Support Services:service@dn.com
2025 Dn.com All Rights Reserved
GoDaddy was ordered to strengthen security measures
Industry Information
28 Jan 2025 01:33:34 PM
Abstract:
Recently, web hosting giant GoDaddy was ordered by the US Federal Trade Commission (FTC) to rectify security vulnerabilities and strengthen security measures.
Recently, web hosting giant GoDaddy was ordered by the US Federal Trade Commission (FTC) to rectify security vulnerabilities and strengthen security measures.
The FTC pointed out that since 2018, GoDaddy has failed to implement reasonable and appropriate security measures to protect and monitor its website hosting environment. The company has many problems, such as not properly managing assets and software updates, not assessing the risks of shared hosting services, not adequately recording and monitoring security-related events, and not isolating shared hosting from unsafe environments.
Its loose patch system is implemented by each product team independently and lacks centralized management, resulting in serious vulnerabilities in a large number of boxes in the shared hosting environment, allowing hackers to steal user credentials and credit card information within months.
In addition, its customized Internet-facing API has security risks, is open to the Internet and unprotected, uses plaintext credentials and has no multi-factor authentication, which also gives hackers an opportunity to take advantage. Between 2019 and 2022, these security flaws caused multiple security vulnerabilities, and hackers gained unauthorized access to customer websites and data.
Although GoDaddy claims on its website, social media and emails that it has deployed reasonable security measures and complies with the relevant Privacy Shield framework, the FTC believes this is misleading.
However, in the settlement agreement, GoDaddy neither admitted nor denied wrongdoing, and no fines were attached. But it agreed to establish a comprehensive information security program, including creating a centralized inventory and management system for hardware, software and firmware, using automated tools to analyze events in real time and retain system audit logs, and launching multi-factor authentication methods for employees. It is also necessary to hire an independent third party to review its security plan every two years and no longer make false statements about security measures.
The FTC emphasized that many companies rely on web hosts like GoDaddy to ensure the security of their websites, and this action is intended to encourage them to strengthen their security systems and protect consumers around the world. GoDaddy said it has implemented some of the requirements and plans to continue investing in defensive measures to ensure the security of customers, websites and data.
Information source: domainincite
Latest NewsRead more>
17 Mar 2025 03:01:18 PMIndustry Information
The world's first .com domain name symbolics.com celebrates its 40th birthday!
On March 15, 2024, the world’s first registered .com domain name, symbolics.com, celebrated its 40th birthday. The domain name was registered on March 15, 1985, marking the official start of the commercial Internet era.
14 Mar 2025 01:35:19 PMIndustry Information
Xai.com domain name redirected to X.ai official website attracts attention
The dynamic of the domain name Xai.com jumping to the official website of X.ai has attracted widespread attention. The domain name was sold for $18,975 as early as 2009 and has long been pointing to a fixed login page.
14 Mar 2025 09:52:58 AMIndustry Information
ICANN will remove the 60-day domain transfer lock
At ICANN's 82nd meeting in Seattle this week, ICANN voted to remove the controversial 60-day transfer lock policy. The decision is a major change to the 20-year-old domain name registration policy.
13 Mar 2025 03:03:35 PMIndustry Information
Rocket spends $1.75 billion to acquire Redfin, and a storm of real estate domain names is coming
Recently, Rocket successfully acquired the famous American real estate website Redfin for $1.75 billion. This move not only changed the industry landscape.
The big boss who once acquired chat.com for $15.5 million has made another move! He spent $150,000 to acquire os.ai
Yesterday, the famous domain name investor Dharmesh announced that he had successfully acquired os.ai for US$150,000. This move once again aroused widespread attention in the industry to high-quality domain name transactions.
Industry Information 13 Mar 2025 03:03:28 PM
GX.com sold for $1.2 million, setting a new record for the value of two-letter .com domain names
Recently, the two-letter domain name GX.com was successfully traded for a high price of US$1.2 million, further consolidating the scarcity and high value of two-letter .com domain names in the domain name market.
Industry Information 13 Mar 2025 03:03:31 PM
ICANN plans to phase out .su domain name in 2030
ICANN announced that it will stop using the Soviet-era .su country code top-level domain (ccTLD) in 2030. The domain has been in use since 1990 and currently has about 100,000 registered domain names.
Industry Information 12 Mar 2025 02:37:04 PM
ICANN Board Geographic Restrictions Take Effect, North American Candidates Denied Nomination
At ICANN 82, the ICANN Nominating Committee (NomCom) confirmed that applications from candidates in the North American region had been politely rejected due to geographic restrictions.
Industry Information 11 Mar 2025 04:15:21 PM
Double.com successfully sold for $980,000
Recently, Mark Ghoriafi once again facilitated an important domain name transaction - successfully selling Double.com for a high price of US$980,000.
Industry Information 11 Mar 2025 10:24:45 AM
The attempt to register the MIT.school domain name failed, and the "pseudo-protection" behavior was rejected
In the field of domain name investment and use, the UDRP case involving the MIT.school domain name is a typical example with great warning significance.
Industry Information 10 Mar 2025 03:22:33 PM