Today is being called “Black Monday” in many information security circles. We have had a major Wi-Fi vulnerability announced that affects absolutely every device that supports Wi-Fi. The vulnerability allows attackers to decrypt WPA2 connections. A second vulnerability has also emerged today. This is a bad day for security.
There is a lot of very technical information, which most of you won’t understand, but if you techies want to read the full article, WordFence wrote it much better than I ever could. You can catch that post here: WORDFENCE WPA2 ENCRYPTION CRACKED!
Just to show you how quickly a hacker can now get onto a wifi network, and get passwords, and much, much more, I’ll add the Video here so you don’t have to click to watch the video.
I will follow up this post, as soon as I learn how to secure wifi again. As it is, everyone is using WPA2, it was supposed to be the unbreakable security method. But I’m sure they will tell us quickly how to block these kind of attacks, and I will pass it on to you as soon as I find out myself. (because information should be shared)
WordPress 4.8.2 is released. Time to update core files again. Keep them current, and stay secure out there!
If you would like to know what the changes are (and they are always good…WordPress is one program that doesn’t send out updates unless they actually accomplish something, and it’s typically quite a bit!) …you can read about them here: [su_permalink target=”blank”]https://codex.wordpress.org/Version_4.8.2[/su_permalink] Just for a highlight, I will say that on the SECURITY side, there are 5, (not 1, but FIVE) cross-site scripting (XSS) vulnerabilities plugged in this update. So for security reasons alone, you should update. Not to mention that there are typically great functionality upgrades as well. Don’t forget to backup first, before doing any CORE updates (and themes also usually) …the FILES AND THE DATABASE! …just in case something doesn’t work right with your server. The one time you don’t do a backup, you will probably need it, because that’s just how life works. 🙂
Sign up for email updates and get valuable posts in your inbox if you like. It’s not like we write 10 a day…sometimes not even 1 a week, but we do try to post the important stuff.
[edsanimate_start entry_animation_type= “rollIn” entry_delay= “0.5” entry_duration= “1.5” entry_timing= “ease” exit_animation_type= “” exit_delay= “” exit_duration= “” exit_timing= “” animation_repeat= “1” keep= “yes” animate_on= “load” scroll_offset= “” custom_css_class= “”][edsanimate_end]You probably heard about this, but probably thought what happened was already done and over with. It’s not. There is an October deadline when all Google (I.E. CHROME) browsers will flag all non-SSL sites as insecure. In order to not be flagged you will need to have a certificate installed, activated, and configured so your site redirects to a HTTPS:// URL prefix instead of HTTP. If you want to read an article about it, here’s one (you can Google it and find more I’m sure) google-reminds-website-owners-to-move-to-https-before-october . It is supposed to only flag websites that have password or credit card form fields on the site.
But, it is also important to recognize that even if you don’t have password or credit card form data fields on your website, it is still beneficial to install SSL on your site for the SEO benefit alone. If Google is penalizing the page rank for non-encrypted sites, and they are, you really can not afford to not install it, can you? Do you want to be on page 4 or 5 when people search for your type of business on Google? Because if you don’t put SSL, your website will go to the end of the list. Sorry. Don’t shoot the messenger.
There are many different types of SSL certificates out there that you can get for a whole range of prices, ranging from $10 to $500, depending on your need. The ones that come from your host tend to cost more. If you just want a cheap one, you can get one here: https://www.ssls.com/ . The $4.99/yr one is only if you purchase that cert for 3 years, for around $15 total. If you just get it for one year, it’s $8.95 I think.
This is just a courtesy post. WordPress 4.7.5 which is a security release, is out today. And with all the new crazy malware and ransomware out on the internet spreading like crazy right now, you need all the security you can get, so go update right away, and stay safe! https://wordpress.org/news/2017/05/wordpress-4-7-5/
I get calls all the time from people who have simple questions…How do I do something on Facebook? How do I do something online? What would be the best or cheapest solution to my problem? Etc, etc. Everything I.T. is a business that cares about people. We are a business, yes, but there are many things you just shouldn’t have to pay for, …and general assistance is one of them. We aren’t going to take your money if we can help you save it. There are too many people trying to take every darn penny you earn for stuff that we, as human beings, should do for each other. I see so many places “charging” to support their own customers…people who have already purchased their products, and I for one, find it distasteful and appalling! So Everything I.T. now has a help forum. If you want to ask a question, please ask it there, so that others can benefit as well from your question and the answer that goes with it. (Didn’t they tell you all through school that there is NO SUCH THING as a stupid question?) …It’s true. When you ask a question, you actually help others as well who may not have the words to ask, or who may be too embarrassed. It’s a simple sign-up, and it’s encrypted so your email doesn’t get hacked. (in fact our entire site is encrypted!) So just go to the help forum, and post your question, and we will try to answer it as soon as possible. And if you read something I answer, and have a better answer, you can sign up to respond as well. so don’t be shy because you are the first one to post. I imagine on every forum that started, someone went first at some point. 🙂
You there is 1 topic started, only to make it easy for someone not so technical I guess…all you have to do is hit reply. But you are most welcome to start your own topic if you want. Anything not X-rated (this is an under-13 approved site) or illegal is welcome.