Blog Overall rating: ★★★★★ 5 based on 23 reviews
5 1

BlogSimplio Labs Blog

Once we accept our limits, we go beyond them.
Albert Einstein

WordPress 5.4 Lazy-Loading to All Images

What's New, Wordpress No Comment

Source: Searchenginejournal.com

WordPress announced that WordPress 5.4 may feature image lazy-loading by default. This feature will enable the “loading” HTML attribute on all IMG elements. WordPress publishers will no longer need to use JavaScript or third party plugins for lazy-loading their images.

Lazy-loading

The lazy-loading HTML attribute tells a browser to either wait before downloading an image or to download it right away. There is no JavaScript need to accomplish this.

There are three kinds of lazy-loading attributes but only two that really matter:

  1. Lazy
  2. Eager

Lazy, which will be enabled in WordPress 5.4 by default, means to wait until the user’s browser viewport is within a certain distance before downloading the image. This behavior will speed up users’ experience on WordPress sites.

The “eager” attribute tells the browser to immediately download the image.

WordPress 5.4 Release Date

WordPress 5.4 is currently set to release on March 31, 2020. That date is subject to change depending on how ready the release is. But WordPress has been very good about meeting their deadlines.

According to the WordPress comments, the lazy-loading attributes will be implemented in a manner that makes it easy to remove them. This is important in case future browsers begin lazy-loading all images by default, without the need for a loading attribute.

Google has indicated via Web.dev that there are plans to automatically enable lazy-loading to all images when a browser in the Lite mode (formerly known as Data Saver mode).

Test Drive WordPress Lazy-Loading

The WordPress team has officially released a WordPress lazy-loading plugin designed for testing purposes. Publishers who want to test it and give feedback are welcome to download the plugin and give it a try.

Read the official WordPress announcement here:

Lazy-Loading Images in WordPress Core

Top 5 Must-Try PPC Tactics for 2020

Business Advice No Comment
Pay Per Click Tactics 2020

Image by mohamed Hassan from Pixabay

PPC or Pay-Per-Click is a way of internet marketing. Advertisers have to pay each time their ad link is clicked on. This way, instead of waiting for your advertisement to generate traffic on its own, you can pay for a target audience. PPC, therefore, allows you to reach and engage potential customers quickly. Given below are five PPC tactics or trends that you should definitely try this year.

  1. Layered Audience 

It is very important to know which audience you are catering to. Once you determine this, it will help you to design your campaign better.

  • Demographics & Affinity

Using Google Ads and Analytics, you can target your desired audience. Demographics and affinity when taken into consideration, can help you to determine and narrow down your audience which in turn will allow you to engage them better.

  • Market

In-Market Audiences are audiences that are actively in the market, looking for specific products or services. Such audiences can be determined by browsing history or present search activity.

  • Life Events

People who are going through some major changes or life events can become potential customers and using Google Ads you can run specific promotions. However, there are limitations. These include not being available for campaigns on Gmail or YouTube and not being able to target any life events other than graduation, marriage and changing homes.

  1. Running A Responsive Search Ad (RSA) for every Ad Group

RSA for every ad group might not have proved to be successful in the past. But the trick here is to focus on different keywords and even shifting a bit from the target audience. Keep in mind the following points while running RSA.

  • In machine learning, the keywords are evolving and the machine must learn which of these work and do not work in particular campaigns. The whole thing is a work in progress and will require some time.
  • Headlines and descriptions that you put in will have to be of good quality. If the input quality is mediocre then you cannot expect the machine to generate proper output.
  1. Establishing Target Cost Per Acquisition (CPA) or Return on Ad Spend (ROAS)

CPA or ROAS can be very useful when calculated with proper logic and incorrect context. To optimize a promotion correctly, you can use CPA or ROAS to reach a specific number. This can be done by considering

  • The different campaigns that have to launched
  • What the lifetime value of a potential customer is
  • All margins
  1. Reviewing Different Features in Google and Microsoft Ads

The following features are available in Google Ads and Microsoft Ads and they can help in optimizing your campaigns.

