, but they can influence user behavior. Therefore, it is more important to choose a domain name that is memorable and easy to type, even if it does not contain any keywords.Here are some additional tips from Mueller for choosing a domain name: Choose a domain name that is easy to pronounce and remember. Avoid using hyphens or numbers in your domain name. Keep your domain name short and concise. Make sure your domain name is available in all relevant top-level domains (TLDs). 8. 301 vs. 404: Which is Better for SEO? - When a web page is deleted or moved, it can be redirected to a new page using a 301 or 404 status code. Google's Gary Illyes answers the question about which status code is "less harmful" A 301 redirect tells search engines that the page has been permanently moved to a new location, while a 404 error code tells search engines that the page cannot be found.So, which is better: 301 or 404? Google's Gary Illyes answers the question about which status code is "less harmful" in July's SEO Office hour.Per Illyes, it actually depends on a case by case basis thought 301 redirects are generally considered to be better for SEO than 404 error codes. If the page is missing because two sites were merged, a publisher can 301 redirect old or outdated pages to the new pages that are similar in topic.However, there are some cases where a 404 error code may be preferable. For example, if a page has been deleted because it was spam or malicious, a 404 error code will prevent search engines from indexing the page.9. Good Page Experience is Not Enough for SEO - Google's John Mueller recently clarified that having a good page experience is not a silver bullet for SEO. In other words, having a website that loads quickly, is mobile-friendly, and has no errors will not necessarily improve your search rankings if your content is not high-quality or relevant to the user's search intent.Mueller's comments are a reminder that SEO is a complex process that involves a variety of factors. While page experience is an important factor, it is not the only one. If you want to improve your search rankings, you need to focus on creating high-quality content that is relevant to your target audience.10. Google Doesn't Favor AI-Generated Content - Google's Search Liaison, Danny Sullivan, has clarified that Google does not give any special ranking boost to AI-generated content. In fact, he says that "lots of AI content on the web that doesn't rank well and hence isn't well received" by Google Search.Sullivan's comments come after a recent article in Vox Media claimed that AI content is "currently well-received by search engines." However, Sullivan says that this is not the case, and that Google's search algorithms are designed to rank content based on its helpfulness and quality, not on how it was produced.This means that AI-generated content can still rank well in Google Search, but only if it is actually helpful and informative. If it is not, it is likely to be ignored by Google's algorithms.11. Should You Match Google's Rewritten Titles? - Google often rewrites the titles of pages in the search results, most of the time removing the site name from the title. That seem to indicate to them that maybe Google sees the site name as redundant and perhaps they should just drop the site name from the title tag altogether. This can be for a variety of reasons, such as to make the titles more concise, to make them more relevant to the user's search intent, or to avoid duplicate titles.There is no consensus on whether or not it is a good idea to match the titles of your pages to the titles that Google rewrites. Some people believe that it is important to match the titles in order to improve your click-through rate (CTR). Others believe that it is not important to match the titles, and that you should focus on creating high-quality content that will attract users to your site.Google's John Muller offered his recommendations on this topic by writing: “I would not assume that a rewritten version is better (for SEO or for users), and I'd recommend keeping your site name in there — because it makes it easier to confirm a site name that we show above the title. Also, it's a well-known pattern, so I wouldn't change it just for Google.”The World Wide Web Consortium (W3C) says that the purpose of the title element is to define what the webpage (referred to as a document) is about. And Google largely follows those standards.Google's official title element recommendations (on Google Search Central) for title tags echoes what the W3C recommends in a little more detail. Google advises that title elements should be descriptive and concise. The title elements should not be vague. Lastly, Google recommends concisely branding the title. That means using the site name is fine but repeating a marketing slogan across the entire site is not necessarily concise.Why does Google rewrite titles? Years ago many SEO sites recommended adding keywords in the title tag instead of recommending to describe what the page is about. Eventually Google figured out that people were stuffing keywords in the title tag. Obviously, if the keyword is relevant to what the document is about then put the keyword in there if you want. Another reason Google rewrites titles is because the description of the entire page is not appropriate. For example, Google often ranks a webpage for what is essentially a subtopic of the main topic of the webpage. This happens when Google ranks a webpage for a phrase that is in the middle of the document.So should you match Google's title rewrite? In my opinion it is not a good idea because Google might be ranking the page for a subtopic. If you want a reality check about the title element, give ChatGPT a try by inputting the text of the document and asking it to summarize it in ten words. Then again be careful because ChatGPT can spit out incorrect information.
We decided to have a web navigation extravaganza this week! Guilherme Venere and Jaeson Schultz from Talos Outreach have both long been researching the ways in which bad actors try to damage users' inherent trust in the internet. Most internet users interact with the web by typing in a URL or domain name into their web browser (i.e., google.com) expecting that will take them to the right place. But attackers have found various ways to mess with that series of handshakes that must take place. Guilherme and Jaeson talk to Jon about their past years of research into typosquatting domains, new TLDs that open up the door to data leaks, DNS manipulation and more. Additional reading:".Zip" top-level domains draw potential for information leaksDNS Hijacking Abuses Trust In Core Internet ServiceSea Turtle keeps on swimming, finds new victims, DNS hijacking techniquesSecurity implications of misconfigurationsDomain dumpster diving
Episode 164 contains the notable Digital Marketing News and Updates from the week of June 5 - 9, 2023. And the show notes for this episode was generated using generative AI. And like always, I curated the articles for the show.1. Google's Structured Data Validator vs Schema.org -During June 2023, Google SEO Office Hours, Google's Martin Splitt answered a question about structured data validation and how Google's validator can show different results than the Schema.org validator.Both Google and Schema.org offer tools for validating if structured data is correct. Google's tool validates structured data and it also offers feedback on whether the tested structured data qualifies for rich results in the search engine results pages. Rich results are enhanced search listings that makes the listing stand out on the search results. The Schema.org Schema Markup Validator checks if the structured data is valid according to the official standards.Per Splitt, “Schema.org is an open and vendor-independent entity that defines the data types and attributes for structured data. Google, as a vendor however, might have specific requirements for some attributes and types in order to use the structured data in product features, such as our rich results in Google Search. So while just leaving out some attributes or using some type of values for an attribute is fine with Schema.org, vendors such as Google and others might have more specific requirements in order to use the structured data you provide to actually enhance features and products.”In conclusion, Google's validator has a purpose that is different from just checking if the structured data is valid. It's checking to see if the structured data that Google requires (for potentially showing a webpage in enhanced search results) is valid. The Schema.org validator is just checking for standards and has nothing to do with how Google uses structured data.You can watch the June SEO office hour here.2. Google's Latest Search Console Update Makes it Easier to Fix Video Indexing Issues - Google has released an update to its Search Console, aimed at refining video indexing reports. This enhancement promises to offer you more precise problem descriptions and actionable solutions to help boost the visibility of your videos in Google Search.Previously, users encountered a generic "Google could not identify the prominent video on the page" error. Now, Google has decided to provide more specific details to overcome this problem. Here's what you need to know: Video outside the viewport: If your video isn't fully visible when the page loads, you'll need to reposition it. Make sure the entire video lies within the renderable area of the webpage. Video too small: If your video is smaller than desired, you should increase its size. The height should exceed 140px, and the width should be greater than 140px and constitute at least one-third of the page's width. Video too tall: If your video is taller than 1080px, it's time to resize it. Decrease the height to less than 1080px to comply with Google's new guidelines. While you might still see some old error messages for the next three months, Google plans to phase these out, replacing them with these new, more detailed notifications.By adhering to these updates, you can maximize your video's prominence on Google Search and enhance user engagement. Happy optimizing!3. Navigating the World of Domains: A Google Insider's Advice - Let's delve into the world of domain names and how they can impact your business's digital reach, guided by insights from Google Search Advocate, John Mueller.Mueller recently clarified the differences between generic top-level domains (gTLDs) and country code top-level domains (ccTLDs), following Google's decision to reclassify .ai domains as gTLDs, breaking away from their previous association with Anguilla.In essence, gTLDs (such as .com, .store, .net) are not tied to a specific geographical location, unlike ccTLDs (like .nl for the Netherlands, .fr for France, .de for Germany) that are country-specific. Mueller pointed out that if your business is primarily targeting customers within a certain country, a ccTLD might be the way to go. On the other hand, if you're aiming for a global customer base, a gTLD could be the better option.Importantly, Mueller also highlighted the need to consider user perception. He posed a question to consider: will users click on a link they believe is meant for another country's audience?Furthermore, Mueller also cautioned against using TLDs that may appear spammy, as it can harm your site's credibility.His advice underscores the importance of strategic decision-making when registering your domain, reminding us that the choice of a domain name is not just a technical one, but a business decision that can have a significant impact on your online presence.4. Google's Verdict on the Impact of Security Headers on Search Rankings - In your quest for a secure website, you may have come across HTTP headers - bits of data that offer valuable metadata about a webpage to browsers or web crawlers. The most well-known among these are response headers, like the infamous 404 Error or the 301 redirect.A subset of these headers, known as security headers, play a critical role in fortifying your site against malicious attacks. For instance, the HSTS (HTTP Strict Transport Security) header mandates that a webpage be accessed only via HTTPS, not HTTP, and ensures the browser remembers this preference for the future.While a 301 redirect can guide browsers from HTTP to HTTPS, it leaves your site exposed to potential 'man-in-the-middle' attacks. An HSTS header, on the other hand, ensures your browser requests the HTTPS version directly, effectively bolstering site security.A question was recently posed to Google's John Mueller about whether integrating security headers, like HSTS, could influence website ranking. Mueller's response