|4||CWCS Managed Hosting||Linux||0:00:00||0.000||0.250||0.068||0.134||0.134|
|5||Hyve Managed Hosting||Linux||0:00:00||0.000||0.143||0.073||0.148||0.148|
In August 2021, Choopa had the most reliable hosting company site: it responded to all of Netcraft’s requests, with an average connection time of 3ms. Choopa has appeared in the top 10 table five times in 2021 so far, also coming top in February and April of this year. Customers can choose from a range of cloud and managed solutions as well as register domain names.
Aruba, Bigstep and CWCS Managed Hosting appear in second, third and fourth places. Aruba came close to Choopa in average connection time, averaging 5ms. Bigstep and CWCS Managed Hosting were both slower, averaging 62ms and 68ms.
Aruba provides hosting, cloud and digital signature services, fiber optic internet, digital preservation, and much more, with data centers across Europe in the UK, Germany, Czechia, Poland, Italy and France.
Bigstep’s bare metal cloud hosting provides the flexibility of cloud hosting without the associated overhead and performance reductions of virtualization. The bare metal offerings are available in data centres in the UK and Romania.
CWCS provides dedicated servers along with cloud services, as well as a variety of other solutions. CWCS has data centres across the UK, as well as North America.
All of the top 10 hosting company sites used Linux in August, making Linux clearly dominant in the top 10 throughout this year.
The US and others may have withdrawn from Afghanistan, but many Afghan Government websites and email addresses under the .gov.af top-level domain are still very much dependent on services hosted outside of the country – mostly in the US.
By taking control of Afghanistan, the Taliban has inherited these government domains and now shares web hosting and mail servers with several other governments around the world, including the UK Government. In many cases, emails sent to .gov.af domains will be routed through US-hosted servers, presenting intelligence opportunities if the new Taliban government were to continue using them.
Over the past few weeks, the Taliban have taken control of substantially the whole of Afghanistan, with just Kabul Airport and the Panjshir Valley presently controlled by the US Military and the National Resistance Front of Afghanistan respectively.
Yet the situation with Afghanistan’s internet infrastructure is quite different to what anyone following the mainstream media might reasonably expect, as Afghanistan’s key internet resources – domains, IP addresses, routing and government communications – are controlled by a diverse set of entities subject to Western jurisdictions.
Who is in control of the
.af’s DNS is run using Anycast DNS
from Packet Clearing House, a San Francisco based
not-for-profit organisation, and Gransy, a Czech
registrar and registry services provider. Packet Clearing House provides free
Anycast DNS services to
“developing-country ccTLD registries”, and Gransy provides free Anycast DNS
services to ccTLDs with fewer than
10,000 domains –
.af has around 6K domains and is well within Gransy’s
criteria for a free service.
Posted by James Williams in Around the Net
In the August 2021 survey we received responses from 1,211,444,849 sites across 263,733,974 unique domains and 11,327,711 web-facing computers. This reflects a loss of 4.99 million sites, but a gain of 1.64 million domains and 67,600 computers.
The number of unique domains powered by the nginx web server grew by more than a million this month, while Apache's count fell by 916,000. This has extended nginx's lead in the domains metric, giving it a 29.8% share compared with Apache's 25.5%.
OpenResty gained 234,000 domains, but its market share remained static at 14.5%, while Cloudflare gained 726,000 domains and increased its market share to 7.72%.
The number of web-facing computers using nginx has continued to increase, this month by 49,000 (+1.18%). There are now 4.19 million web-facing computers running nginx, compared with 3.52 million that run Apache. Microsoft follows in third place with 1.38 million computers.
The web-facing computers metric has painted a remarkably stable trend over the past several years, as is evident in the graph below, with both Microsoft and Apache steadily falling while nginx has progressively climbed to first overtake Microsoft in 2017, and then Apache during 2020. There has also been a rise in "Other" web servers, which includes several nginx-based spinoffs such as OpenResty and Tengine.
Websites in Afghanistan
The Taliban offensive in Afghanistan has obvious potential to upset the country's internet infrastructure, but the extent of any changes may be limited. Afghanistan has had a relatively small presence on the web throughout the past 20 years, and many of its sites were already hosted outside of the country and used generic top-level domains to avoid interference from the Taliban.
