Connect with us

WORDPRESS

Data Breach Spreads To Six Web Hosts

Published

on

Data Breach Spreads To Six Web Hosts

The GoDaddy data breach that affected up to 1.2 million web hosts has expanded to six more web hosts serving customers worldwide. The six additional compromised web hosts are resellers of GoDaddy’s hosting services. The extent of the intrusion appears to be the same as with GoDaddy, with matching dates of when the security intrusion began.

The six compromised web hosting providers are:

  • 123Reg
  • Domain Factory
  • Heart Internet
  • Host Europe
  • Media Temple
  • tsoHost

Precise Dates of Intrusion

The state of California published notification of a security breach submitted by GoDaddy on November 23, 2021.

In the California notification GoDaddy provided specific dates for the security intrusions.

The dates of intrusion are:

  • 09/06/2021
  • 09/07/2021
  • 09/08/2021
  • 09/09/2021
  • 09/10/2021
  • 09/11/2021
  • 11/07/2021

Those dates are important because customers of at least two of the hosting providers were sent notices that referenced the same date of intrusion, September 6, 2021 according to information published by Wordfence. That implies that the root cause of additional data breaches are connected, if at least by date if not more.

The notifications sent to GoDaddy customers and to at least two of the additional web hosts are also similar.

This is the text of part of the email sent to GoDaddy customers:

“We are writing to inform you of a security incident impacting your GoDaddy Managed WordPress hosting service.

On November 17, we identified suspicious activity in our WordPress hosting environment and immediately began an investigation with the help of a third-party IT forensics firm and have contacted law enforcement.

Our investigation is ongoing, but we have determined that, on or about September 6, 2021, an unauthorized third party gained access to certain authentication information for administrative services, specifically, your customer number and email address associated with your account; your WordPress Admin login set at inception; and your sFTP and
database usernames and passwords.

What this means is the unauthorized party could have obtained the ability to access your Managed WordPress service and make changes to it, including to alter your website and the content stored on it.”

The notice sent to GoDaddy customers is similar to the email notice sent to MediaTemple customers.

This is a part of the email sent to MediaTemple customers:

“…we have determined that, on or about September 6, 2021, an unauthorized third party gained access to certain authentication information for administrative services, specifically, the customer number and email address associated with your account; your WordPress Admin login set at inception; and your sFTP and database usernames and passwords.”

The administrators of the respective web hosts have reset passwords and recommend that customers reset their passwords. Those whose SSL certificate data was exposed may have to have their certificates reinstalled.

Customers Face Possibly Compromised Websites?

Customers of the additional six web hosting providers that were subject to a data breach may face the possibility of further security issues given that their sensitive data was exposed for two months undetected, giving hackers time to install backdoors, add rogue administrative accounts and upload malicious scripts.

Citations

Read The Wordfence Security Advisory

GoDaddy Breach Widens to tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe

California Data Security Breach Notification

Sample Of Email Sent By GoDaddy (PDF)

Searchenginejournal.com

WORDPRESS

A New Way to Ignite Your Growth on WordPress.com – WordPress.com News

Published

on

A New Way to Ignite Your Growth on WordPress.com – WordPress.com News

Introducing Blaze. Turn your site content into clean, compelling ads that run across millions of sites on WordPress.com and Tumblr.

At WordPress.com we’re always looking for ways to make building and running your web site simpler and more impactful (and more fun!).

One of the biggest challenges for any site owner is finding your readers, fans, customers, or subscribers. Until now, promoting your WordPress.com web site required multiple tools, online accounts, professional design and marketing skills, and – yes – lots of money.

That’s why we’re excited to announce Blaze, a new tool allowing anyone with a WordPress blog to advertise on WordPress.com and Tumblr in just a few clicks. How? By turning your site content into clean, compelling ads that run across our millions-strong network of blogs.

How Blaze works

If your website is hosted on WordPress.com, then head to wordpress.com/advertising and select your website — you’ll see a list of recent posts and pages you can promote. If your WordPress site isn’t hosted on WordPress.com, you can take advantage of Blaze through the Jetpack plugin.

Alternatively, when viewing the post or page list in your WordPress.com dashboard, click the ellipses (three dots) next to any individual post/page to bring up a new menu, then click “Promote with Blaze.”

Now you’ll be in the Blaze Campaign Wizard.

Step 1: Design your ad. The wizard automatically formats your content into a beautiful ad, but you can adjust the image and text however you like.

Step 2: Select your audience. Want to target the whole world? Only people in certain areas? Folks who are reading content about a specific category, like movies or sports? As you adjust these settings, you’ll see our estimate of how many people you’ll reach.

Step 3: Select your dates and set your budget. Run your ad for up to 28 days. As you update your budget and dates, we’ll tell you how many more people you’ll reach.

Step 4: Finish and pay. We may offer the lowest ad prices in the industry, but we also protect your content with a system backed by Verity and Grapeshot. So rest easy knowing that your ads will only show up where they’re supposed to — and nowhere you’d feel strange about.

Once your ad is running, you can check how it’s doing in the “Campaigns” tab of the advertising page.

Our campaigns are billed weekly based on how many times your ad is shown, so you’ll only ever pay for what you signed up for. As always, you can find even more details about this tool on our support page.

This feature is currently only available to users with “English” set as their primary language, but we’re working hard on bringing it to other languages as well.

Let us know what you think about Blaze!