was clear: the HSTS header does not impact Google Search. This header's purpose is to guide users to the HTTPS version of a site. As for deciding which version of a page to crawl and index, Google uses a process known as canonicalization, which doesn't rely on headers like HSTS.So, while security headers might not boost your site's search ranking, their importance in maintaining a secure browsing experience for your users cannot be overstated. Remember, a secure website is a trusted website, and trust forms the foundation of any successful online presence.5. Debunking 'Index Bloat': Google's Take on Effective Web Page Indexing - In a recent episode of Google's 'Search Off The Record' podcast, the Search Relations team at Google tackled the topic of web page indexing, putting a spotlight on the much-discussed theory within the SEO community: "Index Bloat."This theory, often cause for concern, refers to a situation where search engines index pages that aren't beneficial for search results. It includes pages like filtered product pages, printer-friendly versions, internal search results, and more. Advocates of the index bloat theory argue that such pages can confuse search engines and negatively impact search rankings. They link this issue to the concept of a crawl budget, which is the number of URLs a search bot will crawl during each visit. The theory proposes that index bloat can lead to an inefficient use of this crawl budget, with search bots wasting time and resources gathering unneeded data.However, Google's John Mueller challenged this theory, stating there is no known concept of index bloat at Google. According to Mueller, Google doesn't set an arbitrary limit on the number of indexed pages per site. His advice to webmasters is not to worry about excluding pages from Google's index, but instead, focus on creating and publishing useful content.While some supporters of the index bloat theory have pointed to issues like accidental page duplication, incorrect robots.txt files, and poor or thin content as causes, Google asserts that these are not signs of a non-existent "index bloat," but simply general SEO practices that require attention.Some have suggested using tools like Google Search Console to detect index bloat by comparing the actual number of indexed pages to what's expected. Google's stance implies this comparison isn't indicating a problem, but is instead part of routine website management and monitoring.Google's official stance dismisses the idea of index bloat. Instead, the emphasis should be on ensuring the pages submitted for indexing are valuable and relevant, thereby enhancing the overall user experience.6. Controlling Googlebot: Decoding Google's Search Relations Podcast Insights - In the latest episode of the 'Search Off The Record' podcast, Google's Search Relations team, John Mueller and Gary Illyes, delved into two key topics: blocking Googlebot from crawling certain parts of a webpage and preventing Googlebot from accessing a website completely.When asked how to stop Googlebot from crawling specific sections of a webpage, such as the "also bought" areas on product pages, Mueller emphasized that there's no direct method to achieve this. "It's impossible to block crawling of a specific section on an HTML page," he clarified.However, Mueller did propose two strategies, albeit not perfect ones, to navigate this issue. One involves utilizing the data-nosnippet HTML attribute to stop text from being displayed in a search snippet. The other strategy involves using an iframe or JavaScript with the source blocked by robots.txt. But be wary, as Mueller cautioned against this approach, stating it could lead to crawling and indexing issues that are difficult to diagnose and solve.Mueller also reassured listeners that if the same content appears across multiple pages, it's not a cause for concern. "There's no need to block Googlebot from seeing that kind of duplication," he added.Addressing the question of how to prevent Googlebot from accessing an entire site, Illyes provided a straightforward solution. Simply add a disallow rule for the Googlebot user agent in your robots.txt file, and Googlebot will respect this and avoid your site. For those wanting to completely block network access, Illyes suggested creating firewall rules that deny Google's IP ranges.To sum up, while it's impossible to stop Googlebot from accessing specific HTML page sections, methods like the data-nosnippet attribute can offer some control. To block Googlebot from your site altogether, a simple disallow rule in your robots.txt file should suffice, though you can take further steps like setting up specific firewall rules for a more stringent blockade.7. Sweeping Changes to Google Ads Trademark Policy: What You Need to Know - Google Ads is making significant changes to its Trademark Policy that could impact how your advertisements are run. Starting July 24, Google will only entertain trademark complaints that are filed against specific advertisers and their ads. This is a shift away from the current policy, where complaints can lead to industry-wide restrictions on using trademarked content.This change is a response to feedback from advertisers who found the previous system frustrating due to over-flagging and broad blocks. The new policy aims to streamline resolutions, making them quicker and more straightforward. In addition, it will provide greater clarity and transparency for advertisers, a much-needed improvement many have been advocating for.As explained by a Google spokesperson, "We are updating our Trademark Policy to focus solely on complaints against specific advertisers in order to simplify and speed up resolution times, as opposed to industry-wide blocks that were prone to over-flagging. We believe this update best protects our partners with legitimate complaints while still giving consumers the ability to discover information about new products or services.”Do note that any trademark restrictions implemented before July 24 under the current policy will continue to apply. However, Google plans to phase out these limitations for most advertisers gradually over the next 12-18 months.You can learn more about these changes by visiting the Google Ads Trademarks policy page here.8. Double Menus, Double Fun: SEO Unaffected by Multiple Navigations - In a recent SEO office hours video, Google's Gary Illyes made it clear that the presence of multiple navigation menus on your website doesn't affect your SEO performance - be it positively or negatively.The question arose during the video discussion, asking whether having two navigation menus - a main one featuring important site categories and a secondary one focusing on brand-related extensions - could potentially harm SEO performance.Illyes' response was reassuring. He stated that it's highly unlikely that multiple navigation menus would have any impact on your website's SEO. In other words, whether you have one, two, or even more navigation menus on your page, Google's algorithms are sophisticated enough to recognize these elements and process them accordingly.So, rest easy and design your website to best serve your audience. Remember, whether your navigation is on the top, left, or bottom of your page, Google's got it figured out!9. Google's Eye on XML Sitemap Changes: Resource Efficiency in Action - Google's own Gary Illyes recently reaffirmed that the tech giant is diligent about scanning XML sitemaps for updates before launching the reprocessing protocol. This practice is rooted in the desire to conserve valuable computational resources by avoiding unnecessary reprocessing of unchanged files.When asked whether Google compares current and previous versions of XML sitemaps, Illyes's response was a resounding yes. He explained that Google refrains from reprocessing sitemaps that have remained the same since their last crawl - a measure designed to prevent wastage of computing resources.However, any modifications in your sitemap, whether in the URL element or 'last mod', will trigger a new round of parsing and generally initiate reprocessing. Illyes pointed out that this doesn't automatically guarantee that the altered URLs will be crawled, as they must still pass through the usual quality evaluations like any other URL.Importantly, if a URL is deleted from the sitemap because it no longer exists, it doesn't imply that it will instantly be removed from the index or prioritized for crawling to expedite its deletion. Keep this in mind when making changes to your sitemap.10. Boost Your Search Rankings: Google's Advice on Consolidating Pages - In a recent SEO office hours video, Google's Gary Illyes brought up a valuable point about web page consolidation. He discussed 'host groups', a term used when Google displays two results from the same domain in search results, with one listed below the other.Illyes suggested that when your website forms a host group, it indicates that you have multiple pages capable of ranking well for a particular query. In such cases, he recommended considering the consolidation of these pages, if feasible.This advice aligns with Google's host groups documentation, which recommends setting one of these pages as the 'canonical' if you'd prefer users to land on that page over the other.The concept of a host group comes into play when two or more consecutive text results from the same site rank for the same query and hence, get grouped together.The rationale behind Google's recommendation for consolidation could be understood as an attempt to prevent your pages from competing against each other. When two pages vie for the same ranking, consolidating them could potentially boost the ranking of the remaining page.From an SEO perspective, having two listings could increase your click-through rate. However, the idea of consolidation is to create a more streamlined user experience and possibly enhance your page's ranking.Keep in mind that this is an approach to consider and may not suit every situation. Always consider your unique context and audience needs when making SEO decisions.11. Unlocking Video Thumbnails in Google Search: Key Insights Revealed - Recent changes to Google's approach to video thumbnails in search results have prompted many queries. These alterations ensure that video thumbnails are displayed only when the video constitutes the main content on a webpage.This doesn't imply that the video must be the first element on your page. Instead, as Google's Gary Illyes explains, the video should be immediately noticeable — it should be "in their face right away." This user-centric approach enhances the user experience, eliminating the need for them to hunt for the video on the page.Illyes encourages web developers and SEO experts to consider the user's perspective. When visitors land on your page, they should not have to actively search for the video. It should be prominently displayed, akin to the approach of popular video platforms like Vimeo and YouTube.Remember, the aim of these changes is to reduce confusion and streamline the user experience by ensuring that videos are easy to find and view. Take inspiration from major video sites to better understand what Google's algorithms are seeking.12. Enhanced Conversion Tracking with Microsoft Advertising's New Cross-Device Attribution Model - Microsoft Advertising is set to enhance its tracking capabilities with the introduction of a Cross-Device attribution model. Revealed in Microsoft's latest product update roundup in June, this model promises to provide more accurate insights into customer conversion journeys across multiple devices and sessions.With this new feature, if a customer clicks an ad on their laptop and later completes a purchase on their phone, Microsoft Advertising will attribute the conversion to the original ad click on the laptop. This development will ensure that your marketing efforts are accurately credited, regardless of the device where the conversion ultimately occurs.As a result of this new tracking model, marketers may notice a slight uptick in the number of conversions reported in their performance metrics. If you observe an increase in conversions, the new Cross-Device attribution model could be the driving factor. Keep an eye on your reports to understand the full impact of this latest update on your performance data.13. New Verification Mandates for Microsoft Ads: Everything You Need to Know - Starting August 1st, Microsoft Advertising will be implementing a new policy to enhance transparency and security. Only ads from verified advertisers will be displayed on the platform. If you haven't yet met the Microsoft Ads verification requirements, it's crucial to complete them before August 1st to ensure