This month's survey found only 8,031 websites hosted in Afghanistan, and 23,205 sites that use Afghanistan's .af country-code top-level domain (ccTLD). More than two-thirds of the latter are hosted in the US, and more than 2,000 are hosted in Germany – although any site that relies on a .af domain would still be vulnerable to interruption by the country's new government, should it desire.
Nearly 1,000 of the .af sites are Afghan Government websites that fall under the .gov.af second-level domain – such as president.gov.af and kabul.gov.af – but surprisingly, less than half of these are hosted in Afghanistan, with the rest being hosted in the US, Germany, Singapore, France, Canada, UK, Netherlands, Ireland and India.
Even more surprisingly, dozens of the .gov.af sites hosted in the US and Germany are used to host webmail services, potentially putting Afghan Government communications in easy reach of external intelligence agencies.
Other vendor and hosting news
- Microsoft has announced the general availability of Azure Government Top Secret. The new air-gapped Azure regions are intended to handle national security workloads at the US Top Secret level.
- Microsoft also announced its new Azure Healthcare APIs, which provide pipelines to manage protected health information data at scale.
- Statistics collected by Azure DDoS Protection showed a shift towards attacks against web applications in the first half of 2021.
- Apache Tomcat 10.0.10 was released on 5 August, followed by Tomcat 10.1.0-M4 (alpha) and Tomcat 9.0.52 on 6 August, and Tomcat 8.5.70 on 16 August. All four of these releases correct the regression of an HTTP/2 flow control bug in their previous versions.
- OpenResty 126.96.36.199 was released on 6 August. This version of the web platform based on nginx and LuaJIT now uses nginx 1.19.9 (a mainline release from 30 March) as its core, and also includes some LuaJIT fixes.
|Developer||July 2021||Percent||August 2021||Percent||Change|
Posted in Web Server Survey
FluBot has built up a community of compromised Android phones in the UK since April and in the past 24 hours has commenced monetising them by sending overlays for British Banks.
FluBot first appeared in 2020, targeting mainly Spanish banks, but recently it has spread its reach, with Australian, German and Polish banks all affected within the last few weeks. UK banks are now firmly in its sights, with HSBC and Santander the first to be affected, and Lloyds and Halifax following shortly after.
The coronavirus pandemic resulted in the closure of many bricks and mortar retail stores, forcing UK consumers to adopt online shopping more than ever before. This trend has largely continued in spite of many stores since reopening, as millions of consumers have become accustomed to the practical benefits of online shopping.
Along with this increased volume of online shopping came a new trend of phishing attacks where cybercriminals impersonate parcel delivery companies in an attempt to steal financial details from their victims. Royal Mail and Hermes were popular targets for these types of attack, but most new attacks now impersonate the Post Office.
These attacks are typically disseminated via text message, informing the victim that they have missed a delivery. Sometimes the messages say up front that the recipient must rebook the delivery by paying a small surcharge. The relatively small surcharge is often sufficient to trick victims into believing the phishing site is legitimate, or at least that any risk is minimal, allowing the phisher to obtain the victim’s details and potentially steal a much larger amount.
As most of the attacks are orchestrated via text message, the phishing sites are usually hosted with purpose-bought domain names that include the targeted company’s name in an attempt to be convincing. Some examples include:
Some messages instead use generic URL shorteners to take victims to the phishing sites, but this would not necessarily be viewed as suspicious by all recipients, as the use of URL shorteners is commonplace even in legitimate text messages.
Most of the phishing kits used in these attacks also attempt to evade detection by blocking unwanted clients such as bots and anti-phishing organisations, but Netcraft successfully circumvents these checks.
After impersonating the delivery company, some of these phishing attacks proceed to also impersonate one of several UK banks. This gives the criminal an opportunity to steal additional credentials that are specific to each bank, such as online banking security codes and other tokens that would likely be used to gain unauthorised access to the victim’s bank account.
Some attacks - particularly those that do not use the phishing site to directly impersonate the victim’s bank - are followed up by a phone call from the cybercriminal, who will use the information stolen by the phishing site to convince the victim that it is a genuine call from their bank regarding the payment they just made. This provides a more interactive opportunity for the criminal to obtain the information required to gain access to the victim’s bank account, including time-sensitive OTP codes.
Posted by Paul Mutton in Security
Your link here? Advertising on the Netcraft Blog