Connect with us

WORDPRESS

Retailers using WooCommerce are the next target for Magecart card skimmer attacks

Published

on

retailers-using-woocommerce-are-the-next-target-for-magecart-card-skimmer-attacks-–-news-…
Three new Magecart attacks are taking advantage of potential vulnerabilities in the WooCommerce ecommerce platform, experts have warned.

Discovered by RiskIQ, the vulnerabilities target retailers using third-party themes and tools to integrate into  WooCommerce pages that are particularly prone to Magecart risk.

As a result, many consumers are potentially vulnerable to having credit card details stolen ahead of the holiday shopping season.

Magecart threat

Further research by Barn2, a software company that specializes in WooCommerce products and WordPress, found that WooCommerce represents 29% of the top one million websites using ecommerce technologies. This exceeds five million active installs of the free plugin as of early 2021.

WooCommerce is notably popular because it is a free to use and easily customisable WordPress plugin.

“WooCommerce users are often small and medium-sized businesses, sometimes considered the most vulnerable, as they lack resources for complex and highly-vetted third-party tools. As we’ve seen over the years, both small and large retailers can be the targets of Magecart skimming,” RiskIQ wrote in its blog post.

In a typical Magecart attack, threat actors use a vulnerability and weaknesses in an ecommerce platform to inject a malicious code that skims online payment forms to intercept the payment information of unsuspecting customers.

As these third-party tools integrate with thousands of websites, when one supplier is compromised, Magecart has effectively breached thousands of sites at once.

RiskIQ’s detection of skimmers and other malware shows the innumerable ways threat actors gain access, deploy, and hide their tools on victim websites and advice site operations to regularly inspect their crontab commands for strange contents, ensure that access permissions are correct, and audit file access to it.

WORDPRESS

Confused by cryptic web hosting terms? We’ve got the explanations you need

Published

on

Web hosting key terms written in a circle

You need a website. Every web hosting (opens in new tab) provider in the world tells you it’s so easy to make that happen. But then you look down their product and feature lists, and they’re crammed with cryptic jargon, obscure technologies and services that you don’t fully understand.

Do you need WordPress or WooCommerce (opens in new tab), for instance? Is it worth paying extra for NVMe? Is an Uptime Guarantee a feature worth having? And what is a vCore, anyway?

Source link

Continue Reading

WORDPRESS

A New Chapter for Video Uploads on WordPress.com – WordPress.com News

Published

on

A New Chapter for Video Uploads on WordPress.com – WordPress.com News

We’re excited to announce that you can now add chapter breaks to VideoPress uploads.

Today we’re excited to announce that you can now add chapter breaks to the videos you upload to your website with our VideoPress feature. Chapters offer a quick way to navigate longer videos and can be a great addition for your viewers.

Streamlined interface

We’ve built a streamlined and easy-to-use interface for your viewers to interact with video chapters. You can hover over the timeline to preview the next chapter and then simply click to navigate to it. The current chapter name is shown after the video timecode, and when you click it opens a menu to quickly jump to the start of any chapter:

How to add chapters to your videos

To add chapters to your video, all you need to do is edit its description in the block editor and add the timestamp for each chapter, followed by a title you’d like to display:

After saving, you’ll see the video block update and automatically display your chapters.

In the video below — which is a showcase for WordPress 6.1 — you can see how chapters work and look. Play around with the bottom toolbar to navigate to different chapters and bring up the chapter list.

We hope you enjoy this feature! Please share any feedback you have or an example of where you’ve used chapters for your videos. We love to see our features in action!

VideoPress is available on our WordPress.com Premium, Business and eCommerce plans. If you have a self-hosted site, check out Jetpack VideoPress to get high-quality and ad-free videos for your site.


Join 96,875,360 other subscribers

Source link

Continue Reading

WORDPRESS

An Easier Way to Share Progress on Your Website – WordPress.com News

Published

on

An Easier Way to Share Progress on Your Website – WordPress.com News

We’re excited to announce Site Preview Links, a feature that will let you easily share a “Coming Soon” Business or eCommerce site.

Do you build sites for others? Have you ever struggled to coordinate and manage access to in-progress projects? How often do you have to help clients reset their passwords? We feel your pain, and we’re excited to announce Site Preview Links, a feature that will let you easily share a “Coming Soon” Business or eCommerce site.

Use Site Preview Links to Share Your Work

With Site Preview Links, you can generate a unique preview link for your in-progress Business or eCommerce site, allowing your team or clients to access the Coming Soon site without having to log in. This way, you can easily show off your work-in-progress and get feedback from your stakeholders without having to resend invites, update user roles, or reset passwords.

You can create and access the preview link directly from the Sites page:

You can then share the link with your team or client. When they access the preview link, they’ll bypass the Coming Soon screen and be able to view your site.

Site Preview Links is an easy-to-use feature that will save you time and hassle. It’s perfect for anyone who builds websites for others, whether you are an agency with a growing client roster, a contractor with just a handful of projects, or simply someone who knows a lot of people who need websites.

How Site Preview Links Work

WordPress.com uses a secure HMAC hashing algorithm to generate Preview Link that is unique across all sites. The possible number of unique hashes is 2256, which heavily exceeds the number of grains of sand in the world!

Users who access your site using the shared preview link can continue navigating through the site, as WordPress.com uses a browser cookie to preserve the link value for the user’s session.

The link won’t expire, but you can disable it anytime. Users who already have access to your site using the preview link won’t be able to access the site anymore once you disable the link.

If you change your mind, you can always enable the link again, and we will generate a new, unique, ready-to-share URL.

If you need help with Preview Links, check out our more detailed guide.

Build Your Next Site on WordPress.com

Try Preview Links today and see how it can help you save time and make your life easier. Your clients will be impressed with the convenience, and you’ll be able to get their feedback faster.

Preview Links are just one of the reasons WordPress.com is the best managed WordPress hosting on the planet alongside other features we released this year: the Sites page, SSH access, SSH keys, and our data center picker. If you are interested in more details, you can follow our Developer Blog.

What other feature would you find valuable? How could we make WordPress.com an even more powerful place to build a website? Feel free to leave a comment or submit your ideas in our short feature request form.


Join 96,866,969 other subscribers

Source link

Continue Reading

Trending

en_USEnglish