your ads continue to run smoothly.The Microsoft Ads Advertiser Identity Verification program, which was launched in June 2022, is rolling out the following important dates: As of July 1st, all new advertisers must be verified before their ads can go live. If you haven't received an email from Microsoft about account verification by July 15th, you should reach out to Microsoft support. Starting August 1st, Microsoft Advertising will exclusively display ads from verified advertisers. Once verified, all ads will showcase: The name and location of the advertiser. The business or individual responsible for funding the ad. Additional information explaining why a user is seeing a specific ad, including targeting parameters. In addition to these updates, Microsoft Advertising is also launching a new feature - the Ad Library. This will enable all users to view ads shown on Bing that have gained any impressions in the European Union. Users will be able to search for ads in the Ad Library by using the advertiser's name or by entering words included in the ad creative. The details of the advertiser will be displayed in the Ad Library.Stay ahead of the game and get your account verified to enjoy uninterrupted ad delivery with Microsoft Advertising!14. Unleashing New Opportunities: LinkedIn Introduces Direct Messaging for Company Pages - In a bid to foster more professional connections and interactions, LinkedIn is set to expand its messaging tools. The platform has now introduced a new feature that allows Company Pages to send and receive direct messages (DMs). This marks a major development as previously, one-to-one messaging was only available for individual LinkedIn members.LinkedIn's new feature, termed Pages Messaging, paves the way for members to directly contact brands. Conversations can cover a broad range of topics from products and services to business opportunities. To handle these two-way conversations, organizations will be equipped with a dedicated inbox, enabling them to manage and prioritize incoming inquiries that are most relevant to their business.As a result of this feature, companies might see a significant increase in messages inquiring about opportunities. However, LinkedIn's 'focused inbox' system, which segregates DMs based on priority and topic settings, can help manage the influx. In addition, companies have the option to disable the Message feature if they wish.LinkedIn has been quietly testing this feature with a select group of users in the past month. Considering that over 63 million companies actively post on their LinkedIn Company Pages, this new feature could potentially revolutionize direct interactions and unearth fresh opportunities.Furthermore, LinkedIn is exploring the integration of an AI assistant to aid in lead nurturing. This could be a significant asset, allowing users to research the person they are communicating with without the need to manually browse through their profile or posts.While it might not be a 'game-changer', the new Company Page messaging feature, which is being rolled out from today, is certainly a noteworthy addition to consider in your LinkedIn marketing strategy.15. Apple Amps Up Privacy: A Glimpse at iOS 17 and macOS Sonoma - In a continued commitment to user privacy, Apple has introduced fresh security enhancements in iOS 17 and macOS Sonoma, aimed at curbing intrusive web tracking. The new Link Tracking Protection feature is at the heart of this upgrade.Activated by default in Mail, Messages, and Safari (while in Private Browsing mode), Link Tracking Protection zeroes in on tracking parameters in link URLs, which are often used to monitor user activity across different websites. The feature scrubs these identifiers, thereby thwarting advertisers' and analytics firms' attempts to bypass Safari's intelligent tracking prevention functionalities.Typically, these tracking parameters are attached to the end of a webpage's URL, bypassing the need for third-party cookies. When a user clicks the modified URL, the tracking identifier is read, enabling the backend to create a user profile for personalized ad targeting.Apple's new feature disrupts this process by identifying and removing these tracking components from the URL, ensuring the user's web page navigation remains as intended. This operation is quietly executed during browser navigation in Safari's Private Browsing mode and when links are clicked within the Mail and Messages apps.To strike a balance, Apple has also unveiled an alternate method for advertisers to gauge campaign effectiveness while preserving user privacy. Private Click Measurement, now accessible in Safari Private Browsing mode, enables the tracking of ad conversion metrics without disclosing individual user activity.In conclusion, Apple's latest efforts reflect a renewed commitment to user privacy, promising to make online experiences safer and more secure across their operating systems.
Episode 163 contains the notable Digital Marketing News and Updates from the week of May 29 - June 2, 2023. And the show notes for this episode was generated using generative AI. And like always, I curated the articles for the show.1. Google Search Console Insights Adds New Report to Track Growing Content - Google has added a new report to Search Console Insights that track your content's growth over time. The report shows you how many impressions and clicks your content has received and how its ranking has changed. This information can help you identify your most popular content and change your content strategy to improve its performance.To access the new report, go to the Search Console Insights page and select "Your Growing Content" from the menu. The report will show you a list of your top content, along with the following information for each piece of content: Impressions: The number of times your content has been shown in Google Search results. Clicks: The number of times users have clicked on your content in Google Search results. Position: The average position of your content in Google Search results. Growth: The percentage change in impressions, clicks, and position from the previous period. You can use the information in this report to identify your most popular content and change your content strategy to improve its performance. For example, you can promote your most popular content on social media, write more content on similar topics, or optimize your content for specific keywords.2. Google Now Treats .ai Domains as Generic Top-Level Domains - Google has updated its search algorithm to treat .ai domains as generic top-level domains (gTLDs), rather than country code top-level domains (ccTLDs). This means that .ai domains will now be eligible to rank for global search queries, not just those specific to Anguilla.This is a significant change for businesses that use .ai domains. In the past, these businesses were limited to targeting local traffic. Now, they can reach a global audience with their websites and marketing campaigns.If you have a .ai domain, you can optimize your website for global search queries today. Here are a few tips: Use relevant keywords throughout your website content. Create high-quality content that will attract and engage visitors. Build backlinks from other high-quality websites. Promote your website on social media and other online channels. Following these tips can help your .ai domain rank for global search queries and reach a wider audience.3. Google Penalizes Websites with Cheap TLDs - Google's John Mueller said on Reddit that Google penalizes websites that use cheap top-level domains (TLDs). Cheap TLDs are domains that cost less than $10 per year and are often associated with spam and low-quality websites.Google's decision to penalize websites with cheap TLDs indicates that the search engine is more aggressive against spam. In recent years, Google has been cracking down on spam and low-quality websites, and this latest update is another step in that direction.If your website uses a cheap TLD, you may want to consider transferring it to a more reputable domain. This will help to improve your website's ranking in Google Search results and protect you from being penalized.How do you know which TLDs are spammy? Check out, Spamhaus.org.4. Google Launches ‘Product Studio' - Google has announced the launch of Product Studio. This free tool uses generative A.I. to create high-quality product images. Product Studio is available to all businesses, regardless of size, and can create images for various purposes, including product listings, marketing campaigns, and social media.To use Product Studio, businesses upload their product images and provide details about the product, such as the product name, category, and color. Product Studio will then use this information to generate high-quality images, including lifestyle images, product shots, and close-ups.Product Studio will be a valuable tool for businesses of all sizes. It can help businesses to save time and money on product photography, and it can help businesses to create more engaging and visually appealing product listings.It's important to note that Product Studio is currently in the pilot phase, and Google is working with a select group of retailers to test and refine it. However, they have expressed their excitement to see what's possible with this technology.5. YouTube Shopping and Discovery Product Ads Requirements - Google has clarified the requirements for YouTube Shopping ads and Discovery product ads. The new requirements are designed to help retailers understand why their ads may not perform well and how to address any issues.The new requirements for YouTube Shopping ads include the following: Your products must be eligible for sale on Google. Your products must be in stock and available for purchase. Your product prices must be accurate and competitive. Your product descriptions must be clear and concise. Your product images must be high-quality and relevant to your products. You can review the Google Shopping ads policy center and free listing policies to understand better how the policies are enforced.6. Microsoft Introduces ‘Insights' for Universal Event Tracking Tags - Microsoft has unveiled ‘insights' for Universal Event Tracking (UET) tags in an exciting development for data-driven marketers. This feature, designed to enhance your understanding of user engagement on your website, will be automatically enabled for all existing UET tags starting June 29.A Microsoft Advertising UET tag monitors visitor activities on your website following an ad click. This tag collects relevant data, empowering you to keep track of conversion objectives and create specific remarketing lists for effective audience targeting. UET tags enable the tracking of various conversion goals, such as purchases, sign-ups, downloads, and more. These goals can be configured based on criteria like visitor count to specific pages, time spent on the website, the number of pages browsed, and clicks on your mobile app, among others.The newly introduced UET Insights bring several advancements designed to provide a more in-depth understanding of user interactions on your website. These insights are integrated into a powerful dashboard that showcases crucial data such as: Overall visits to your website and the number of visits each page has received Breakdown of sessions based on country of origin and device type Data on quick backs (customers who spend only a few seconds on your website) Information on the duration visitors spend on your website Additional indicators like page latencies, interactions (clicks and scrolls), purchase cart carts specifics, cart abandonment details, and JavaScript browser errors are also included.UET Insights extend beyond providing a comprehensive understanding of your website's performance. They help enhance the effectiveness of ads through refined targeting, fraud detection, and minimizing conversion loss. This leads to a richer understanding of user behavior and website performance, resulting in more efficient advertising strategies.Activating UET Insights doesn't require coding. Existing tags were automatically updated, and any new tags created will come pre-equipped with UET Insights. Notably, there's no data sampling involved, ensuring that the information you receive is complete and representative. UET Insights does not adversely affect your site's performance, and the collected data is processed and presented almost instantly on the UET dashboard.Advertisers maintain complete control over UET Insights and can choose to turn them off if needed. Those wishing to opt out can do so through the UET Dashboard in the Microsoft Advertising platform. To learn more, visit the Microsoft Advertising help page.
