Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
Millions of websites running WordPress are being strongly urged to update to the latest version of the popular content management system as soon as possible, after a serious security vulnerability was uncovered.
|
Scooped by
Gust MEES
|
Von wegen Sicherheit: Unter dem Deckmantel eines legitimen WordPress-Plugin richtet X-WP-SPAM-SHIELD-PRO eine Backdoor auf Webseiten ein.
Wer auf seiner WordPress-Webseite das Plugin X-WP-SPAM-SHIELD-PRO installiert hat, sollte dieses schleunigst deinstallieren: Das Fake-Sicherheits-Plugin ist Malware und richtet unter anderem einen Fernzugriff für die Drahtzieher des Zusatzmoduls ein, warnen Sicherheitsforscher von Sucuri.
Die Betrüger missbrauchen dabei den Namen des legitimen Sicherheits-Plugins WP-SpamShield Anti-Spam, welches Spam von WordPress-Seiten fernhalten soll. X-WP-SPAM-SHIELD-PRO ist nicht im offiziellen Plugin-Bereich von WordPress zu finden. Es stammt aus einer von den Sicherheitsforschern nicht näher beschriebenen Quelle. Aus Sicherheitsgründen ist es ratsam, nur Plugins aus der offiziellen Quelle zu installieren. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity
|
Scooped by
Gust MEES
|
We love podcasts: they’re like the blogging version of radio, a medium anyone can jump into and use to share their story. They introduce us to new voices and give us glimpses into new perspectives… and they pair perfectly with blogs and websites, where they can add more texture and interest to what you’re already publishing.
What Can a Podcast Add to My Site?
Use a RadioPublic embed to share and promote your own podcast ! But even if you’ve never even listened to a podcast before, there are ways you can use them:
Round up your favorites: everybody loves a good top-ten list, especially when includes a few surprises. Recommend some sports shows that break the mold (like 30 for 30 and The Rematch), podcasts about art (try A Piece of Work or The Lonely Palette), or amazing audio fiction. By embedding the shows right into your post, you make it easy for readers to sample, listen, and add the shows to their own listening list. Add a relevant episode to a post to give readers more to chew on. Writing about architecture? There’s probably a 99% Invisible episode that you could tie in. Pop culture? Check out Still Processing.
Not everything has to be heavy: maybe your readers could just use a few minutes of cats purring — there’s a podcast for that, too! With over 250,000 podcasts out there, there’s probably a show on whatever you’ve writing about.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=WordPress https://gustmees.wordpress.com/2016/09/22/blogs-tips-and-tricks/ https://gustmees.wordpress.com/2016/06/06/blogging-is-it-difficult-i-guess-not-a-all-follow-my-advice/ https://globaleducationandsocialmedia.wordpress.com/2014/07/02/put-your-title-in-here/ http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
With the huge number of sites running WordPress, and the frequency with which attackers exploit vulnerabilities on the platform to launch malicious attacks, it makes sense for self-hosting bloggers to update their systems as soon as possible.
Security vulnerabilities are frequently uncovered in third-party WordPress plugins, but the above fix addresses bugs in the main WordPress content management system itself. Meaning that just about any site running WordPress could be at risk.
Fortunately, updating is pretty easy. Go to your WordPress admin panel and choose Dashboard > Updates.
Of course, it's always good practice to test a new version of the software on a non-live version of your site first (often known as a staging site) - just in case.
Since WordPress 3.7 was released in October 2013, the software has come with the option of automatic security updates - hopefully ensuring that many site admins won't have to worry so much about whether they have kept their software updated or not.
But, of course, there will always be those who don't have automatic updates enabled and may miss the news. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Cybersecurity
|
Scooped by
Gust MEES
|
Über eine Cross-Site-Scripting-Schwachstelle können Angreifer WordPress-Installationen kompromittieren. Betroffen sind alle Versionen bis einschließlich WordPress 4.4.
Mit einem Wartungs-Update beheben die Entwickler des Content-Management-Systems WordPress insgesamt 52 Bugs, die seit erscheinen Version 4.4 gefunden wurden. Admins, die Auto-Updates deaktiviert haben, sollten WordPress 4.4.1 schnellstmöglich manuell installieren, da das Update auch eine Cross-Site-Scripting-Lücke (XSS) behebt, über die Angreifer das CMS kompromittieren können.
|
Scooped by
Gust MEES
|
We're excited to announce new tools that help make WordPress even more accessible to people around the globe.
Roughly half of the content and traffic on the internet is in English1, yet English is the mother tongue of only about a quarter of internet users2, and less than 5% of the world’s population.3 We believe that WordPress.com should be for everyone, not just English speakers — it’s why we already serve WordPress in 131 languages — but we want to make it even more accessible.4 To keep so many languages up to date we need to make it radically easier for non-English speaking communities to help with translation. We’re proud to announce our latest step in that direction: the Community Translator.
|
Scooped by
Gust MEES
|
Vulnerable websites can be exploited via XSS to steal user accounts, change settings or phish passwords from unsuspecting users. In fact, XSS flaws are one of the most commonly encountered security flaws found on websites.
Patching is obviously sensible and should be undertaken at the earliest opportunity, but never forget that additional layers of protection can go beyond patches – and perhaps be proactive in defending your systems from abuse during the time when no official fixes are available.
|
Scooped by
Gust MEES
|
Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site.
