Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Google URLs. Show all posts

Google Introduces .ing Web Domains at a Hefty Cost

 

Google has announced that the.ing web domain is now available for users who want to spice up their URL.

There are numerous approaches to creating a good website. Quality design, engaging content, and responsive customer service are all important factors to consider when developing the online presence. 

However, your chosen web domain may have an impact, and Google has just made things a little more intriguing for those looking to make an effective first impression. 

“There's a new domain launching today that lets you build your website in a single word: .ing. This top-level domain is ready for whatever you're interested in, whether it’s mak.ing a fun website, giv.ing to a good cause, design.ing something beautiful, or edit.ing an existing document,” Google announced in a blogpost. 

Users were able to use .ing web domains for website building purposes from October 31st; however, early access to an URL will require payment of an additional fee. 

On the other hand, public access will be made available on December 5th, allowing anyone to start developing a website for the standard base price.

Who is making use of the new web domain? 

Some businesses were willing to pay the extra fee to get their.ing web domain up and running as soon as possible. Here are a few websites with the new URL that you can visit right now: 

Canvas - The popular web design platform has purchased the web domains design.ing and draw.ing for their respective tools.

Adobe Acrobat - This platform makes it simple to edit and sign PDFs, especially with the new, easy-to-access web domains. 

Giving Tuesday - Hopefully you guessed this one, with the popular charity organisation snagging the domain giv.ing for its website.

If you want to join the ranks of these.ing businesses, you should have a sizable budget because these new.ing web domains are not cheap. The Verge investigated and discovered that URLs featuring common words such as buy.ing can cost up to $129,999.99 per year to register.

Google Completes Mobile-First Indexing After 7 Years


Google has finally announced that it has completed its mobile-first indexing initiative, which means that it will use the mobile version of websites for indexing and ranking purposes. This is a major change that affects how Google crawls, indexes, and ranks web pages, and it has implications for webmasters, SEOs, and users alike. In this blog post, we will explain what mobile-first indexing is, why it matters, and how you can optimize your website for it.

What is Mobile-First Indexing?

Mobile-first indexing is a process that Google uses to determine which version of a website to use for indexing and ranking. It means that Google will use the mobile version of a website as the primary source of information, and the desktop version as a fallback option. This differs from the previous approach, where Google used the desktop version as the primary source of information, and the mobile version as a secondary option.

Google started experimenting with mobile-first indexing in November 2016 and gradually rolled it out to more and more websites over the years. On October 31, 2023, Google announced that it had completed the switch to mobile-first indexing for all websites and that it would stop using its legacy desktop crawler and remove the indexing crawler information from Google Search Console.

Why Does Mobile-First Indexing Matter?

Mobile-first indexing matters because it reflects the growing importance of mobile devices and user experience. According to Google, more than half of the global web traffic comes from mobile devices, and users expect fast and easy access to information on any device. Therefore, Google wants to ensure that its search results are relevant and useful for mobile users and that its ranking algorithm is aligned with the mobile web.

Mobile-first indexing also matters because it affects how webmasters and SEOs optimize their websites for Google. If a website has different versions for desktop and mobile, or if the mobile version is not optimized for speed, usability, and content, it may suffer from lower rankings and traffic. Therefore, webmasters and SEOs need to make sure that their websites are mobile-friendly and consistent across devices.

How to Optimize Your Website for Mobile-First Indexing?

To optimize your website for mobile-first indexing, you need to follow some best practices that Google recommends. Here are some of them:

  • Use responsive web design, which adapts to the screen size and orientation of the device. This way, you can have one website that works well on both desktop and mobile and avoid having duplicate or conflicting content.
  • Ensure that your mobile version has the same content and functionality as your desktop version and that it is not missing any important information or features. For example, do not hide or remove text, images, videos, or links on mobile, and do not use different URLs or redirects for mobile and desktop.
  • Optimize your mobile version for speed, usability, and accessibility. For example, use compressed images, minified code, and lazy loading techniques to reduce the loading time, use clear and legible fonts, buttons, and menus to improve readability and navigation, and use descriptive and concise titles, headings, and meta tags to enhance the visibility and relevance.
  • Test and monitor your mobile version using Google's tools and resources. For example, use the Mobile-Friendly Test, PageSpeed Insights, and the Lighthouse tools to check the performance and quality of your mobile version, and use the Google Search Console and Google Analytics to track the indexing and traffic of your mobile version. 

What's next for Google?