We discuss a range of topics from technical problem-solving to the impact of AI and automation. We explore how to enhance your ecommerce business with alternative strategies such as live shopping, and Shopify's new performance-boosting URL change. We also dive into the use of Chat GPT for writing and the importance of domain names in the present-day landscape. Tune in to gain insights on how to improve your online store and stay up-to-date with the latest ecommerce trends.TIMESTAMPS[00:04:46] Exploring the relevance of.com domain names[00:15:00] Shopify Changing URL Strategy for Faster Loading[00:21:53] ChatGPT struggles to accurately determine month-end dates[00:25:47] Uncovering the Syntax of ChatGPT[00:31:57] Facebook's New Shopping Rules[00:37:18] Unconventional E-commerce StrategiesShow LinksShopify's Free Domain Name Generator & IdeasICANNShopify: Changes to Asset URLsChatGPTJasperTechCrunch: Instagram and Facebook will force their checkout experience on Shops soonPostPilotSponsorsFree 30-day trial of Zipify OCU - To get an unadvertised gift, email help@zipify.com and ask for the "Tech Nasty Bonus".Venntov, makers of SEO Manager, Order Lookup, and ClockedInRetention.com: Reclaim 5-10x Abandonment RevenueLoop Returns: Ecommerce Returns Management for ShopifyNever miss an episodeSubscribe wherever you get your podcastsJoin Kurt's newsletterHelp the showAsk a question in The Unofficial Shopify Podcast Facebook GroupLeave a reviewSubscribe wherever you get your podcastsWhat's Kurt up to?See our recent work at EthercycleSubscribe to our YouTube ChannelApply to work with Kurt to grow your store.
Google's new TLDs are silly but not as dangerous as some people think, whether we should cling on to AM radio, Microsoft scans password-protected zip files, and how to assess open source software for its trustworthiness. Plug Support us on patreon News Google pushes .zip and .mov domains onto the Internet, and the […]
The gang's back and ready to chat about Apple Savings Accounts, insecure TLDs, and tab management.
New TLDs are already old news, fuzzing eBPF validators, Microsoft sets to kill bug classes, draft RFC to track location trackers, a top ten list with directory traversal on it, conference videos from Real World Crypto and BSidesSF, and an attack tree generator from markdown. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw242
New TLDs are already old news, fuzzing eBPF validators, Microsoft sets to kill bug classes, draft RFC to track location trackers, a top ten list with directory traversal on it, conference videos from Real World Crypto and BSidesSF, and an attack tree generator from markdown. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw242
This week's Network Break looks at a new Network Access Control (NAC) offering from Juniper, plus a ChatGPT integration with Juniper's Marvis. Google debuts new Top-Level Domains that have security experts worried, Cisco reports a robust Q3, Broadcom tries to assuage EU regulators about its VMware acquisition, and more tech news.
This week's Network Break looks at a new Network Access Control (NAC) offering from Juniper, plus a ChatGPT integration with Juniper's Marvis. Google debuts new Top-Level Domains that have security experts worried, Cisco reports a robust Q3, Broadcom tries to assuage EU regulators about its VMware acquisition, and more tech news. The post Network Break 431: Juniper NAC Emerges From The Mist; New Google TLDs Are A Bad Idea appeared first on Packet Pushers.
Will McGugan's Trogon auto-generates friendly TUIs for your CLI apps, Stability AI's official open source variant of DreamStudio, John Calhoun writes about life after 26 years programming at Apple, Google's news TLDs could be a boon to scammers & Pablo Meier documents a way to discuss programming languages.
This week's Network Break looks at a new Network Access Control (NAC) offering from Juniper, plus a ChatGPT integration with Juniper's Marvis. Google debuts new Top-Level Domains that have security experts worried, Cisco reports a robust Q3, Broadcom tries to assuage EU regulators about its VMware acquisition, and more tech news.
This week's Network Break looks at a new Network Access Control (NAC) offering from Juniper, plus a ChatGPT integration with Juniper's Marvis. Google debuts new Top-Level Domains that have security experts worried, Cisco reports a robust Q3, Broadcom tries to assuage EU regulators about its VMware acquisition, and more tech news. The post Network Break 431: Juniper NAC Emerges From The Mist; New Google TLDs Are A Bad Idea appeared first on Packet Pushers.
This week's Network Break looks at a new Network Access Control (NAC) offering from Juniper, plus a ChatGPT integration with Juniper's Marvis. Google debuts new Top-Level Domains that have security experts worried, Cisco reports a robust Q3, Broadcom tries to assuage EU regulators about its VMware acquisition, and more tech news.
This week's Network Break looks at a new Network Access Control (NAC) offering from Juniper, plus a ChatGPT integration with Juniper's Marvis. Google debuts new Top-Level Domains that have security experts worried, Cisco reports a robust Q3, Broadcom tries to assuage EU regulators about its VMware acquisition, and more tech news. The post Network Break 431: Juniper NAC Emerges From The Mist; New Google TLDs Are A Bad Idea appeared first on Packet Pushers.
In this episode, we explore the arrival of passwordless Google accounts that use “passkeys,” which offer enhanced usability and security. We discuss the benefits of passkeys over traditional passwords, but also why passkeys are not quite ready for prime time use. Next, we discuss Google Domains' introduction of new top-level domains (TLDs) like .zip and […] The post Google Now Supports Passkeys, Risky New Top Level Domains, Twitter's Encryption Dilemma appeared first on Shared Security Podcast.
Will McGugan's Trogon auto-generates friendly TUIs for your CLI apps, Stability AI's official open source variant of DreamStudio, John Calhoun writes about life after 26 years programming at Apple, Google's news TLDs could be a boon to scammers & Pablo Meier documents a way to discuss programming languages.
Will McGugan's Trogon auto-generates friendly TUIs for your CLI apps, Stability AI's official open source variant of DreamStudio, John Calhoun writes about life after 26 years programming at Apple, Google's news TLDs could be a boon to scammers & Pablo Meier documents a way to discuss programming languages.
Google is getting paid to advertise malware sites, Comcast's false map data, more on private TLDs, why we don't use Btrfs, and getting notifications for your monitoring. Plugs Support us on patreon Klara Sysadmin Series: How to catch a bitcoin miner News/discussion Until further notice, think twice before using Google to download software […]
It's been 10 years since new TLDs rolled out. Where are we now? It's been ten years since new top level domains started rolling out. Today, I chat with Sandeep Ramchandani, CEO of Radix, to get his take on where we are and where we're headed. Sandeep is always frank about both the upside and […] Post link: New TLDs 10 years later – DNW Podcast #419 © DomainNameWire.com 2022. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.
26th Oct ⚡ Lightning Network NOT Blockchain
The task of choosing a domain for your musician website is an important one. Shout out to Dreamhost for this great blog post, which was used as the information primary source for this episode. See the latest deals from Dreamhost to save now and support the Unstarving Musician in the process. Choosing a Top Level Domain Extension Choose top level domain (TLD) extension carefully. Among all the TLDs, .com is a popular choice and often seen as the gold standard. However, it's not the end of the world if .com is taken. There are other increasingly common ones to choose from, such as .band and .hiphop. Incorporate Targeted Keywords Search engines like Google use your domain name to understand what your site is about and to help determine search rankings. Therefore, it's essential to include keywords if and where possible. Google keyword planner is a great tool for this step. Make Sure Your Domain is Easy to Pronounce and Spell You want your domain name to be original and memorable, but be mindful that novelty isn't always a good thing. If you modify the spelling of a common word just to get a .com extension (or simply to be cute), you will very easily confuse your audience. An example of this would be DogTrainer.com is taken, so you choose Doggtrainer.com (using double “g”). People can easily miss the double "g" and end up on the non-related site. The double lettter is easy to miss, but not so easy for people to remember the double “g.” While word-of-mouth advertising is powerful, it only works when people can actually pronounce your domain. This also makes the name easier to remember, increasing the odds that people will visit and pass the site along to their networks. Examples: Some domain names that are not as easy to spell are eidos.com, submit-me.net, and hisel.com. In particular, hyphenated domain names are often problematic. The natural tendency is to pronounce the name as if it were not hyphenated. Avoid Hyphens and Doubled Letters Using hyphens may seem like a creative way to get the domain name you want, but they're tough to express verbally (imagine yourself saying “dash” or “hyphen” out loud). They also make the domain more difficult to type. This can create a poor User Experience (UX) from the start, leaving a user frustrated. Even worse, they may give up entirely and end up on someone else's website. While there are exceptions, when you're brainstorming domain name ideas, it's best to avoid anything that isn't a letter. This includes replacing letters with numbers, which make the name a lot easier for people to mistype. The same goes for doubled letters (as just mentioned in the Dogg example)– it's asking for typos. Doubled letters are hard to read and even harder to type correctly. If mistakes happen often enough, you may end up with someone typo-squatting and stealing your traffic. Keep Your Domain Name Short There are several reasons short domains work better. First, they're easier to remember and faster to type. Therefore, they are more likely to support a positive UX. This is especially important as more and more people are browsing the internet on mobile devices. A short domain name means fewer opportunities for mobile users to get blindsided by autocorrect. Stay Unique and On Brand A unique domain name can help your website stand out and potentially help you avoid legal trouble. It can also contribute to your marketing efforts. In fact, if your site represents a larger brand, you would be wise to consider your domain name as you're creating the brand name itself. Pick a Domain Name That's Flexible Your domain name is one area where you don't want to put yourself into a box. While you should be specific enough to attract an audience, you don't want to be so precise that there's no room for your website to grow. For example, “shutter.photography” might be perfect for a photography blog. However, if you decide to write about other art forms in the future, you'll be stuck with an inaccurate domain name. Use a Domain Name Generator Chances are you've brainstormed a list of potential domain names by now. You may have even thought of the ideal one. However, sometimes your perfect domain name might not be available. Once again, there's no need to panic. You can always get creative and slightly modify your domain. If you're having trouble finding inspiration, you can use a domain name generator like Domain Wheel. Check the Domain History You might have your sights set on a completely fresh domain name. However, there's