Podcasts about wordpress security

In this episode of the Post Status Happiness Hour, host Michelle Frechette interviews Robert Abela from Melapress to discuss WordPress security. They emphasize the importance of adopting security best practices, the challenges faced by website administrators, and the critical role of user training in preventing breaches. Robert shares insights from a survey by Mala Press, revealing common security issues and misconceptions. They explore authentication methods like two-factor authentication (2FA) and passkeys, stressing the need for continuous education and awareness. The episode underscores that human error often contributes to vulnerabilities, highlighting the necessity of proactive security measures.Top Takeaways:Use Password Managers for Stronger Security: Both emphasize the importance of strong, unique passwords across different platforms. Using a password manager simplifies this  process, generating and securely storing passwords, which helps users avoid the common mistake of reusing passwords across multiple accounts.Auto-Updates Are Essential but Need Careful Implementation: Auto-updates in WordPress, especially for minor updates, are crucial for keeping websites secure. However, using a staging environment to test updates before applying them to a live site is a best practice. It ensures that any potential issues can be resolved without affecting the live site.Backups Are a Must-Have: Regular backups are vital for website security and recovery. Although backups are not always seen as part of security, they play a crucial role in recovering from incidents like hacking or failed updates. Many web hosts offer backup services, making it easy to implement.Outsourcing Security Can Be Beneficial for Non-Technical Users: Businesses without technical expertise (e.g., small shops or bakeries) may benefit from outsourcing website management to agencies. These agencies have experience with hundreds of websites and can handle security updates and maintenance more efficiently, reducing the risk of security breaches.Proactive Security Measures Are Key: The conversation stresses the importance of proactive security practices. Having security solutions, policies, and a recovery plan in place before a security breach occurs is critical. Waiting until after a breach happens can result in higher costs, operational downtime, and damage to reputation.Mentioned In The Show:WordCampWordPressKathy Zant Nathan Ingram Black HatGive WPLiquid WebWP Accessibility DayTopher DeRosiaCate DeRosiaHero Press

In this episode of the Post Status Happiness Hour, Michelle Frechette talks with Nathan Ingram and Kathy Zant. They delve into the critical topic of online security, emphasizing the necessity of user education, particularly for WordPress users. Nathan from Solid WP and the Academy introduces Monster Secure, a new course designed to help agencies educate their clients on security best practices. Kathy, an online security expert, shares her experiences and stresses the importance of security education for overall business protection. The discussion highlights the challenges of online security, the evolving nature of cyber threats, and the need for proactive measures to safeguard digital assets.Top TakeawaysSecurity Awareness is Critical & Need for Vigilance: Effective security involves more than just technical measures; it requires continuous vigilance and education about potential threats. Kathy Zant and Nathan Ingram emphasize the importance of understanding and responding to security risks proactively.Education and Empowering Users: Both Kathy and Nathan stress the significance of educating users and clients about security. They argue that security knowledge should be accessible to everyone, not just experts.Security is for Everyone, Not Just Big Targets: Nathan explains that hackers don't only target large, high-profile websites; they also exploit smaller, less-secure sites for resources. This underscores that security is a concern for everyone, regardless of the size or perceived importance of their websiteMentioned In The Show:Thomas RaefWeWatchYourWebsiteSolid WPSolid AcademyMonster SecureGo Safely OnlineLearnDashJack KitterhingYouTube

In this podcast episode of the Post Status Happiness Hour, Michelle Frechette is joined by her friend and WordPress security expert, Kathy Zant. They delve into various aspects of website security, focusing on WordPress. Kathy discusses her recent security courses aimed at demystifying WordPress for beginners and emphasizes the importance of proactive security measures. They highlight the critical role of regular backups and the potential risks of automated updates. Kathy shares practical security tips, such as using strong passwords and enabling two-factor authentication. The episode is both informative and engaging, filled with personal anecdotes and humor, making it a valuable resource for listeners.Top Takeaways: Importance of Security: Both Michelle and Kathy emphasize the importance of understanding and implementing robust security measures to protect websites from hacks.Criminal Behavior: Kathy highlights that criminals (including hackers) often look for the easiest targets. If a website or home has visible security measures, they are more likely to move on to an easier target. However, if a determined attacker sees something of value, they might still find a way in despite the security measures.Auto Updates: Kathy advises against relying solely on automated updates, especially for websites that are crucial for business. She recommends a process of updating on a staging environment first, ensuring everything works, and then updating the production site. She highlights real-world scenarios where automated updates have caused issues, leading to downtime and confusion over whether a site was hacked or simply experiencing an update-related error.Content Creation and Community Engagement:Kathy discusses her responsibilities at Motivation Code, including managing content across different platforms and facilitating challenges to foster community interaction. Despite facing technical challenges with platforms like LinkedIn, she remains committed to creating engaging content and moving activities to more effective platforms like Facebook.Mentioned In The Show:ShopifyWixSquarespaceMotivation Code CrowdStrike StellarWPWordCamp USNathan IngramMark WestguardKathy's website

