Register your domain name before someone else does. Visit Moscom.com

An interesting blog from GoDaddy (Moscom.com Partner). This article applies to everyone who conduct their business online and even for your personal website e.g. blog or photos. Politicians and celebrities are making headlines for domain names they DIDN’T register — opening the door for others to launch websites attached to domains with their famous names. How can you avoid making the same mistake with your online presence?
  1. You don’t have to register every domain name, but target the right names to reduce risk and increase visibility.
  2. Buy the 10 most obvious domains.
  3. Register names well ahead of a big announcement.
  4. Forward domains to relevant website and social media pages.
  5. Register domain names with a variety of relevant domain extensions (like .republican or .democrat).
  6. Check out the infographic below to learn more about how you can protect your brand online.
Register at Moscom.com

Source: KING.NET


Security Bug in ICANN Portals

The Internet Corporation for Assigned Names and Numbers (ICANN) announced on Thursday the completion of the first phase of its investigation into the impact of a vulnerability affecting two of the organization’s generic top-level domain (gTLD) portals.
On February 27, ICANN shut down the New gTLD Applicant and GDD (Global Domains Division) portals after learning of a security flaw that exposed user records. The affected websites are only accessible to applicants and registry operators, and they are used in the evaluation and contracting processes.
In early March, shortly after restoring access to the affected portals, ICANN noted that it hadn’t found any evidence of unauthorized access. However, after reviewing logs dating back to April 2013, when the New gTLD Applicant portal was activated, and March 2014, when the GDD portal was activated, the two consulting firms called in by ICANN to investigate the incident determined that some users had in fact accessed records that didn’t belong to them.
“Based on the investigation to date, the unauthorized access resulted from advanced searches conducted using the login credentials of 19 users, which exposed 330 advanced search result records, pertaining to 96 applicants and 21 registry operators. These records may have included attachment(s). These advanced searches occurred during 36 user sessions out of a total of nearly 595,000 user sessions since April 2013,” ICANN said.
Source: KING.NET

WordPress version 4.2 still unsafe.

Most popular WordPress versions are currently affected.

A stored cross-site scripting (XSS) vulnerability available in the recently released WordPress 4.2 and earlier versions can be exploited by an unauthenticated party to run arbitrary code on the server; the security glitch is currently unpatched and proof-of-concept code is publicly available.

An attacker taking advantage of the flaw could take control of the targeted website by creating new admin accounts. Aside from the current WordPress versions, build 4.1.2, 4.1.1 and 3.9.3 are also affected. Comment text truncation issue still not fully fixed.

Discovered by Jouko Pynnönen, from vulnerability research firm Klikki Oy in Finland, the flaw is similar to the one patched in WordPress 4.1.2, after having been disclosed to the developer by researcher Cedric Van Bockhaven about 14 months ago, on February 23, 2014.

Bockhaven’s approach consisted in introducing a character in the message that truncates the text at a specific point, turning it into a script that executes malicious code on the server upon a certain action, such as “mouseover.”

Pynnönen’s method differs only in the way truncation of the text is achieved, which occurs when the comment is stored in the website’s database.

Comments that are larger than 64kb are truncated via MySQL. One way to reach the limit is to paste random characters after the malicious part has been included.

Truncating the messages results in malformed HTML code being generated on the page, which can be leveraged by an attacker to add any attributes in the supported HTML tags and submit malicious JavaScript that delivers a payload.

continue reading at Softpedia.com

Our hosting provider Moscom.com is already applying the latest update to our core content management system. If you haven't done so, check with your hosting provider regarding this vulnerability and ask how they handling to secure (patch) your website.

Source: KING.NET

Is your site mobile-friendly?

Starting April 21, Google Search will be expanding its use of mobile-friendliness as a ranking signal. Double-check your website are ready for this change by testing pages of your site with the Mobile-Friendly Test tool

 After you analyze your website you will see a similar result as show here. 
  KING.NET mobile friendly test result 

GoDaddy Outage (April 13, 2015)

Our company KING.NET and other million websites goes down for one hour today around 3pm EST because the hosting provider ... drumming ... GoDaddy is completely shut-down. This is not the first time GoDaddy had experienced an outages, read it at Mashable GoDaddy Gone for details. 