also a possibility that the domain you'd like to purchase had a previous owner. It's best to investigate the domain's history as this could affect your site's search engine rankings. There are a few tools you can use to check on past owners, such as Wayback Machine and Whoxy. This can be very useful information. For instance, you wouldn't want to buy a domain name that was previously running an unethical business, as it might hurt your reputation. Research Social Media Handles If you have plans to engage with your visitors or customers, chances are you'll want to create social media accounts that are linked to your domain name and website. Therefore, it's wise to check your preferred social media sites to see if your domain name is available in handle form. Alternatively, you can check to see if a variation of your domain name is available. If you're not planning to use too many different social media networks, you can easily do this manually. However, if you want a bit of help, Namecheckr.com is a great way to see all available social media handles at a glance. This handy tool can provide you with useful information about trademarks. It can also help you manage dozens of social media accounts. Don't Miss Out on a Deal The reality is that no matter how big or small your business is, you likely have a budget. What's more, if you're launching a small business or you're self-employed, it's probably pretty tight. Domain prices can vary depending on how popular an option is perceived to be. In most cases, your chosen domain will qualify for a low introductory price. In other cases, your desired domain could be considered “Premium” and go for hundreds to tens of thousands of dollars. If you think you've stumbled across a “premium” domain at a deep discount, don't hesitate to act! Protect Your Brand with Multiple Domains Even if you manage to snag a coveted .com address, you might consider purchasing other TLD variations and setting up redirects. You can even go a step further and buy common misspellings of your domain name — that way, you're not missing out on traffic lost due to “user error.” You can apply this strategy to social media as well. Even if you don't think you'll use Twitter, you might want to grab a decent handle if one is available. That way, you'll be ready if you ever decide to tweet, and you'll prevent anyone else from taking that username. Conclusion It's easy to overlook some of the steps involved in choosing a domain name for your musician website, but it's definitely a task worthy of careful planning. The process may seem cumbersome, but I'm here to help you. If you have doubts or questions, feel free to ping me via email or social media. Good luck choosing your musician website domain name! Support the Unstarving Musician The Unstarving Musician exists solely through the generosity of its listeners, readers, and viewers. Learn how you can offer your support. This episode was powered by Music Marketing Method, a program for independent musicians looking to grow their music career. Music Marketing Method was created by my good friend Lynz Crichton. I'm in the program and I'm learning tons! I'm growing my fan base and learning about many ways that I'll be earning money in the new year. It's also helping me grow this podcast. How cool is that? To lean more and find out if Music Marketing Method can help your music career, visit UnstarvingMusician.com/MusicMarketing. This episode of the was powered by Liner Notes. Learn from the hundreds of musicians and industry pros I've spoken with for the Unstarving Musician on topics such as marketing, songwriting, touring, sync licensing and much more. Sign up for Liner Notes. Liner Notes is an email newsletter from yours truly, in which I share some of the best knowledge gems garnered from the many conversations featured on the Unstarving Musician. You'll also be privy to the latest podcast episodes and Liner Notes subscriber exclusives. Sign up at UnstarvingMusician.com. It's free and you can unsubscribe at anytime. Mentions and Related Episodes How to Choose the Right Domain Name (blog post by Dreamhost See the latest deals from Dreamhost Google keyword planner Typo squatting Domain Wheel domain name generator Wayback Machine Whoxy NameCheckr.com New Gods Part 2, by Robonzo & Peter Rand (music video) Subscribe to Robonzo's artist YouTube channel Free vs Paid Hosting For Musician Websites (Ep 239) Why Do I Need A Musician Website? (Ep 237) New Gods Part 2 Co-Writer Peter Rand (Ep 205) Resources The Unstarving Musician's Guide to Getting Paid Gigs, by Robonzo Music Marketing Method – The program that helps musicians find fans, grow an audience and make consistent income Bandzoogle – The all-in-one platform that makes it easy to build a beautiful website for your music Dreamhost – See the latest deals from Dreamhost, save money and support the UM in the process. More Resources for musicians Pardon the Interruption (Disclosure) Some of the links in this post are affiliate links. This means I make a small commission, at no extra charge to you, if you purchase using those links. Thanks for your support! Visit UnstarvingMusician.com to sign up for Liner Notes to learn what I'm learning from the best indie musicians and music industry professionals. Stay in touch! @RobonzoDrummer on Twitter and Instagram @UnstarvingMusician on Facebook and YouTube
Hello, and welcome to another episode of CISO Tradecraft -- the podcast that provides you with the information, knowledge, and wisdom to be a more effective cybersecurity leader. My name is G. Mark Hardy, and today we are going to discuss how nation state conflict and sponsored cyberattacks can affect us as non-combatants, and what we should be doing about it. Even if you don't have operations in a war zone, remember cyber has a global reach, so don't think that just because you may be half a world away from the battlefield that someone is not going to reach out and touch you in a bad way. So, listen for what I think will be a fascinating episode, and please do us a small favor and give us a "like" or a 5-star review on your favorite podcast platform -- those ratings really help us reach our peers. It only takes a click -- thank you for helping out our security leadership community. I'm not going to get into any geopolitics here; I'm going to try to ensure that this episode remains useful for quite some time. However, since the conflict in Ukraine has been ongoing for over two hundred days, I will draw examples from that. The ancient Chinese military strategist Sun Tzu wrote: “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” That's a little more detailed than the classic Greek aphorism, "know thyself," but the intent is the same even today. Let me add one more quote and we'll get into the material. Over 20 years ago, when he was Secretary of Defense, Donald Rumsfeld said: "As we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns—the ones we don't know we don't know. And if one looks throughout the history of our country and other free countries, it is the latter category that tends to be the difficult ones. So, knowledge seems extremely important throughout the ages. Modern governments know that, and as a result all have their own intelligence agencies. Let's look at an example. If we go to the CIA's website, we will see the fourfold mission of the Central Intelligence Agency: Collecting foreign intelligence that matters Producing objective all-source analysis Conducting effective covert action as directed by the President Safeguarding the secrets that help keep our nation safe. Why do we mention this? Most governments around the world have similar Nation State objectives and mission statements. Additionally, it's particularly important to understand what is wanted by "state actors" (note, I'll use that term for government and contract intelligence agents.). What are typical goals for State Actors? Let's look at a couple: Goal 1: Steal targeting data to enable future operations. Data such as cell phone records, banking statements or emails allow countries to better target individuals and companies when they know that identifying information. Additionally, targeting data allows Nation state organizations to understand how individuals are connected. This can be key when we are looking for key influencers for targets of interest. All targeting data should not be considered equal. Generally, Banking and Telecom Data are considered the best for collecting so be mindful if that is the type of company that you protect. State Actors target these organizations because of two factors:The Importance of the Data is the first factor. If one party sends a second party an email, that means there is a basic level of connection. However, it's not automatically a strong connection since we all receive emails from spammers. If one party calls someone and talks for 10 minutes to them on a phone call, that generally means a closer connection than an email. Finally, if one party sends money to another party that either means a really strong connection exists, or someone just got scammed. The Accuracy of the Data is the second factor. Many folks sign up for social media accounts with throw away credentials (i.e., fake names and phone numbers). Others use temporary emails to attend conferences, so they don't get marketing spam when they get home. However, because of Anti Money Laundering (or AML) laws, people generally provide legitimate data to financial services firms. If they don't, then they risk not being able to take the money out of a bank -- which would be a big problem. A second goal in addition to collecting targeting data, is that State Actors are interested in collecting Foreign Intelligence. Foreign Intelligence which drives policy-making decisions is very impactful. Remember, stealing secrets that no one cares about is generally just a waste of government tax dollars. If governments collect foreign intelligence on sanctioned activity, then they can inform policy makers on the effectiveness of current sanctions, which is highly useful. By reporting sanctioned activity, the government can know when current sanctions are being violated and when to update current sanctions. This can result in enabling new intelligence collection objectives. Examples of this include:A country may sanction a foreign air carrier that changes ownership or goes out of business. In that case, sanctions may be added against different airlines. This occurred when the US sanctioned Mahan Air, an Iran's airline. Currently the US enforces sanctions on more than half of Iran's civilian airlines. A country may place sanctions on a foreign bank to limit its ability to trade in certain countries or currencies. However, if sanctioned banks circumvent controls by trading with smaller banks which are not sanctioned, then current sanctions are likely ineffective. Examples of sanctioning bank activity by the US against Russia during the current war with Ukraine include:On February 27th sanctions were placed against Russian Banks using the SWIFT international payment systems On February 28th, the Russian Central Bank was sanctioned On March 24th, the Russian Bank Sberbank CEO was sanctioned On April 5th, the US IRS suspended information exchanges with the Russian tax authorities to hamper Moscow's ability to collect taxes. On April 6th, the US sanctioned additional Russian banks. These sanctions didn't just start with the onset of hostilities on 24 February 2022. They date back to Russia's invasion of Crimea. It's just that the US has turned up the volume this time. If sanctions are placed against a country's nuclear energy practices, then knowing what companies are selling or trading goods into the sanctioned country becomes important. Collecting