In this podcast episode, Michelle Frechette and Drew Griswold discuss the upcoming Stellar Spark event, a free gathering featuring 15 speakers on various WordPress-related topics. Highlighted speakers include Josepha Haden, Tammy Grant, and Nestor Angulo, covering subjects like WordPress security, SEO, and content creation. The event will have two tracks, with all sessions recorded for later access. Michelle and Drew emphasize the importance of registration for accessing recordings and networking opportunities. They also announce a 40% off sale on Stellar products for registrants. The episode reflects their enthusiasm for connecting with the WordPress community through this event.Top Takeaways: Stellar Spark details: The event is completely free.Videos will be recorded and available for viewing after the event.Registration encouraged for easy access to post-event materials.Networking Opportunities: Hallway track Zoom room staffed by the Customer Success team for networking and speaker interactions.Mentioned In The Show:StellarWPStellar Spark ConferenceJosepha Haden ChomphosyTammie ListerNestor AnguloYoastXaver BirsakLana Rafaela CindricIvailo HristovAlex StandifordBud KrausLindsay Miller David WolfpawAdam WeeksDavid AfolabiCorey MassBet HannanWordCampFiverrWordPressLearnDashGiveWPRCPThe Events CalendarSolidKadence

In this episode we speak with Scott Clevely from WPLifeline. They are a company built to take care of all the security and updates of your Wordpress website so you don't have too worry about it. We speak about security breaches, backups and what you need to know to avoid having your most valuable marketing asset taken over (your website) Learn more at: https://wplifeline.com/blue-cow-marketing/

Fend off hackers and keep your WordPress website running smoothly with our rundown of simple yet crucial steps! In this week's episode, we pull back the curtain on WordPress security, dispelling misunderstandings and shedding light on how, with a little extra care, you can make your website fortress-like. We dive into the nitty-gritty of WordPress maintenance, from the need for unique admin usernames and passwords to the wisdom of changing your login URL.Discover the importance of regular backups, the potential risks of shared servers and the value of our maintenance packages in ensuring your site's safety.Nauti Nerds is produced and managed by Urban Podcasts.

his is first of four podcast episodes related to WordPress security. For the first time ever, I feel like I need to add some context to the show notes so that you understand the context of what I'm doing here. A little while ago there was some news in the WordPress space about the merits of using plugins for securing your WordPress website. Researchers (Calvin being one of them) had discovered ways in which the effectiveness of the plugins might be compromised. I'll leave the audio (and transcript) of the podcast to explain the technicalities here, but there were several posts on social media which amplified the issue, making it harder to gain an understanding of what happened, and when. I decided to reach out to a number of people to get 'their side of the story'. Also a first for this podcast, I set some ground rules for the interviews to take place: Each participant (there are four in total, one per episode) was told who the other guests were Each participant was told that their episode would not be published until all four recordings had taken place Each participant was told that their episode would be published in a random order What you're listening to today is the first of that random publishing schedule. The other three episodes will come out in the following weeks. This was done to ensure that the guests did not have. a chance to listen to the other participants episode, and therefore had. a chance to 'better prepare'. With hindsight, which was likely overkill as all the guests were very thoughtful and polite. They do in some cases mention rival products and describe areas where they think that errors were made in code and communication. That being said, there was no general sense of mud slinging that I detected. The guests are (in random order): Calvin Alkan - Snicco Akshat Choudhary - Malcare Dan Knauss - iThemes (now SolidWP) Thomas J Raef - We Watch Your Website I'm going to keep my commentary here to a minimum to avoid getting embroiled in the debate, but there's some additional information about what we cover in the show notes of the post.