It's unfortunate that some companies used GoDaddy for web hosting and email services too. In that case, their customers can't communicate with them using email, that's where Twitter really help out. They able to tweet the outage and inform their clients.

KING.NET is using Google Apps for email, so our outage is for our network of web properties e.g. Retune.com Domain Aftermarket, Moscom.com Managed Online Services, DCweb.com, ManassasPark.com, and other hundreds of sites. We moved to GoDaddy managed wordpress service last week for cost, speed and security. We got it all plus an outage. :)

If you're one of the GoDaddy customers, will you consider moving out of their hosting service? It is worth your time to transfer to another hosting service providers? It will be stable? No assurance of course but maybe less downtime.

For QUE.COM Game Studio, I decided to use WordPress.com and Amazon S3 to host our website for games announcement, news/update and downloads to minimize risk of web downtime. See the figure below, as of April 13, 2015 QUE.COM with WordPress.com zero downtime while KING.NET with GoDaddy 5 outages of 30 minutes.

Read QUE.COM after moving to Wordpress article here. QUE.COM.uptimeRight now, an hour outage is not bad for us maybe for other companies. Though if this happen again, it's time to reconsider moving. A short list of alternative hosting providers are:
  • Cloudways
  • Digital Ocean
  • RackSpace
  • Bluehost
  • AWS Amazon
  • Google
  • Linode
  • etc.
Got any hosting service provider in mind? Please let us know.

Alternative Domain Name Extension ex. .GURU .BUZZ .PHOTOGRAPHY and many more.

Did you know that 1000+ new domain names extension are now available to register at a very affordable cost? I actually stop calling it as domain name, it is more applicable to call it as domain string because the extension doesn't stop at .com .net or .org. You can register a new domain string like .social .ninja .website .rocks .guru .zone .buzz  .technology .photography and many more. It is a domain name personalized for your business or even for your hobbies. I recently registered Robot.Guru (disclaimer I'm still an amateur in robotics) for my hobby and to change a long domain name URL address for a short and memorable domain name is price less.

Just like the old domain name extension, you can use the new TLDs for your website and Facebook, Instagram, Google+ or Twitter page. You now have your own digital identity.
email. You can use it to redirect to your existing website. For marketing, simply redirect it to your company new products and services. For personal, you can use it to redirect to your

For entrepreneurs and small businesses, you don't have to spend a lot of money to acquire a "keyword" domain name for your products or services. You now have a lot of options to build your own brand name, register a domain name today.

If you missed reading How to choose a killer domain name read it here.
Did you know the .com is now 30 years old (March 15, 1985)? CNN wrote an article "30 Years of .com" I recommend reading the article. Will the .com still a thing 10, 20, 50 years? Maybe not.

Have you registered any of these extensions (domain string) and use it as your primary personal or business URL address? Please post it here so other entrepreneurs and small business owners can see it.

Article published by KING.NET and QUE.COM

GoDaddy's layered verification protections defeated by a phone call and four hours in Photoshop

GoDaddy's layered verification protections defeated by a phone call and four hours in Photoshop. I have some domain names, over hundreds of them in my GoDaddy account. Reading this article from csoonline.com by Steve Ragan is amusing, lack of a better word and not a harmful message.

"On Tuesday, my personal account at GoDaddy was compromised. I knew it was coming, but considering the layered account protections used by the world's largest domain registrar, I didn't think my attacker would be successful.

I was wrong. He was able to gain control over my account within days, and all he needed to do was speak to customer support and submit a Photoshopped ID.

GoDaddy serves more than 13 million customers, who in turn place 59 million domains under the registrar's management. They have thousands of employees working across the globe who help staff the support and operations teams twenty-four hours a day."

I can summarize the article for you but it is really nice read, so head out to csoonline.com to read the three web page article.

Google Leaks Whois Data

If you are using Google Apps, registered your domain name through Google and using WHOIS Privacy, continue reading. You're information might be open.

"Private information belonging to 282,867 domains registered through the Google Apps system became publicly available, exposing it to risks ranging from spam to identity theft.

Google Apps offers business organizations the possibility to purchase domain names from one of Google’s partners, benefits consisting in easy setup and management of the associated services.

Only records of renewed domains have been leaked. The domains have been registered through registrar eNom and security researchers said on Thursday that the number of records leaked represented about 94% from a total of 305,925."