A week ago it was the WordPress SEO plugin, which is actively used on more than a million of WP sites. This time it's the company's Google Analytics plugin, which has apparently been downloaded around 7 million times.
According to the researcher who discovered the issue, Jouko Pynnönen of Finland-based Klikki Oy, the vulnerability "allows an unauthenticated attacker to store arbitrary HTML, including JavaScript, in the WordPress administrator’s Dashboard on the target system. The JavaScript will be triggered when an administrator views the plug-in’s settings panel. No further user interaction is required."
Learn more:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing
|
Scooped by
Gust MEES
|
A serious vulnerability was found in one of the most popular WordPress plugins, and guess what? It got fixed really quickly. :) All that remains is for you to apply the update on your web server.
|
Scooped by
Gust MEES
|
A critical security flaw in a plugin called WP-Slimstat is to blame.
Over one million websites running the WordPress content management system are potentially at risk of being hijacked due to a critical vulnerability exposed in the WP-Slimstat plugin. On Tuesday, a security advisory posted by researcher Marc-Alexandre Montpas from security firm Sucuri said the "very high risk" vulnerability found in versions of WP-Slimstat 3.9.5 and lower could lead to cyberattackers being able to break the plugin's "secret" key, perform an SQL injection and take over a target website.
Learn more:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing
|
Scooped by
Gust MEES
|
If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.
|
|
Scooped by
Gust MEES
|
Outdated versions of three popular WordPress plugins suffer from a "critical" zero-day vulnerability that enables an attacker to take over a website.
The bug is a PHP object injection flaw that affects the following plugins: Appointments (versions prior to 2.2.2), Flickr Gallery (versions prior to 1.5.3), and RegistrationMagic-Custom Registration Forms (versions prior to 3.7.9.3).
Together, those plugins have a combined user base of over 21,000 WordPress customers. All three have already received a fix for the security issue, which is rated "Critical" with a CVSS rating of 9.8. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity
|
Scooped by
Gust MEES
|
WordPress 4.8.2 is out, featuring nine security fixes website owners will want to apply, well, now.
All told, there have been six updates this year featuring security fixes, including January’s silent patch for a nasty zero day, this being the first since May’s v4.7.5.
The maintenance side of the update features six other software updates but focussing on the bit that bothers Naked Security readers most, security, we see five Cross-Site Scripting (XSS) flaws (a perennially popular attack vector that refuses to die), two path or directory traversal issues, and one covering an open redirect. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing
|
Scooped by
Gust MEES
|
Keeping up with social media can feel like a full-time job these days — and for many it is. Posting your content on Twitter and Facebook during specific hours, and keeping things evenly spaced out, means that you need to tend to your profiles pretty often.
We wanted to make it easier for WordPress.com users to create great content on their websites — and share it across different social media networks.
The new Advanced Social Media feature for Business and Premium plan users (and for Jetpack Professional and Premium users) lets you schedule specific times that your content will be automatically shared on places like Twitter, Facebook, and LinkedIn. You can also preview your social updates before sending them, so you know exactly how it will look when it goes out.
With Advanced Social Media, you can:
Resurface older “evergreen” posts to share them to your newer followers. Plan your social media posts in bulk to save time. Craft messages specifically to fit the profile or network where you are posting.
Preview upcoming tweets, Facebook posts, or LinkedIn updates. See the previous shares of the post.
You can access all of these features by selecting the “Share” button under a post in your posts list.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Internationalization is very important to us, and we’re striving to make sites across WordPress.com accessible to all, such as your international followers and multilingual readers.
Today, we’re thrilled to introduce the Google Translate Widget, which allows you and your site visitors to instantly translate your content into 103 languages currently supported by Google Translate. [Gust MEES] Check out my Blog to give it a test: https://gustmees.wordpress.com
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Introducing Apostrophe and Canard, two magazine themes available for free.
|
Scooped by
Gust MEES
|
Many WordPress sites are at risk of hijack, after cross-site scripting vulnerability uncovered.
If you find the similarity in names between wordpress.org and wordpress.com somewhat confusing, you’re not alone.
But, in answer to your question, if you’re using wordpress.com you are not at risk.
|
Scooped by
Gust MEES
|
The FBI has issued a warning that ISIS-supporting hackers are exploiting vulnerabilities on websites running WordPress.
|
Scooped by
Gust MEES
|
Multiple vulnerabilities in the WPML plugin that could allow attackers to access databases, delete site content, and gain administrative privileges have put as many as 400,000 websites at risk.
WPML is a popular WordPress plugin used for creating multi-lingual websites, and researchers have uncovered four critical vulnerabilities, the most serious being a SQL injection flaw that can allow unauthenticated access to the website’s database, exposing user details and password hashes.
|
Scooped by
Gust MEES
|
One of the main ways to to leverage content curation for business is to add curated content to your website or blog. Here's how to do it right on Wordpress.
|
Scooped by
Gust MEES
|
Thousands of websites are at risk of being exploited by a previously undisclosed vulnerability in a WordPress plugin, which researchers say could be used to inject malicious code into websites.
The flaw exists in Fancybox, a popular image displaying tool, through which Sucuri researchers say malware or any other script can be added to a vulnerable site.
"We can confirm that this plugin has a serious vulnerability," the researchers wrote. "It's being actively exploited in the wild, leading to many compromised websites," the researchers wrote.
|