This week on the podcast, Eric, John, and Thomas talk about PHP JIT, Wordpress Security, Our Interview on another podcast, and more...Links from the show:Eric Van Johnson and John Congdon: Business, Bromance, I channel Tom - Citizen Coder Podcast | Podcast on Spotifyhttps://medium.com/@edouard.courty/make-your-php-8-apps-twice-as-fast-opcache-jit-8d3542276595Exploring the New PHP JIT Compiler | Zend by PerforceJust a moment...This episode of PHPUgly was sponsored by:Honeybadger.ioBuilt for Developers. Monitoring doesn't have to be so complicated. That's why we built the monitoring tool we always wanted: a tool that's there when you need it, and gets out of your. Everything you need to keep production happy so that you can keep shipping. Deploy with confidence and be your team's DevOps hero.https://www.honeybadger.io/JetBrains PhpStormThe Lightning-Smart PHP IDE. Join over 600,000 happy PhpStorm users worldwide!https://www.jetbrains.com/phpstorm/php[architect]php[architect] magazine is the only technical journal dedicated exclusively to the world of PHP. We are committed to spreading knowledge of best practices in PHP. With that purpose, the brand has expanded into producing a full line of books, hosting online and in-person web training, as well as organizing multiple conferences per year.https://www.phparch.comPHPUgly streams the recording of this podcast live. Typically every Thursday night around 9 PM PT. Come and join us, and subscribe to our Youtube Channel, Twitch, or Twitter. Also, be sure to check out our Patreon Page.Twitter Account https://twitter.com/phpuglyMastodon Account https://phparch.social/@phpuglyHost:Eric Van Johnson | Mastodon: @eric@phpartch.socialJohn Congdon | Mastodon: @john@phpartch.socialTom RideoutStreams:Youtube ChannelTwitchPowered by RestreamPatreon PagePHPUgly Anthem by Harry Mack / Harry Mack Youtube ChannelThanks to all of our Patreon Sponsors:******* SPONSORS **Honeybadger (https://honeybader.io)** Patreon Supports **ButteryCrumpetFrank WDavid QShawnBoštjanMarcusShelby CS FergusonRodrigo CBillyDarryl HKnut Erik BDmitri GElgimboMikePageDevKenrick BKalen JR. C. S.Peter AClayton SRonny MBen RAlex BKevin YEnno RWayneJeroen FAndy HSeviCharltonSteve MRobert SThorstenEmily JJoe FAndrew WulrikJohn CJames HEric MEd GRirielilHermitChampJeffrey DChris BTore BBek JDonald GPaul KRonny MN

Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf   Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow

Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf   Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow

Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow

Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf   Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow

Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf   Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow

Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow

What's on tap for WordPress core in 2023? Project executive director Josepha Haden Chomphosy recently outlined some big picture goals. By design, the post is light on detail. Haden Chomphosy says the list represents a view from “10,000 feet”.Perhaps the biggest item mentioned is the completion Phase 2 of the Gutenberg project, which focuses on the customization of the Block and Site editors. From there, the project will begin exploring Phase 3, where collaborative functionality will be on the table.Other areas of interest include improvements to media management, adding Openverse search in WordPress core, and the return of the WordPress Community Summit.The goals are ambitious and there is a lot of work to be done. With that, Haden Chomphosy also put out a call for volunteers.Links You Shouldn't MissFor WordPress product makers, identifying a target audience can be challenging. There is often difficulty in balancing new features, support, and marketing. After a few years of catering to publishers of all sizes, Newsletter Glue's Lesley Sim has decided to train her product's focus on newsrooms and media companies. In a blog post, Sim explained the reasons behind the shift and what it means for current customers.The folks at Awesome Motive have made their second major acquisition this month. This time around, they've purchased Thrive Themes. Known for the Thrive Architect and Thrive Theme Builder products, the company also touches on the LMS, automation, and marketing niches.Wordfence has released their annual State of WordPress Security report. Takeaways include a higher number of reported vulnerabilities, while fewer of them were categorized as “critical unauthenticated”. One constant is the need to keep your WordPress installation up-to-date. Neglect is still a huge factor when it comes to security. ★ Support this podcast ★

Many of us aren't cut out to be developers, so its best to rely on technical wizards who can complement our strengths. One such person is Dustin Hyle and he joins the Niche Pursuits podcast today to share some of the ways site owners can better protect their sites, increase site speed, and even improve email deliverability.

