Select Page

If You Use This Script, You’ve Probably Already Been Hacked

Hacking Made Easy

Several years ago, web publishing company Interconnect/IT released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as searchreplacedb2.php, includes built-in WordPress compatibility that makes working with WordPress databases a breeze.

Unfortunately, it doesn’t include any authentication or security measures, which makes infecting WordPress databases equally easy.

During the last few weeks, our Security Services Team has noticed a spike in infections using this script. The hackers use their botnets to look for the script all over a target site. The following is a sample of log entries searching for this file.

We tracked scans from a set of known malicious IPs over the past two months, and you can see the activity (in the image to the right)

If they find this file, they use it the same way a website owner would – except in this case, they exploit a website.

We have prepared screenshots of the script in action. It’s a straightforward process using several pages. The first page prompts the user to choose to automatically get the database login information from the WordPress configuration file. Note the warning about removing the script – we’ve omitted it from the rest of the screenshots, but that warning is present on every page.

 

READ the complete article at https://www.wordfence.com/blog/2017/07/searchreplacedb2-security/?utm_source=list&utm_medium=email&utm_campaign=072517

 

Embed a YouTube Video in Site – DIY Godaddy

How to embed a YouTube video on your site and why it’s important

Great article by Godaddy’s Jennifer Priest that answers the DIY instructions of Embedding Video from YouTube into a website…

She writes…

Give your customers more resources

Whether your videos are entertaining or educational, embedding your videos from YouTube onto your site allows your customers to view content without leaving your site.

Seamless viewing makes for a positive customer experience and a killer interface.

When you embed a YouTube video on your site, you give customers access to content they might not have been aware of. They can then subscribe to your channel via annotations in the embedded video. Set your videos to function however you deem fit — autoplay from the beginning, start at a specific timestamp, captions, etc.

Pro tip: Don’t forget, a strong YouTube presence greatly helps with your social media marketing!

Embed a YouTube video to kick off your yearEmbed A YouTube Video Icon

They say 2017 is the year of video. Are you ready to embed a YouTube video? Even if you’re not looking to dive in and create your video content, you can use YouTube feature videos from others on your site. It’s easy, it’s free, and anyone can do it!

 

READ The Complete Article HERE


The Importance of Your Business Website

During a time where consumers are using their smartphones for approximately 151 minutes, spending time in front of a computer for 103 minutes, and utilizing a tablet for 43 minutes every day, you would think that having a well-constructed company website would be a no-brainier business decision. Yet, shockingly, over half of all small businesses still doesn’t have a website.

Aside from it being one of your best marketing assets for brand awareness and visibility, a website establishes credibility and creates a link of trust between your business and your potential consumers. Actually, when surveyed, 94% of consumers said that bad web design alone is the number one reason to mistrust a business or organization. That means that companies with a website that are just poorly designed, are missing out on a lot of prospective clients. This number doesn’t even account for a lack of a having a website altogether.

When companies are asked why they don’t have a website, the reasons most often cited are cost and a perceived lack of importance. These reasons can only be attributed to not knowing the true power and reach a website really has. First, the costs of having a website do vary, but the price is next to nothing when the value is considered.

Just yesterday I was in desperate need for decorations for an upcoming birthday party I am planning and when a local well known party store was sold out in the theme I required, I did what most consumers do. I took to the internet in search of an alternate store that might carry what I was looking for. However, it was every consumer’s worst nightmare. There was only one other party store in the vicinity, decreasing the odds that I would be bringing home my supplies day of. I had never heard of this second company before, so I decided to check out their website before driving over. Unfortunately for me and for that company, their website did not exist.

Like most consumers do, I had expected to find a website. When this company failed to deliver on that aspect, they were already disappointing me before they even had a chance to serve me. At that point, it didn’t matter if this company was truly credible or ran a fantastic business, they didn’t leave that impression on this customer. I didn’t have time to waste driving over to another store that might not carry what I needed, or might not even exist at all for that matter. So, I sucked it up and drove home knowing that I was going to have to order everything online from company #1.

The value of a website comes down to one really important reason that your business should care about:

POTENTIAL SALES

Your visibility among potential consumers plummets with every second you aren’t online, because you better believe consumers are.

Without a website, or with a poorly designed one, consumers are not going to trust your business. Simply put, the impact of your web presence determines the way potential consumers view your credibility as a business.