information from transportation companies that identify goods being imported and exported into the country can also identify sanction effectiveness. A third goal or activity taken by State Actors is covert action. Covert Action is generally intended to cause harm to another state without attribution. However, anonymity is often hard to maintain.If we look at Russia in its previous history with Ukraine, we have seen the use of cyber attacks as a form of covert action. The devastating NotPetya malware (which has been generally accredited to Russia) was launched as a supply chain attack. Russian agents compromised the software update mechanism of Ukrainian accounting software M.E. Doc, which was used by nearly 400,000 clients to manage financial documents and file tax returns. This update did much more than the intended choking off of Ukrainian government tax revenue -- Maersk shipping estimates a loss of $300 million. FedEx around $400 million. The total global damage to companies is estimated at around $10 billion. The use of cyberattacks hasn't been limited to just Russia. Another example is Stuxnet. This covert action attack against Iranian nuclear facilities that destroyed nearly one thousand centrifuges is generally attributed to the U.S. and Israel. Changing topics a little bit, we can think of the story of two people encountering a bear. Two friends are in the woods, having a picnic. They spot a bear running at them. One friend gets up and starts running away from the bear. The other friend opens his backpack, takes out his running shoes, changes out of his hiking boots, and starts stretching. “Are you crazy?” the first friend shouts, looking over his shoulder as the bear closes in on his friend. “You can't outrun a bear!” “I don't have to outrun the bear,” said the second friend. “I only have to outrun you.” So how can we physically outrun the Cyber Bear? We need to anticipate where the Bear is likely to be encountered. Just as national park signs warn tourists of animals, there's intelligence information that can inform the general public. If you are looking for physical safety intelligence you might consider:The US Department of State Bureau of Consular Affairs. The State Department hosts a travel advisory list. This list allows anyone to know if a country has issues such as Covid Outbreaks, Civil Unrest, Kidnappings, Violent Crime, and other issues that would complicate having an office for most businesses. Another example is the CIA World Factbook. The World Factbook provides basic intelligence on the history, people, government, economy, energy, geography, environment, communications, transportation, military, terrorism, and transnational issues for 266 world entities. Additionally you might also consider data sources from the World Health Organization and The World Bank If we believe that one of our remote offices is now at risk, then we need to establish a good communications plan. Good communications plans generally require at least four forms of communication. The acronym PACE or Primary, Alternate, Contingency, and Emergency is often usedPrimary Communication: We will first try to email folks in the office. Alternate Communication: If we are unable to communicate via email, then we will try calling their work phones. Contingency Communication: If we are unable to reach individuals via their work phones, then we will send a Text message to their personal cell phones. Emergency Communication: If we are unable to reach them by texting their personal devices, then we will send an email to their personal emails and next of kin. Additionally, we might purchase satellite phones for a country manager. Satellite phones can be generally purchased for under $1,000 and can be used with commercial satellite service providers such as Inmarsat, Globalstar, and Thuraya. One popular plan is Inmarsat's BGAN. BGAN can usually be obtained from resellers for about $100 per month with text messaging costing about fifty cents each and calls costing about $1.50 per minute. This usually translates to a yearly cost of $1,500-2K per device. Is $2K worth the price of communicating to save lives in a high-risk country during high political turmoil? Let your company decide. Note a great time to bring this up may be during use-or-lose money discussions at the end of the year. We should also consider preparing egress locations. For example, before a fire drill most companies plan a meetup location outside of their building so they can perform a headcount. This location such as a vacant parking lot across the street allows teams to identify missing personnel which can later be communicated to emergency personnel. If your company has offices in thirty-five countries, you should think about the same thing, but not assembling across the street but across the border. Have you identified an egress office for each overseas country? If you had operations in Ukraine, then you might have chosen a neighboring country such as Poland, Romania, or Hungary to facilitate departures. When things started going bad, that office could begin creating support networks to find local housing for your corporate refugees. Additionally, finding job opportunities for family members can also be extremely helpful when language is a barrier in new countries. If we anticipate the Bear is going to attack our company digitally, then we should also look for the warning signs. Good examples of this include following threat intelligence information from: Your local ISAC organization. ISAC or Information Sharing Analysis Centers are great communities where you can see if your vertical sector is coming under attack and share your experiences/threats. The National Council of ISACs lists twenty-five different members across a wide range of industries. An example is the Financial Services ISAC or FS-ISAC which has a daily and weekly feed where subscribers can find situational reports on cyber threats from State Actors and criminal groups. InfraGard™ is a partnership between the Federal Bureau of Investigation and members of the private sector for the protection of US Critical Infrastructure. Note you generally need to be a US citizen without a criminal history to join AlienVault offers a Threat Intelligence Community called Open Threat Exchange which grants users free access to over nineteen million threat indicators. Note AlienVault currently hosts over 100,000 global participants, so it's a great place to connect with fellow professionals. The Cybersecurity & Infrastructure Security Agency or CISA also routinely issues cybersecurity advisories to stop harmful malware, ransomware, and nation state attacks. Helpful pages on their websites include the following:Shields Up which provides updates on cyber threats, guidance for organizations, recommendations for corporate Leaders and CEOs, ransomware responses, free tooling, and steps that you can take to protect your families. There's even a Shields Technical Guidance page with more detailed recommendations. CISA routinely puts out Alerts which identify threat actor tactics and techniques. For example, Alert AA22-011A identifies how to understand and mitigate Russian State Sponsored Cyber Threats to US Critical Infrastructure. This alert tells you what CVEs the Russian government is using as well as the documented TTPs which map to the MITRE ATT&CK™ Framework. Note if you want to see more on the MITRE ATT&CK mapped to various intrusion groups we recommend going to attack.mitre.org slant groups. CISA also has notifications that organizations can sign up for to receive timely information on security issues, vulnerabilities, and high impact activity. Another page to note on CISA's website is US Cert. Here you can report cyber incidents, report phishing, report malware, report vulnerabilities, share indicators, or contact US Cert. One helpful page to consider is the Cyber Resilience Review Assessment. Most organizations have an IT Control to conduct yearly risk assessments, and this can help identify weaknesses in your controls. Now that we have seen a bear in the woods, what can we do to put running shoes on to run faster than our peers? If we look at the CISA Shield Technical Guidance Page we can find shields up recommendations such as remediating vulnerabilities, enforcing MFA, running antivirus, enabling strong spam filters to prevent phishing attacks, disabling ports and protocols that are not essential, and strengthening controls for cloud services. Let's look at this in more detail to properly fasten our running shoes. If we are going to remediate vulnerabilities let's focus on the highest priority. I would argue those are high/critical vulnerabilities with known exploits being used in the wild. You can go to CISA's Known Exploited Vulnerabilities Catalog page for a detailed list. Each time a new vulnerability gets added, run a vulnerability scan on your environment to prioritize patching. Next is Multi Factor Authentication (MFA). Routinely we see organizations require MFA access to websites and use Single Sign On. This is great -- please don't stop doing this. However, we would also recommend MFA enhancements in two ways. One, are you using MFA on RDP/SSH logins by administrators? If not, then please enable immediately. You never know when one developer will get phished, and the attacker can pull his SSH keys. Having MFA means even when those keys are lost, bad actor propagation can be minimized. Another enhancement is to increase the security within your MFA functionality. For example, if you use Microsoft Authenticator today try changing from a 6 digit rotating pin to using security features such as number matching that displays the location of their IP Address. You can also look at GPS conditional policies to block all access from countries in which you don't have a presence. Running antivirus is another important safeguard. Here's the kicker -- do you actually know what percentage of your endpoints are running AV and EDR agents? Do you have coverage on both your Windows and Linux Server environments? Of the agents running, what portion have signatures updates that are not current? How about more than 30 days old. We find a lot of companies just check the box saying they have antivirus, but if you look behind the scenes you can see that antivirus isn't as effective as you think when it's turned off or outdated. Enabling Strong Spam Filters is another forgotten exercise. Yes, companies buy solutions like Proofpoint to secure email, but there's more that can be done. One example is implementing DMARC to properly authenticate and block spoofed emails. It's the standard now and prevents brand impersonation. Also please consider restricting email domains. You can do this at the very top. Today, the vast majority of legitimate correspondents still utilize one of the original seven top-level domains: .com, .org, .net, .edu, .mil, .gov, and .int, as well as two-letter country code top-level domains (called ccTLDs). However, you should look carefully at your business correspondence to determine if communicating with all 1,487 top-level domains is really necessary. Let's say your business is located entirely in the UK. Do you really want to allow emails from Country codes such as .RU, .CN, and others? Do you do business with .hair, or .lifestyle, or .xxx? If you don't have a business reason for conducting commerce with these TLDs, block them and minimize both spam and harmful attacks. It won't stop bad actors from using Gmail to send phishing attacks, but you might be surprised at just how much restricting TLDs in your email can help. Note that you have to be careful not to create a self-inflicted denial of service, so make sure that emails from suspect TLDs get evaluated before deletion. Disabling Ports and Protocols