Business Roundup Week Ending January 19

The Unexpected Attack Vector Responsible for 60% of Hacked WordPress Sites in 2023?

  • Thomas J. Raef, Founder of WeWatchYourWebsite, recently released a surprising finding based on analysis of 851+ billion WordPress log entries from more than 4 million WordPress websites.
  • Compromised login credentials, and theme and plugin vulnerabilities were key attack vectors, but were not responsible for the majority of attacks.
  • 60% of WordPress hacks in 2023 were caused by stolen session cookies.
  • Stolen session cookies happen when a user logs in from a compromised computer. The malware then sends the cookie to a bad actor who has immediate access to the website.
  • This attack is especially effective because it works regardless of password complexity, two-factor authentication, VPN, or even passkeys.
  • Protecting against the attack involves keeping computers malware free by using security software and guarding against phishing attacks.
  • Also, something as simple as logging out after every admin session can prevent successful session hijacking.
  • How can you educate your clients about this new threat to their website’s security?
  • Want to dig deeper? Check out this great article from Thomas J. Raef.

Can the Block editor and Page Builders Coexist?

  • No doubt about it, the Block Editor’s capabilities have greatly improved, making it a viable website building option for basic sites.
  • However, complex designs often still require page builders or custom code.
  • Block editor proponents say sites designed in page builders are locked into those tools. However, using certain add-on block ecosystems have essentially the same effect.
  • Some speculate page builder pricing may increase and user bases decline. However, many users still prefer the all-in-one experience of page builders over installing multiple plugins.
  • Is there room for both the Block Editor and page builders in the WordPress world? What choice is right for your agency?
  • Read more on this lively debate in this excellent article from Eric Eric Karkovack.
  • OpenAI must defend itself in court after a judge denied its motion to dismiss a lawsuit by radio host Mark Walters. He claims ChatGPT defamed him by fabricating an embezzlement lawsuit.
  • OpenAI’s liability theories around ChatGPT’s frequent falsehoods, or “hallucinations,” will now be tested in court for the first time.
  • Do ChatGPT’s inaccuracies expose OpenAI and users to defamation liability if they publish content without verification? What do you think?
  • This is certainly an important case to watch. Read more about it here.

Worth a Look

This article, Business Roundup Week Ending January 19, was published at Post Status — the community for WordPress professionals.

Leave a Reply

Your email address will not be published. Required fields are marked *

Leave a comment

Your email address will not be published. Required fields are marked *