On the podcast today we have Akshat Choudhary. Akshat is the Founder and CEO of BlogVault, MalCare, WP Remote and Airlift. These WordPress plugins allow their customers to build, manage and maintain their WordPress websites. He's based in Bangalore, India and we begin the podcast talking about the state of the WordPress community there. We also talk about why Akshat sees it as useful to bring himself and other members of his team so far to attend WordCamp Europe. What's in it for them and what's their approach to the return on this investment? We then get into a discussion of the security landscape and how the products that Akshat and his team make enable site owners to rest more easily. We go into some of the technical details of how the products work and how they fit neatly into an agency wishing to sell care plans to their website clients.

On the podcast today we have Akshat Choudhary. Akshat is the Founder and CEO of BlogVault, MalCare, WP Remote and Airlift. These WordPress plugins allow their customers to build, manage and maintain their WordPress websites. He's based in Bangalore, India and we begin the podcast talking about the state of the WordPress community there. We know that there's a lot of WordPress products and services coming out of India, but are there events and meetups like we find elsewhere? We also talk about why Akshat sees it as useful to bring himself and other members of his team so far to attend WordCamp Europe. What's in it for them and what's their approach to the return on this investment? We then move on to talk about Akshat's journey creating products in the WordPress space. It's interesting to note that whilst Akshat is clearly great at creating products people wish to use, he's also willing to admit that much of his success can be attributed to serendipity. We then get into a discussion of the security landscape and how the products that Akshat and his team make enable site owners to rest more easily. It's all about backups, site monitoring and firewalls. We go into some of the technical details of how the products work and how they fit neatly into an agency wishing to sell care plans to their website clients. Are there any downsides to adding additional plugins to WordPress websites and do we run the risk of thinking that if we've installed some security and backup plugins, then there's nothing to worry about? Is this a sensible position to take? It's an educational episode with a warm and very amiable guest. Useful links. WP Remote BlogVault Malcare Airlift

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old they're un-hackable? Closing The Loop. SpinRite. A Critical Windows RPC RCE. We invite you to read our show notes at https://www.grc.com/sn/SN-867-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cloud.jumpcloud.com/securitynow canary.tools/twit - use code: TWIT zentrysecurity.com/twit

On the podcast today we have Oliver Sild from Patchstack. Patchstack is a product which is designed to help you identify plugin vulnerabilities in your WordPress sites. We talk about how, over the past couple of years, Patchstack has released an annual report concerning the state of WordPress security. What are the broad security trends which have emerged over the past 12 months in WordPress Core, plugins and themes. Listen now...

On the podcast today we have Oliver Sild. Oliver has been working in the WordPress space for many years, and specifically with WordPress security, as one of the founders of Patchstack, formerly called WebARX. Patchstack is a product which is designed to help you identify plugin vulnerabilities in your WordPress sites. Over the past couple of years Patchstack has released an annual report about the state of WordPress security. The report for 2021 has just been released, and the podcast today is concerned with what they found out. We talk about why they produce this report, and who the intended audience is. What are the main takeaways in terms of the overall security of WordPress Core, plugins and themes. We then get into more specific details of what types of vulnerabilities and attacks seem to be prevalent in the WordPress space. Are there any trends which are useful to think about, and how WordPress security is managed by the community as a whole; are budgets and time typically allocated for prevention and restoration of websites? Towards the end we talk about how some people have pushed back on the usefulness of the report. They've questioned the motivations of security companies to write such reports and the use of the language which they contain. Do they paint more of a negative picture in order to drive sales of their commercial solutions? Useful links. State of WordPress Security in 2021 Report Patchstack website Is WordPress security getting better or worse? Rebuttal: How Patchstack is improving WordPress security Oliver's Twitter