is key since you don't want bad actors having easy targets. One thing to consider is using Amazon Inspector. Amazon Inspector has rules in the network reachability package to analyze your network configurations to find security vulnerabilities in your EC2 Instances. This can highlight and provide guidance about restricting access that is not secure such as network configurations that allow for potentially malicious access such as mismanaged security groups, Access Control Lists, Internet Gateways, etc. Strengthening Cloud Security- We won't go into this topic too much as you could spend a whole talk on strengthening cloud security. Companies should consider purchasing a cloud security solution like Wiz, Orca, or Prisma for help in this regard. One tip we don't see often is using geo-fencing and IP allow-lists. For example, one new feature that AWS recently created is to enable Web Application Firewall protections for Amazon Cognito. This makes it easier to protect user pools and hosted UIs from common web exploits. Once we notice there's likely been a bear attack on our peers or our infrastructure, we should report it. This can be done by reporting incidents to local governments such as CISA or a local FBI field office, paid sharing organizations such as ISAC, or free communities such as AlienVault OTX. Let's walk through a notional example of what we might encounter as collateral damage in a cyberwar. However, to keeps this out of current geopolitics, we'll use the fictitious countries Blue and Orange. Imagine that you work at the Acme Widget Corporation which is a Fortune 500 company with a global presence. Because Acme manufactures large scale widgets in their factory in the nation of Orange, they are also sold to the local Orange economy. Unfortunately for Acme, Orange has just invaded their neighboring country Blue. Given that Orange is viewed as the aggressor, various countries have imposed sanctions against Orange. Not wanting to attract the attention of the Orange military or the U.S. Treasury department, your company produces an idea that might just be crazy enough to work. Your company is going to form a new company within Orange that is not affiliated with the parent company for the entirety of the war. This means that the parent company won't provide services to the Orange company. Additionally, since there is no affiliation between the companies then the legal department advises that there will not be sanction evasion activity which could put the company at risk. There's just one problem. Your company has to evict the newly created Orange company (Acme Orange LLC) from its network and ensure it has the critical IT services to enable its success. So where do we start? Let's consider a few things. First, what is the lifeblood of a company? Every company really needs laptops and Collaboration Software like Office 365 or GSuite. So, if we have five hundred people in the new Acme Orange company, that's five hundred new laptops and a new server that will host Microsoft Exchange, a NAS drive, and other critical Microsoft on premises services. Active Directory: Once you obtain the server, you realize a few things. Previous Acme admin credentials were used to troubleshoot desktops in the Orange environment. Since exposed passwords are always a bad thing, you get your first incident to refresh all passwords that may have been exposed. Also, you ensure a new Active Directory server is created for your Orange environment. This should leverage best practices such as MFA since Orange Companies will likely come under attack. Let's talk about other things that companies need to survive: Customer relations management (CRM) services like Salesforce Accounting and Bookkeeping applications such as QuickBooks Payment Software such as PayPal or Stripe File Storage such as Google Drive or Drop Box Video Conferencing like Zoom Customer Service Software like Zendesk Contract Management software like DocuSign HR Software like Bamboo or My Workday Antivirus & EDR software Standing up a new company's IT infrastructure in a month is never a trivial task. However, if ACME Orange is able to survive for 2-3 years it can then return to the parent company after the sanctions are lifted. Let's look at some discussion topics. What IT services will be the hardest to transfer? Can new IT equipment for Acme Orange be procured in a month during a time of conflict? Which services are likely to only have a SaaS offering and not enable on premises during times of conflicts? Could your company actually close a procurement request in a one-month timeline? If we believe we can transfer IT services and get the office up and running, we might look at our cyber team's role in providing recommendations to a new office that will be able to survive a time of turmoil. All laptops shall have Antivirus and EDR enabled from Microsoft. Since the Acme Orange office is isolated from the rest of the world, all firewalls will block IP traffic not originating from Orange. SSO and MFA will be required on all logins Backups will be routinely required. Note if you are really looking for effective strategies to mitigate cyber security incidents, we highly recommend the Australian Essential Eight. We have a link in our show notes if you want more details. Additionally, the ACME Orange IT department will need to create its own Incident Response Plan (IRP). One really good guide for building Cyber Incident Response Playbooks comes from the American Public Power Association. (I'll put the link in our show notes.) The IRP recommends creating incident templates that can be used for common attacks such as: Denial of Service (DoS) Malware Web Application Attack (SQL Injection, XSS, Directory Traversal, …) Cyber-Physical Attack Phishing Man in the middle attack Zero Day Exploit This Incident Response Template can identify helpful information such as Detection: Record how the attack was identified Reporting: Provide a list of POCs and contact information for the IT help desk to contact during an event Triage: List the activities that need to be performed during Incident Response. Typically, teams follow the PICERL model. (Preparation - Identification - Containment - Eradication - Recovery - Lessons Learned) Classification: Depending on the severity level of the event, identify additional actions that need to occur Communications: Identify how to notify local law enforcement, regulatory agencies, and insurance carriers during material cyber incidents. Additionally describe the process on how communications will be relayed to customers, employees, media, and state/local leaders. As you can see, there is much that would have to be done in response to a nation state aggression or regional conflict that would likely fall in your lap. If you didn't think about it before, you now have plenty of material to work with. Figure out your own unique requirements, do some tabletop exercises where you identify your most relevant Orange and Blue future conflict, and practice, practice, practice. We learned from COVID that companies that were well prepared with a disaster response plan rebranded as a pandemic response plan fared much better in the early weeks of the 2020 lockdown. I know my office transitioned to remote work for over sixty consecutive weeks without any serious IT issues because we had a written plan and had practiced it. Here's another one for you to add to your arsenal. Take the time and be prepared -- you'll be a hero "when the bubble goes up." (There -- you've learned an obscure term that nearly absent from a Google search but well-known in the Navy and the Marine Corps.) Okay, that's it for today's episode on Outrunning the Bear. Let's recap: Know yourself Know what foreign adversaries want Know what information, processes, or people you need to protect Know the goals of state actors:steal targeting data collect foreign intelligence covert action Know how to establish a good communications plan (PACE)Primary Alternate Contingency Emergency Know how to get out of Dodge Know where to find private and government threat intelligence Know your quick wins for protectionremediate vulnerabilities implement MFA everywhere run current antivirus enable strong spam filters restrict top level domains disable vulnerable or unused ports and protocols strengthen cloud security Know how to partition your business logically to isolate your IT environments in the event of a sudden requirement. Thanks again for listening to CISO Tradecraft. Please remember to like us on your favorite podcast provider and tell your peers about us. Don't forget to follow us on LinkedIn too -- you can find our regular stream of low-noise, high-value postings. This is your host G. Mark Hardy, and until next time, stay safe. References https://www.goodreads.com/quotes/17976-if-you-know-the-enemy-and-know-yourself-you-need https://en.wikipedia.org/wiki/There_are_known_knowns https://www.cia.gov/about/mission-vision/ https://www.cybersecurity-insiders.com/ukraines-accounting-software-firm-refuses-to-take-cyber-attack-blame/ https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ https://www.nationalisacs.org/member-isacs-3 https://attack.mitre.org/groups/ https://data.iana.org/TLD/tlds-alpha-by-domain.txt https://www.publicpower.org/system/files/documents/Public-Power-Cyber-Incident-Response-Playbook.pdf
In this episode of the digital marketing with Bill Hartzer podcast, Bill Hartzer talks about Google search console updates and issues, in person search conferences, the four stages of search which include crawling rendering indexing and ranking and how you verify each stage. he also talks about his upcoming research and review of various sectors including duda.co, Wix, Shopify, and word press. He also talked about a few domain name rooms in clubhouse and the hot topics of crawling indexing ranking based on TLDs.
Karn Jajoo, Sr. Manager, Business Dev. & Marketing from Radix (The Registry behind new domains such as .online, .store, .fun, .website, .tech, .host, .site, .space, .uno & .press) joins to chat about domain extensions and TLDs. Radix is a subsidiary business of Directi Group, a $300 million company based in Dubai and owner of various domain name registrars and web hosting businesses. Thanks for listening. Full show notes, transcriptions (available on request), audio and video at http://theAverageGuy.tv/hgg539 Join Jim Collison / @jcollison for show #539 of Home Gadget Geeks brought to you by the Average Guy Network. WANT TO SUBSCRIBE?
Karn Jajoo, Sr. Manager, Business Dev. & Marketing from Radix (The Registry behind new domains such as .online, .store, .fun, .website, .tech, .host, .site, .space, .uno & .press) joins to chat about domain extensions and TLDs. Radix is a subsidiary business of Directi Group, a $300 million company based in Dubai and owner of various domain name registrars and web hosting businesses. Thanks for listening. Full show notes, transcriptions (available on request), audio and video at http://theAverageGuy.tv/hgg539 Join Jim Collison / @jcollison for show #539 of Home Gadget Geeks brought to you by the Average Guy Network. WANT TO SUBSCRIBE?
Karn Jajoo, Sr. Manager, Business Dev. & Marketing from Radix (The Registry behind new domains such as .online, .store, .fun, .website, .tech, .host, .site, .space, .uno & .press) joins to chat about domain extensions and TLDs. Radix is a subsidiary business of Directi Group, a $300 million company based in Dubai and owner of various domain name registrars and web hosting businesses. Thanks for listening. Full show notes, transcriptions (available on request), audio and video at http://theAverageGuy.tv/hgg539 Join Jim Collison / @jcollison for show #539 of Home Gadget Geeks brought to you by the Average Guy Network. WANT TO SUBSCRIBE?
