Skip to content
Business Roundup Week Ending January 19
Written By Nathan Ingram
The Unexpected Attack Vector Responsible for 60% of Hacked WordPress Sites in 2023?
- Thomas J. Raef, Founder of WeWatchYourWebsite, recently released a surprising finding based on analysis of 851+ billion WordPress log entries from more than 4 million WordPress websites.
- Compromised login credentials, and theme and plugin vulnerabilities were key attack vectors, but were not responsible for the majority of attacks.
- 60% of WordPress hacks in 2023 were caused by stolen session cookies.
- Stolen session cookies happen when a user logs in from a compromised computer. The malware then sends the cookie to a bad actor who has immediate access to the website.
- This attack is especially effective because it works regardless of password complexity, two-factor authentication, VPN, or even passkeys.
- Protecting against the attack involves keeping computers malware free by using security software and guarding against phishing attacks.
- Also, something as simple as logging out after every admin session can prevent successful session hijacking.
- How can you educate your clients about this new threat to their website’s security?
- Want to dig deeper? Check out this great article from Thomas J. Raef.
Can the Block editor and Page Builders Coexist?
- No doubt about it, the Block Editor’s capabilities have greatly improved, making it a viable website building option for basic sites.
- However, complex designs often still require page builders or custom code.
- Block editor proponents say sites designed in page builders are locked into those tools. However, using certain add-on block ecosystems have essentially the same effect.
- Some speculate page builder pricing may increase and user bases decline. However, many users still prefer the all-in-one experience of page builders over installing multiple plugins.
- Is there room for both the Block Editor and page builders in the WordPress world? What choice is right for your agency?
- Read more on this lively debate in this excellent article from Eric Eric Karkovack.
ChatGPT Under Fire: Understanding the Emerging Legal Risks
- OpenAI must defend itself in court after a judge denied its motion to dismiss a lawsuit by radio host Mark Walters. He claims ChatGPT defamed him by fabricating an embezzlement lawsuit.
- OpenAI’s liability theories around ChatGPT’s frequent falsehoods, or “hallucinations,” will now be tested in court for the first time.
- Do ChatGPT’s inaccuracies expose OpenAI and users to defamation liability if they publish content without verification? What do you think?
- This is certainly an important case to watch. Read more about it here.
Worth a Look