In a bit of serendipity, the same week I finished recording my next LinkedIn Learning course, Troubleshooting and Repairing Your WordPress Website, Patchstack has published its State of WordPress Security in 2021 white paper. I’ll go through some of the highlights from the white paper, and give you my analysis. Brought to you by GoDaddy Pro. Get all of the show notes, and a written to be read article over at https://wpreview.io/41 Show Notes State Of WordPress Security In 2021 - Patchstack | Download PDF Plesk Podcast: Next Level Ops GoWP Nexcess

Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a popular WordPress add-on provider. Does WordPress make sense anymore? The European Union plans to fund some bug bounty programs. The "MoonBounce" EFI Bootkit. Closing the Loop. Inside the NetUSB Hack. We invite you to read our show notes at https://www.grc.com/sn/SN-855-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit privacy.com/securitynow Melissa.com/twit

Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a popular WordPress add-on provider. Does WordPress make sense anymore? The European Union plans to fund some bug bounty programs. The "MoonBounce" EFI Bootkit. Closing the Loop. Inside the NetUSB Hack. We invite you to read our show notes at https://www.grc.com/sn/SN-855-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit privacy.com/securitynow Melissa.com/twit

Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a popular WordPress add-on provider. Does WordPress make sense anymore? The European Union plans to fund some bug bounty programs. The "MoonBounce" EFI Bootkit. Closing the Loop. Inside the NetUSB Hack. We invite you to read our show notes at https://www.grc.com/sn/SN-855-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit privacy.com/securitynow Melissa.com/twit

Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a popular WordPress add-on provider. Does WordPress make sense anymore? The European Union plans to fund some bug bounty programs. The "MoonBounce" EFI Bootkit. Closing the Loop. Inside the NetUSB Hack. We invite you to read our show notes at https://www.grc.com/sn/SN-855-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit privacy.com/securitynow Melissa.com/twit

Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a popular WordPress add-on provider. Does WordPress make sense anymore? The European Union plans to fund some bug bounty programs. The "MoonBounce" EFI Bootkit. Closing the Loop. Inside the NetUSB Hack. We invite you to read our show notes at https://www.grc.com/sn/SN-855-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit privacy.com/securitynow Melissa.com/twit

Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a popular WordPress add-on provider. Does WordPress make sense anymore? The European Union plans to fund some bug bounty programs. The "MoonBounce" EFI Bootkit. Closing the Loop. Inside the NetUSB Hack. We invite you to read our show notes at https://www.grc.com/sn/SN-855-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit privacy.com/securitynow Melissa.com/twit

Picture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday Review: The Not So Good News Check Your Router Firmware Updates Chrome to Implement PNA Three High Severity Flaws in WordPress Add-ons Closing the Loop: Listener feedback SpinRite Anatomy of a Log4j Exploit We invite you to read our show notes at https://www.grc.com/sn/SN-854-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: newrelic.com/securitynow canary.tools/twit - use code: TWIT kolide.com/twit

Picture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday Review: The Not So Good News Check Your Router Firmware Updates Chrome to Implement PNA Three High Severity Flaws in WordPress Add-ons Closing the Loop: Listener feedback SpinRite Anatomy of a Log4j Exploit We invite you to read our show notes at https://www.grc.com/sn/SN-854-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: newrelic.com/securitynow canary.tools/twit - use code: TWIT kolide.com/twit

Picture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday Review: The Not So Good News Check Your Router Firmware Updates Chrome to Implement PNA Three High Severity Flaws in WordPress Add-ons Closing the Loop: Listener feedback SpinRite Anatomy of a Log4j Exploit We invite you to read our show notes at https://www.grc.com/sn/SN-854-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: newrelic.com/securitynow canary.tools/twit - use code: TWIT kolide.com/twit

Picture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday Review: The Not So Good News Check Your Router Firmware Updates Chrome to Implement PNA Three High Severity Flaws in WordPress Add-ons Closing the Loop: Listener feedback SpinRite Anatomy of a Log4j Exploit We invite you to read our show notes at https://www.grc.com/sn/SN-854-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: newrelic.com/securitynow canary.tools/twit - use code: TWIT kolide.com/twit