We’re excited to launch this powerful new feature, and we’re eager to get feedback. If you have any questions about it, challenges while using it, or ideas to make it better, please share them with our team. We’ll make sure a real person reads through all of the feedback, and we’ll be working tirelessly to make sure that this tool is something valuable for you.


Join 96,844,605 other subscribers

Source link

Continue Reading

WORDPRESS

Supercharge Your Social Media With a New Link in Bio Page – WordPress.com News

Published

on

Supercharge Your Social Media With a New Link in Bio Page – WordPress.com News

A .link domain name and Link in Bio page supercharges your social media by giving you a place to host all of your links.

Social media is a great place to build and connect with your audience while promoting your offerings. However, you don’t own your social profiles or traffic. Creating a Link in Bio page with w.link enables you to truly own your content and traffic while tailoring it to increase your engagement and conversion rates across all of your social channels.

You can also embed Paypal, Amazon stores, an e-commerce store, and other features that allow you to continue earning money.

As a creator, we know how much effort and time goes into finding the right audiences and perfecting your offering. We know you already manage multiple deadlines and channels, with increasing competition everywhere you look. We wanted to make it a lot easier for you to handle your operations while making sure you can link to all your available channels and revenue streams.

Set up your Link in Bio with ease

Once you’ve picked a URL at w.link, simply choose your design, upload your profile image, tweak your site info, and add your links. You’ll be launching your Link in Bio site within minutes!

Once you add your unique link to your social profiles, you’ll be able to monitor traffic and stats from your WordPress.com dashboard.

We don’t limit the number of links you can have, so any time you have a new product, offering, or site to share, you can swap out a link and we’ll preserve your old links and traffic. Alternatively, you can add as many new links as you need to your Link in Bio site.

A domain that comes with unparalleled performance

Link in Bio sites powered by w.link are optimized  for the best performance across web and mobile, with spectacular load times. We know social media is a 24/7 job, so our never-sleeping servers ensure that business goes on (even while you sleep!) and we can handle the traffic with ease when your content goes viral.

Helping content creators win

Get started today with a free .link domain with any paid plan, or for just $0.99 for a new .link domain registration. We’re committed to investing in creators! Win it with w.link!

Want to learn more before jumping in? Read this article about all the tips and tricks we have ready for you.


Join 96,836,484 other subscribers

Source link

Continue Reading

WORDPRESS

Tools to Make Designing Your Site Easier Than Ever – WordPress.com News

Published

on

Tools to Make Designing Your Site Easier Than Ever – WordPress.com News

Our newest features are largely design-focused, giving you the confidence to explore a variety of styles and then easily apply them across your entire site. 

At WordPress.com, we’re always adding features and pushing our blocks and Site Editor to do more so that you can create, design, and publish amazing things with ease. Our newest features are largely design-focused, giving you the confidence to explore a variety of styles and then easily apply them across your entire site. 

Let’s jump in and see what’s new. 

Browse Mode: An easier way to navigate the Site Editor 

Browse Mode allows you to easily explore, navigate, and edit your site’s templates and template parts, including adding new templates right from this interface. To play around with Browse Mode, simply click your site’s icon from the Site Editor. 

When to use this feature: You want to see how all the pieces of your site fit together — and to jump between your templates and template parts for easy editing.  

Clearer access to your advanced block settings

With more powerful blocks comes the need for easier, more intuitive access to advanced settings for those blocks. To that end, we’ve split block settings into two tabs within the sidebar. On the left side, you’ll find standard customization options like color, typography, and spacing. On the right side, you’ll find more advanced options, like layouts, custom CSS, and a button to apply changes across your entire site (more on that below).  

When to use this feature: You’re working on your navigation menu and need more customization than just color or typography options. Go over to advanced settings to change the orientation of the menu from horizontal to vertical — among other things! 

Preview style options with the Style Book 

A number of themes, including staff favorite Twenty Twenty Three, now come with styles, which change the look and feel of your site — color, spacing, etc. — within the overarching design aesthetic of the theme. 

With the newly launched Style Book, you can now see how various styles affect different blocks. You’re able to preview colors, typography, embeddable media, and more. 

When to use this feature: You’re curious about switching up the colors or typography on your site, but you want to know what it’ll look like, especially within specific blocks, before committing. 

Apply design changes across your entire site  

When working and designing in the Site Editor, it’s easy to find yourself having created a certain style that you really like and want emulated across your entire site. With our new “Apply globally” button, you can do just that. 

When to use this feature: You’ve spent some time styling a heading (or other block) on your homepage or a page template, and you want that look to carry over across all the headings (or whichever block you’re working with) on your site. 

In Case You Missed It 

In the midst of holiday season business, you may have missed some of our other recent and exciting updates:  

Boost your traffic with Blaze

Learn how to turn your posts and pages content into clean, compelling ads that run across millions of sites on WordPress.com and Tumblr.

Explore new themes   

We introduced five beautiful new designs in January, including our new default theme, Twenty Twenty Three. 

Grab yourself a .link domain 

A .link domain name and Link in Bio page supercharges your social media by giving you a place to host all of your links.

Insert chapter breaks on your videos 

Chapter breaks offer a quick, convenient way for viewers to navigate longer videos or see the outline of a video’s content at a glance. 

Share your work-in-progress website

With Site Previews, you can generate a unique link for your in-progress Business or eCommerce site that allows your team or clients to access and explore the site without needing to log in. 


Join 96,830,216 other subscribers

Source link

Continue Reading

Trending

en_USEnglish