If you're just starting out online, one of the first things you'll need to do is choose a web host. This can be a daunting task, especially if you don't know what to look for. Avram discusses the different types of web hosting services and helps you decide which one is right for you. He also gives you some tips on how to choose a web host that meets your needs. So, whether you're looking for shared hosting, VPS hosting, cloud hosting, or something else entirely, Avram's got tips on how to make the best decision possible!Registering a Domain NameThe first step in setting up your web presence is to register a domain name. Your domain name is the address of your website on the Internet. It's what people will type into their browser to find your site. For example, Google's domain name is google.com. Domain names can be registered with any number of registrars, but we recommend that you use a registrar that also offers web hosting services. This way, you can register your domain name and set up your website all in one place.There are two parts to a domain name: the top-level domain (TLD) and the second-level domain (SLD). The TLD is the part of the domain name that comes after the dot. For example, in the domain name google.com, the TLD is .com. The SLD is the part of the domain name that comes before the dot. In google.com, the SLD is google. You can choose any TLD you want when you register your domain name, but some are more popular than others. The most popular TLDs are .com, .org, and .net.You can also register domains with country-specific TLDs such as .us, .UK, and .ca. These are known as ccTLDs (country code top-level domains). If you're targeting a specific country audience with your website, it can be helpful to use a ccTLD. However, ccTLDs are not required. You can register a .com domain name and use it for a website targeted at any country audience.Different Types of HostingShared HostingShared hosting is the most popular type of web hosting. This is because it's the most affordable option. With shared hosting, your website shares a server with other websites. This can be a great option if you're just starting out, as it's very budget-friendly. The downside of shared hosting is that your website may be affected by the traffic on other websites on the same server.WordPress HostingWordPress hosting is a type of web hosting that's specifically designed for WordPress websites. WordPress is a content management system (CMS) that allows you to create a website without having to code it yourself. WordPress hosting usually comes with pre-installed WordPress, which makes it easy to get started. It also often includes features such as increased security and performance, as well as customer support specifically for WordPress websites.VPS HostingVPS, or Virtual Private Server, hosting is a step up from shared hosting. With VPS hosting, your website is still sharing a server with other websites. However, you have your own virtual space on that server. This means that your website will not be affected by the traffic on other websites. VPS hosting is a great option if you're looking for more control over your website.Dedicated HostingDedicated hosting is the most expensive type of web hosting. With dedicated hosting, your website has its own server. This means that you have complete control over your website and it will not be affected by the traffic on other websites. Dedicated hosting is a great option if you have a high-traffic website or a website that requires special security.Cloud HostingCloud hosting is a newer type of web hosting. With cloud hosting, your website is hosted on a network of servers. This means that your website can be quickly and easily scaled to meet your needs. Cloud hosting is a great option for businesses that are growing quickly or have high traffic levels.How to Choose a Web HostNow that you know the different types of web hosts, how do you choose one? Here are some tips from Avram:Decide what type of web host you need based on the type of website you have. If you have a small personal website, shared hosting may be all you need. However, if you have a large website or one that gets a lot of traffic, you may need VPS or cloud hosting.Consider your budget. web hosting can range in price from $50 per year to $500 per year or more. Choose a web host that fits your budget and meets your needs.Read reviews of web hosts. There are many web hosting review websites where you can read about the experiences other people have had with different web hosts. This can be a great way to narrow down your choices and choose a web host that is right for you.
Digging into recent new TLD data and marketing efforts. New top level domains seem to have some wind in their sails after a decade on the market. Radix, for example, saw revenue grow 35% last year compared to 2020. Today, I chat with Radix's Senior Director of Channel Partnerships, Neha Naik. She talks about what's […] Post link: What's going on with new TLDs? – DNW Podcast #389 © DomainNameWire.com 2022. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.
GoDaddy Registry Podcast – Domain name industry opinions and insights for innovative, global brands
In this episode Brian King, Head of Government and Industry Affairs at Clarivate MarkMonitor speaks with Tony Kirsch, Head of Professional Services at GoDaddy Registry on a range of industry topics including the importance of the next round of TLD applications for brand owners. Brian also discusses the following: Lessons from assisting brands in the 2012 round of new TLDs Enhancements in security in the domain industry Innovations from new TLD owners Predictions on the next round of TLDs. Love our podcast? Subscribe, rate and leave us a review. To find out how partnering with GoDaddy Registry for your top-level domain can benefit your business, visit our website at www.registry.godaddy or email hello@registry.godaddy.
GoDaddy Registry Podcast – Domain name industry opinions and insights for innovative, global brands
JP Morgan Chase's Head of Brand Protection, Deborah Atta-Fynn speaks with Tony Kirsch, Head of Professional Services at GoDaddy Registry on managing a domain name portfolio and the IP challenges facing multinational organizations in the digital world. Also covered in this episode: Building trust with their customers Using .chase and .jpmorgan across the business Working to have their .brand TLDs accredited for use within China Applying for TLDs in the next round. Love our podcast? Subscribe, rate and leave us a review. To find out how partnering with GoDaddy Registry for your top-level domain can benefit your business, visit our website at www.registry.godaddy or email hello@registry.godaddy.
Welcome to the History of Computing Podcast, where we explore the history of information technology. Because by understanding the past, we're able to be prepared for the innovations of the future! Todays episode is on the history of the Domain Name System, or DNS for short. You know when you go to www.google.com. Imagine if you had to go to 172.217.4.196, or the IP address, instead. DNS is the service that resolves that name to that IP address. Let's start this story back in 1966. The Beatles released Yellow Submarine. The Rolling Stones were all over the radio with Paint It Black. Indira Ghandi was elected the Prime Minister of India. US Planes were bombing Hanoi smack dab in the middle of the Vietnam War. The US and USSR agreed not to fill space with nukes. The Beach Boys had just released Good Vibrations. I certainly feel the good vibrations when I think that quietly, when no one was watching, the US created ARPANET, or the Advanced Research Projects Agency Network. ARPANET would evolve into the Internet as we know it today. As with many great innovations in technology, it took awhile to catch on. Late into the 1980s there were just over 300 computers on the Internet, most doing research. Sure, there were 254 to the 4th addresses that were just waiting to be used, but the idea of keeping the address of all 300 computers you wanted to talk to seemed cumbersome and it was slow to take hold. To get an address in the 70s you needed to contact Jon Postel at USC to get put on what was called the Assigned Numbers List. You could call or mail them. Stanford Research Institute (now called SRI) had a file they hosted called hosts.txt. This file mapped the name of one of these hosts on the network to a IP address, making a table of computer names and then IP addresses those matched with, or a table of hosts. Many computers still maintain this file. Elizabeth Feinler maintained this directory of systems. She would go on to lead and operate the Network Information Center, or NIC for short, for ARPANET and see the evolution to the Defense Data Network, or DDN for short and later the Internet. She wrote what was then called the Resource Handbook. By 1982, Ken Harrenstien and Vic White on Feinler's group at Stanford created a service called Whois, defined in RFC 812, which was an online directory. You can still use the whois command on Windows, Mac and Linux computers today. But by 1982 it was clear that the host table was getter's slower and harder to maintain as more systems were coming online. This meant more people to do that maintenance. But Postel from USC then started reviewing proposals for maintaining this thing, a task he handed off to Paul Mockapetris. That's when Mockapetris did something that he wasn't asked to do and created DNS. Mockapetris had been working on some ideas for filesystems at the time and jumped at the chance to apply those ideas to something different. So Jon Postel and Zaw-Sing Su helped him complete his thoughts which were published by the Internet Engineering Task Force, or IETF, in in RFC 882 for the concepts and facilities and RFC 883 for the implementation and specification in November 1983. You can google those and read them today. And most of it is still used. Here, he introduced the concept that a NAME of a TYPE points to an address, or RDATA and lives for a specified amount of time, or TTL short for Time To Live. He also mapped IP addresses to names in the specifications, creating PTR records. All names had a TLD or Top Level Domain name of ARPANET. Designing a protocol isn't the same thing as implementing a protocol. In 1984, four students from the University of California Berkeley wrote the first version of BIND, short for Berkeley Internet Name Domain, for BSD 4.3. Douglas Terry, Mark Painter, David Riggle, and Songnian Zhou using funds from a DARPA grant. In 1988 Paul Vixie from Digital Equipment Corporation then gave it a little update and maintained it until he founded the Internet Systems Consortium to take it over. BIND is still the primary distribution of DNS, although there are other distributions now. For example, Microsoft added DNS in 1995 with the release of NT 3.51. But back to the 80s real quick. In 1985, came the introduction of .mil, .gov, .edu, .org, .com TLDs. Remember John Postel from USC? He and Joyce K Reynolds started an organization called IANA to assign numbers for use on the Internet. DNS Servers are hierarchical, and so there's a set of root DNS servers, with a root zone controlled by the US Dept of Commerce. 10 of the 13 original servers were operated in the US and 3 outside, each assigned a letter of A through M. You can still ping a.root-servers.net. These host the root zone database from IANA and handle the hierarchy of the TLD they're authoritative for with additional servers hosted for .gov, .com, etc. There are now over 1,000 TLDs! And remember how USC was handling the addressing (which became IANA) and Stanford was handling the names? Well Feinler's group turned over naming to Network Solutions in 1991 and they handled it until 1998 when Postel died and ICANN was formed. ICANN or the Internet Corporation for Assigned Names and Numbers, merged the responsibilities under one umbrella. Each region of the world is allowed to manage their own IP addresses, and so ARIN was formed in 1998 to manage the distribution of IP addresses in America. The collaboration between Feinler and Postel fostered the innovations that would follow. They also didn't try to take everything on. Postel instigated TCP/IP and DNS. Postel co-wrote many of the RFCs that define the Internet and DNS to this day. And Feinler's showed great leadership in administering how much of that was implemented. One can only aspire to find such a collaboration in life and to do so with results like the Internet, worth tens of trillions of dollars, but more importantly has reshaped the world, disrupted practically every industry and touched the lives of nearly every human on earth. Thank you for joining us for this episode of the History Of Computing Podcast. We hope you had an easy time finding thehistoryofcomputing.libsyn.com thanks to the hard work of all those who came before us.