Picture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last week. The Privacy-first Brave browser. WordPress 5.8.3 security update. What, exactly, is a "Pluton"? The first of Dennis Taylor's three Bobiverse novels. SpinRite. URL Parsing Vulnerabilities. We invite you to read our show notes at https://www.grc.com/sn/SN-853-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: go.acronis.com/twit-1 barracuda.com/securitynow expressvpn.com/securitynow

Picture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last week. The Privacy-first Brave browser. WordPress 5.8.3 security update. What, exactly, is a "Pluton"? The first of Dennis Taylor's three Bobiverse novels. SpinRite. URL Parsing Vulnerabilities. We invite you to read our show notes at https://www.grc.com/sn/SN-853-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: go.acronis.com/twit-1 barracuda.com/securitynow expressvpn.com/securitynow

Picture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last week. The Privacy-first Brave browser. WordPress 5.8.3 security update. What, exactly, is a "Pluton"? The first of Dennis Taylor's three Bobiverse novels. SpinRite. URL Parsing Vulnerabilities. We invite you to read our show notes at https://www.grc.com/sn/SN-853-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: go.acronis.com/twit-1 barracuda.com/securitynow expressvpn.com/securitynow

Picture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last week. The Privacy-first Brave browser. WordPress 5.8.3 security update. What, exactly, is a "Pluton"? The first of Dennis Taylor's three Bobiverse novels. SpinRite. URL Parsing Vulnerabilities. We invite you to read our show notes at https://www.grc.com/sn/SN-853-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: go.acronis.com/twit-1 barracuda.com/securitynow expressvpn.com/securitynow

On today's episode of the RethinkYour.com we get into the topic of WordPress plugins and the continual issue of security breaches, how to watch out for them, and what to do to proactively deal with them. Then we get into a good topic of what to expect when you launch a new website. It's exciting to watch Google discover the improvements you've made, and see how they directly influence the number of people finding your site. We're happy to break down these topics for you as we kick off Season 2 of RethinkYour.com, because we know we're about to surface a few new golden nuggets of information that you haven't heard before, so stay tuned.

In today’s episode, we talk through a checklist of items that need to be done this fall to make your website secure.

Everything you need to know to build a landing page that intrigues, captures, and delights email leads for your upcoming board game launch!  Episode 15 00:03:00 - Hosting Your Website 00:06:56 - WordPress Security  00:08:22 - What Is A Landing Page? 00:14:26 - How Do You Track Your Conversion Rate? 00:18:15 - You Need A Email Marketing System 00:20:59 - You Need Art Or Images Of Your Game  00:23:46 - The Three People You Need To Design Your Landing Page For 00:27:35 - Landing Page Tips 00:34:15 - What Goes In The Top, Middle & Bottom Of Your Landing Page? 00:42:00 - Board Game Landing Page Example  Show Notes Wordfence WordPress Security Plug-In: https://www.wordfence.com/ Typography Tutorial: https://youtu.be/QrNi9FmdlxY Gutterfall: Bounties Landing Page Example: https://gutterfallbounties.com/ Andrew's Landing Page Guide On the BGDL: https://www.boardgamedesignlab.com/how-to-market-your-kickstarter-campaign/#elementor-toc__heading-anchor-9

The founder of BlogVault & Malcare, Ahskat Choudhary joins the show to talk WordPress security. If you've run an agency for a while, you'll no doubt have had to clean up after some malicious code or dealt with websites getting hacked.  In this chat, you'll learn what you need to do to reduce the likelihood […]

This week on the podcast we talk about something that is very dear to my heart… WordPress security! I have literally no idea why this subject fascinates me as much as it does, but for some reason, I cannot help myself, I just love it! I am interested in WordPress / internet security from the 10,000 mile high perspective. I'm not the kind of person to delve into the math of Elliptic Curves or Diffie Helmann symmetric keys. You need to be clever to actually understand this stuff, and as we all know, cleverness is not something that I possess too much of! David Hayes on the other hand is a clever person; the kind of man who understands the code behind WordPress security.

This week on the podcast we talk about something that is very dear to my heart… WordPress security! I have literally no idea why this subject fascinates me as much as it does, but for some reason, I cannot help myself, I just love it! I am interested in WordPress / internet security from the 10,000 mile high perspective. I'm not the kind of person to delve into the math of Elliptic Curves or Diffie Helmann symmetric keys. You need to be clever to actually understand this stuff, and as we all know, cleverness is not something that I possess too much of! David Hayes on the other hand is a clever person; the kind of man who understands the code behind WordPress security.