Consumers will purchase products online from a website when they cannot find what they are looking for locally. Why not be that company offering what they are looking for when local shopping doesn’t work out? If it’s not you they choose, it’s your competitor.

Nearly all consumers (97%) research and/or purchase products online. Even if they ultimately do not purchase from you, they are more likely to come across your name, which increases brand awareness.

If it’s your website that answers the consumer’s questions, you are building a relationship with your audience without even knowing it. Therefore, that consumer will remember that it was you that last helped them by solving their problem and will be more likely to come to you in the future.

Again, not just any website will be effective and your number one goal when creating your website should not be solely focused on sales. However, it is an important byproduct of utilizing a web presence as marketing tool that cannot be overlooked. Your company needs a website if you want to make consumers aware you exist, if you want to stand out, if you want to win out over your competitor, if you want your customers to trust you, if you want consumers to CHOOSE YOU.

Web Site Features Not Popular in 2014

Many Outdated Bells and Whistles are Web Site Features Not Popular in 2014

The Use of plugins and elements that bring nothing to the table for the real value of your website and that actually downgrade the total experience for the visitor should be avoided.  Many things like animated gif, Flash Intros and too much text are just a few things that are NOT encouraged for a 2014 responsive / mobile ready website.

Are there too many icons, pictures?  Widgets, sidebars, as well as Search Bars are now being phased out.

Keep your site streamlined and effective for the viewer browsing experience!

 

Intros and Splash Pages

Unless you are Coca – Cola or a High profile company that people expect to see a production video on entering the site, this is a bad idea!  Intro’s annoy people who are not expecting to see one and don’t work on all devises… like apple products to name one…  So, the experience is not only downgraded but diminished to the point of leaving your site before ever entering it.

 

Photo Galleries and Special Photo Players

Many of your Gallery slide shows don’t take into the account the viewing device that will be used… the slide show will either be too fast or not compatible for the viewing experience and this makes it a bad idea to create a SLIDE SHOW.  You can produce a gallery page should the viewer desire to review the images but, just not in the fashion of a slideshow or carousel image slider.

Stock Photos

When Branding your website the more you lean to official, personal, real life images of your business and the people involved in your business the more effective your site will be.  Many costumers desire to interact with a branded business that introduces its product, real people and business practices on the company website not a cookie cutter site with stock images.

 

Auto Playing Videos and POP UPS

There are many stats showing that the viewer does NOT like auto playing videos when viewing a website as it is serves as a distraction by high-jacking the viewers experience.  The viewer should be given the consideration to view the site and its content under their own terms.

POP-UPS are annoying when you are trying to read an article or view content and a popup blocks this experience… THIS IS NOT a VALUE to your viewer!

 

M.dot Sites

These sites are designed because a company website redirects its visitor to a mobile site design… Spend the extra time and money to develop a website that is responsive to all devices …YOUR CUSTOMER will thank you as their experience will be 100% improved! NO REDIRECT NEEDED!

 

A New Internet Explorer Security Flaw

A New Internet Explorer Security Flaw Leaves One-Quarter Of Web Browsers Vulnerable

By: Charlie Warzel – Great Writer with Buzzfeed Staff

buzz-Internetflaw

 

More bad news for online security, especially if you use Internet Explorer to browse the web.

Last night, Microsoft announced that all versions of Internet Explorer have been affected by a “zero day” security flaw (a “zero day” flaw is a vulnerability that gives victims zero days of warning before attack). According to the security company FireEye, the flaw leaves 26.25% of the browser market vulnerable to attack. This, of course, comes just weeks after the OpenSSL flaw Heartbleed left over two-thirds of the internet vulnerable to potential attacks.

Here’s how the web browser market share breaks down for Internet Explorer as of 2013, according to NetMarket Share:

networkstats

Plainly speaking, the flaw allows attackers to corrupt and steal data after users are lured to fake websites, meaning anyone using Internet Explorer should be extra vigilant clicking suspicious links that might come through email or other spam sites.

Here’s a description of the flaw according to Microsoft’s Tech Security Center:

The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

So far, Microsoft says it’s only seen “limited, targeted attacks” as a result of the vulnerability, with most of the attacks coming through IE versions 9 and 11. The company hasn’t released a patch for the flaw yet, but we will continue to update when one becomes available.

Correction: A previous version of this story cited an Adobe security patch as a fix for the Internet Explorer flaw. That patch was unrelated to the specific Internet Explorer error. So far, no patch has been issued. .