Continue reading: http://news.softpedia.com/news/Google-Leaks-Whois-Data-for-Over-282-000-Protected-Domains-475710.shtml

According to NeedName.com, ID Protect is a tool to shield your information against phishing attack, domain identity theft, spammers and scammers. QUE.COM.20150316.Google-Leaks-Whois-Data-for-Over-282-000-Protected-Domains-2

Having your own Killer Domain Name.

When starting a business you need a matching domain name for your online presence. You want it unique and special, you want it short and memorable. Here a few tips from Entrepreneur website. Choosing a domain name is one of the most important decisions you will make for your business. Your domain name characterizes your business, labels your business, and will stick with your business for a long time. In most cases, you should choose a domain name at the same time you choose your business name. When your domain name matches your business name, you have a far better chance of being remembered while at the same time keeping your branding cohesive and unified.

Make it memorable.

The brain has remarkable powers of memory, but the domain you choose should cater to these powers.
  • Unique. The best domain names are not an ordinary combination of words or phrases. They stand out in the memory because they are unusual.
  • Visual. The more areas of the brain affected, the more memorable something is. If your domain name suggests something that can be seen or touched, this enhances its memorability.
  • Catchy. The easier it is to say, read, and repeat, the easier it is to remember.
  • Ordered. The brain likes things to be organized. Memorization is basically the process of organization. The better a domain name is organized, the more memorable it will be. For example, “SellYourPhone.com” has order. But “PhoneYourSell.com” doesn’t make any sense.
continue reading here. The Domains.Guru website provides a video explaining what is a domain names and available extensions that you can use for personal or business. Visit NeedName.com to register your domain name.

View original content at QUE.COM Interactive.


Ground Survival 3D Game by QUE.COM Game Studio

The Ground Survival 3D Game is a First Person Shooter 3D Game. Your mission is to eliminate all threats and to stay alive. The soldiers will patrol and wander within the security perimeter. They will engage once they found you. Have fun!

A new update for FPS Ground Survival 3D Game, it is now available in Apple Store.

Here's how to play the game.
Go to http://que.com/survival/ web page, download the plugin to load the game.
Use WASD keys to move and your mouse to aim/shoot your enemy. Enjoy and stay alive.

Official Website: http://que.com/survival/
For iPhone/iPad. Download it here: https://itunes.apple.com/us/app/id963624583
For Android. Download it here: still in development ...

Play Online click here –> Ground Survival 3D Game


Hit the "Pause" Button... Before You Share Online

Very interesting post from USA.Gov. Please read and share this post to your family and friends.

Many of us share information on the Internet almost daily, so it's good to remember to share with care. The next time you are about to share information, photos or videos online, consider the possible consequences, especially if your content includes other people.

Before you click "send" and post online, remember:
What you post could have a bigger audience than you think.
Once you post information online, you can't take it back even if you delete it.
Get someone's approval before you share photos or videos they're in.

Source: Hardworking.com

First Person Sniper 3D Game

First Person Sniper 3D Game is now available to play online.

Here’s how to play the online game.
Go to the website visit https://que.com/sniper/ download the plugin to load the game.
Use your mouse to aim/shoot your enemy. Enjoy and stay alive.

For mobile version (iOS/Android) is coming soon.

Ground Survival 3D Game

A new update for FPS Ground Survival 3D Game to add some improvements.
Here's how to play the game.
Go to the website http://que.com/survival/ download the plugin to load the game.
Use WASD keys to move and your mouse to look/shoot your enemy.
Enjoy and stay alive.
Mobile phone support for iOS/Android still in development. Subscribe to keep you posted. 

CSRF Flaw Allowed Attackers to Hijack GoDaddy Domains

Internet domain registrar GoDaddy has rushed to fix a cross-site request forgery (CSRF) vulnerability that could have been leveraged by malicious actors to take over domains.

The flaw was identified on January 17 by New York-based security engineer Dylan Saccomanni while managing a domain. The expert realized that the company had not implemented any CSRF protections for many DNS management actions.

According to the researcher, an attacker could have exploited the vulnerability to edit nameservers, edit the zone file, and modify automatic renewal settings. 

Saccomanni has published proof-of-concept code for editing nameservers, disabling the auto-renew feature, and editing DNS records.

Continue reading at http://www.securityweek.com/csrf-flaw-allowed-attackers-hijack-godaddy-domains

More at KING.NET