Mobile-first indexing is a significant milestone for Google and the web industry, as it shows the shift from desktop to mobile as the primary platform for web browsing and searching. It also presents new challenges and opportunities for webmasters and SEOs, who need to adapt their websites to the mobile web and provide the best possible experience for their users. By following the best practices and using the tools that Google provides, you can optimize your website for mobile-first indexing and benefit from the mobile web.

Spyware Infests the Microsoft Store with Classic Game Pirates

 



Electron Bot, a malware which infiltrated Microsoft's Official Store via clones of popular games like Subway Surfer and Temple Run, infected approximately 5,000 machines in Sweden, Israel, Spain, and Bermuda. 

Check Point discovered and studied the malware, which is a backdoor to give attackers unlimited control over infected PCs, allowing for remote command processing and real-time interactions. The threat actors' purpose is social media promotion and fraud, which is done by gaining control of social media profiles where Electron Bot allows for new account registration, commenting, and liking. 

An initial Electron Bot variant was uploaded to the Microsoft Store as "Album by Google Photos," published by a faked Google LLC business, and the operation was identified at the end of 2018. The malware, which is named after the Electron programming language, can mimic natural browsing behavior and perform acts as if it were a real website visitor. It accomplishes this by opening a new hidden browser window with the Electron framework's Chromium engine, setting the relevant HTTP headers, rendering the requested HTML page, and lastly performing mouse actions.

Threat actors develop rogue websites and employ search engine optimization strategies to push them to the top of the search results in an SEO poisoning campaign. SEO poisoning is also offered as a service to increase other websites' ranks, in addition to boosting bad sites' SEO rankings. The infection chain starts when the user downloads one of the infected apps from the Microsoft Store, which is otherwise a reliable source of software. When the application is launched, a JavaScript dropper is dynamically loaded in the side to fetch and install the Electron Bot payload. 

The malware links to the C2 (Electron Bot[.]s3[.]eu-central-1[.]amazonaws. com or 11k[.]online), acquires its configuration, and implements any commands in the pipeline at the next system startup. The JS files dumped on the machine's RAM are relatively short and appear to be benign because the major scripts are loaded flexibly at run time. 

Fraud, fleece wear, and financial trojans abound in official app shops. The Xenomorph banking malware was recently found by ThreatFabric, and the most humorous has to be Vultur, a trojan hidden inside a fully functional two-factor authentication (2FA) app which recently infected 10,000 people who downloaded it from Google Play. 

The successful entry of Electron Bot into Microsoft's official app store is only the most recent example of how consumers throw precaution into the breeze whenever a user views a bright new toy on the apps.

Cybercriminals Are Using Google URLs as a Weapon to Spread Malware

 

Security researchers at Microsoft warned the organizations of a new phishing campaign, they have been tracking activity where contact forms published on websites are exploited to send malicious links to organizations via emails containing fake legal threats. The emails direct recipients to click on a link to review supposed evidence behind their allegations, but are instead led to downloading IcedID, an info-stealing malware. Microsoft Defender for Office 365 identifies and blocks these emails while shielding enterprises from this threat.

As a precautionary measure, Microsoft reported the threat to Google's security teams to warn them that threat actors are using legitimate Google URLs to deliver malware. The Google URLs are useful to the attackers because they will bypass email security filters. Seemingly, the attackers have also bypassed CAPTCHA challenges that are used to test whether the contact submission is from a human.

"Attackers are abusing legitimate infrastructure, such as websites' contact forms, to bypass protections, making this threat highly evasive. Besides, attackers use legitimate URLs, in this case, Google URLs that require targets to sign in with their Google credentials," the Microsoft 365 Defender Threat Intelligence Team stated. 

Microsoft is bothered by the methodology used by threat actors to steal information and has currently detected the criminals using the URLs in an email to deliver IcedID malware. However, it could just as easily be used to deliver other malware.

IcedID is an info-stealing malware that connects to a command-and-control server to download modules that conduct functions like stealing banking credentials and other data. It achieves persistence and downloads additional tools that let remote attackers pursue other malicious actions on a target system, including credential theft, lateral movement, and delivery of additional payloads.

"We have already alerted security groups at Google to bring attention to this threat as it takes advantage of Google URLs. We observed an influx of contact form emails targeted at enterprises by means of abusing companies' contact forms. This indicates that attackers may have used a tool that automates this process while circumventing CAPTCHA protections. As the emails are originating from the recipient's own contact form on their website, the email templates match what they would expect from an actual customer interaction or inquiry," Microsoft further notes.