Parler has been hacked - hit by a massive data scrape. Security researchers collected swaths of user data and leaked it online.
Tag: security
A new feature that will allow automatic updating of plugins and themes will be available in WordPress version 5.5, which is scheduled to be released on August 11, 2020. In this core release of the world’s most popular content management system, site owners will have the option to turn auto-updates on for individual plugins and ...Read More
This should be an interesting update because of this. I’m probably going to generally ignore the functionality since I prefer closer control over my site and spend so much time in it on a daily basis.
Protected: Hypothes.is groups
Followed Think Like a Hacker | WordFence
Join Mark Maunder for the Think Like a Hacker podcast as he and Kathy Zant cover interesting topics related to WordPress, security and innovation.
Most companies encrypt passwords to prevent them from being stolen in the event of a data breach or used for nefarious purposes by company employees.
👓 H4xx0r3d! – how I found out that I am running a spam blog | Christian Heilmann
Yesterday, actually ten minutes before I had to leave for Kilburn to give my talk at ignite I had a shocking moment. I found in one of the sub-folders of my vast server a blog that offers cheap OEM software:
👓 Update now! Dangerous AMP for WordPress plugin fixed | Naked Security
The popular plugin for implementing Accelerated Mobile Pages returned, patched, to WordPress.org last week.
👓 Securing WordPress’s membership settings | Roy Tanck
For as long as I can remember, it’s been possible to configure WordPress like this: In essence, this combination of settings translates to: “Please take my site. No seriously, it’s yours.“. Allowing new users to sign up, and then making them site administrators allows them to completely take over your site.
I’m really surprised that this is not a heavily protected option and can’t think of a reason people would really want to do such a thing.
👓 Add Secure Authentication to your WordPress Site in 15 Minutes | Okta Developer
This post will show you how to secure your WordPress login with two-factor authentication by using Okta's Sign-In Widget.
👓 Two factor authentication overview | Nelson’s log
Bit of kerfuffle this week around Reddit, which had a security breach despite having two factor authentication enabled. Some basic introductory notes for folks wondering what’s going on. Two-…
👓 Putting Stickers On Your Laptop Is Probably a Bad Security Idea | Motherboard / Vice
From border crossings to hacking conferences, that Bitcoin or political sticker may be worth leaving on a case at home.
I had a very short conversation at the IndieWeb Summit 2018 in Portland with Nate Angell about the stickers on his laptop. Who knew he was such a subject area expert that Motherboard/Vice was using his material?
Of course this also reminds me that if academics, journalists, and publications/outlets were using webmentions when they credited creative commons articles, photos, audio, or other content, then the originator would get a notification that it was being used. This could also tip the originator off that their licensed content is being properly used.
👓 Fortnite is putting users at risk, to prove a point about Google’s Android monopoly | CNet
Commentary: Fortnite gives Google the middle finger, but both are failing us to some degree.
30% is a pretty high tax, particularly for such a massively large platform versus the direct costs for maintaining it. One would think that at their scale the cost would be significantly lower.
👓 How an Ex-Cop Rigged McDonald’s Monopoly Game and Stole Millions | The Daily Beast
Jerome Jacobson and his network of mobsters, psychics, strip-club owners, and drug traffickers won almost every prize for 12 years, until the FBI launched Operation ‘Final Answer.’
A great little story here. I can see why Matt and Ben bought it.
👓 Why Sites Didn’t Automatically Update to WordPress 4.9.6 | WP Tavern
WordPress 4.9.6 was released last week and was labeled a minor release. Minor releases trigger WordPress’ automatic update system. Shortly after its release, some users began questioning why …
So, apparently some time in October and unbeknownst to me, my website got (was given?) an SSL certificate so that it would resolve via https. I accidentally discovered this today and spent a few minutes setting up the appropriate redirects so that everyone is forced to use https links to access my site. I may still have a few administrative redirects and some bookmarklets to tweak along the way, but the whole process was far simpler than I would have expected.
A nice side benefit is that now the Simple Location data I’d like to use will now self-populate when I make posts relating to location!