Matt Medeiros is continuing with Season 6 by interviewing guests as he connects with them in the community. In this episode, Matt interviews David Hayes from WPShout, a premier source for WordPress learning. David along with his partner Fred Meyer also run an agency called PressUp. It is a boutique web consultancy that partners with businesses to create custom websites and interactive experiences. The two publish in-depth weekly WordPress tutorials, WPShout, as well as provide curated links to other cool stuff around the WordPress world. Matt and David share their experiences on how you balance the agency work and the marketing of your brand. Listen to this episode: Matt Report - A WordPress podcast for digital business owners Creating information products w/ David Hayes of WPShout Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:52:32 Subscribe Share RSS Feed Share Link Embed Download file | Play in new window | Duration: 00:52:32 What you will learn from this Episode: David Hayes along with his partner Fred Meyer run their business with strikingly good balance. They have a new course out along with publishing a weekly newsletter.  (2:37) PressUp has not had to specialize in a particular industry niche. Enough leads come in through the business as technical requests.(4:23) WPShout is a WordPress content site that is balanced with the agency and published on Tuesdays. (9:36) David is able to execute on everyday tasks very well with balancing the agency business. (10:32) You need to set a goal for the business so that you don't find yourself chugging along and going in many directions. (12:05) Many WordPress businesses start out as hobbyists working in the web sphere without the strategy and goals needed to run a business. (12:44) You can follow the success of lead people in the WordPress ecosystem to find a need or market that they need to have served. (19:05) Pro-Tip: Find the customers before you start the business. Make sure the people need what you are developing or selling. (21:45) Even though you may have the initial product market fit, there may be a Pivot in that product that can extend the life of your audience. (22:10) WPShout started out by trying to sell advertising to their audience in a boutique way. (22:47) Don't be afraid to have many test runs to get that home run. (33:05) If you are a developer, it is essential that you reach outside the WordPress community. (34:34) People who find early success may not understand the amount of work that goes into a business. (36:45) Courses from WPShout: Marketing is important for any product that you are trying to sell. (Ex: Up and Running was released in 2015) (24:36) You can find a topic that does not have understandable content to help users learn about it. This is the reason why WordPress Security with Confidence was launched. (26:40) There are two tiers for WordPress Security with Confidence  – User $147.00 and Developer $297.00. (28:29) Site speed and GIT may be the next topics on WPShout/courses. (30:16) The Future of WordPress: The marketing of WordPress is still disappointing.  They don't have celebrity advertising like WIX and Squarespace. (39:30) The WordPress.com and WordPress.org distinction exists for people inside the community. (40:36) People outside of the community struggle with the idea of how to pilot WordPress. (41:42) WordPress.org does not make sense to many people outside of the industry. It is still very much a developer tool. (43:15) WordPress.com is more aggressively marketing against WIX and Squarespace. (43:44) The average consumer is looking to say “I just spent an hour and now I have a website”. (45:28) Consultants have the success data for WordPress site creation. They should be contacted for that information. (47:24) There is a huge need going forward for WordPress to compete with Squarespace or WIX. (50:15) Episode Resources: PressUP WPShout Scott Bollinger on PostStatus Syed Balkhi Medivate Insight Timer Headspace Up and Running WordPress Security with Confidence PostStatus The MattReport Startups for the Rest of Us A16Z Podcast Stratechery Podcast Gutenberg Jetpack To Stay in Touch with David Hayes: WPShout on YouTube David on Twitter David on Facebook To stay connected with the Matt Report, head on over to mattreport.com/subscribe. If you like the show, please leave a 5 Star review over on the Matt Report on iTunes. Be sure to check out Matt's new offering at UserFeedbackVideos.com. It is like having a co-founder for $59.00.           ★ Support this podcast ★

The PodCraft Podcast: Series 3, Episode 17 Today we're looking at security – not the most sexy of subjects, but vital if you want to run a good Podcasting website long term, and particularly if you want to make a living from it. WordPress itself is not an insecure platform, but it's massive popularity makes it […]Support the show (https://pod.academy)