  • Gallery Ads
    • These allow the content to be present at the very top of a search results page and in the form of images that can be swiped for viewing.
  • Promotion Extensions
    • At the ad group level, these extensions are great for advertisers who use site links or ad copies.
  • Lead Form Extensions
    • Using these extensions, advertisers will get to know their leads from a paid ad.
  • Image Extensions
    • Images along with texts automatically attract more viewers. With Microsoft, advertisers can upload images while in Google the images can be directly taken from the websites.
  1. PPC Automation

Automation is one tactic that you cannot miss out on using. It will help in ad testing and with optimization of PPC campaigns. PPC automation will do the  following things:

  1. Determine the best strategies to achieve specific goals
  2. Prioritize ads that are doing better than most
  3. Getting proper ad performance reports
  4. Using Google Scripts to generate and optimize ad copy

Google Launches SOS Alert For Coronavirus in Search Results

What's New No Comment

Google has teamed up with the World Health Organisation to launch and activate an SOS alert in search results for searches related to the coronavirus outbreak.

Introduced in 2017, Google’s SOS alerts are activated during crisis events where public safety might be at risk.

The search engine will prioritise information on the virus from the WHO, including safety tips and WHO Twitter updates on the spread of the virus and how to stay safe.

Anyone searching for information related to the coronavirus, an SOS Alert box with resources from WHO at the top of the results page will be shown.

Google SOS Alert Coronavirus

Source: Dailymail.co.uk

Where does Google get content for SOS Alerts?

According to this help document by Google:

We have teams around the world who source content from government agencies, first responders, trusted media outlets, and NGOs. We also aggregate information from other Google products and services, such as Google News, Google Maps, Waze, and more.

 

How to improve your Website Marketing?

SEO Tips, Web Design Tips No Comment

No matter what kind of company you run, make sure your advertising and website marketing is on point. This is particularly the case if you run a roofing company; competition is strife and there are a lot of other businesses running campaigns out there to try and attract new customers. Now, there are a lot of ways to advertise but the best ways are usually online- everyone uses the internet and if you can appeal to people out there, you’ll be well on the way to getting as many on board as possible. However, getting seen on the internet isn’t an easy process. There are a lot of other websites competing for top spots and that’s why you need to make sure your marketing and tactics are on point, but how do you do this? That’s why I’m here- here are the best ways to improve your website marketing if you’re a roofing company.

Go for Search Engine Optimization (SEO)

The first thing I’d recommend doing is working on your search engine optimization. SEO is one of the most important things when it comes to getting your website higher up on the search results lists and it more or less involves improving certain things to do with your site- working on keywords, making it more in line with search engine algorithms and other things like that. You could do this yourself and there are a lot of people out there who do it on their own for their own companies.

However, I believe that hiring an SEO company could be a worthwhile option for you as well. By doing this, you’re putting your SEO in the hands of professionals who will really know what they’re doing. They know all the tricks of the trade and by simply paying them a required fee, you’ll be in really good hands. There are a lot of good SEO companies for roofers out there but if you want to check out an example, go and have a look at http://www.roofingseogeeks.com 

Ensure website design is up to date

I’d also recommend making sure your website is up to scratch in terms of design. It’s really important that your website looks good when people are using it; if it looks messy and unorganized, visitors will be much more likely to click off it and visit other sites. By having a clean and organized website that’s user-friendly and easy to use, people will be much more likely to stay on it and hire you for any work they need done. Make sure your colors all match and aren’t too in the face of users, make sure all links are easy to click on and use and ensure any contact details are easy to find as well. This will ensure all users who visit your site will have a good time.

Advertise on social media platforms

Advertising your website on different social media platforms could also be really useful. This will allow people to see your website as an option; they’ll be much more likely to visit it and more people will know it exists. No publicity is bad publicity when it comes to website visitors and this is vital if you want to be a successful roofing company.

Source: Daily Host News

Plugin flaw puts over 200,000 WordPress sites at risk of attack

What's New, Wordpress No Comment

Over 200,000 WordPress sites have been warned they may have been exposed to a bug that allows hackers to take over the website easily.

The affected sites were all found to be running an unpatched open-source plugin that puts them at risk of attack.

This high severity cross-site request forgery (CSRF) bug has impacted a plugin called Code Snippets which is used to run PHP code snippets offering a graphical user interface that looks similar to the plugins menu.

Attacked

The bug, first tracked by security firm Wordfence, allowed attackers to inject a PHP code on behalf of the administrator and execute malicious codes remotely. It also allowed hackers to create new administrator accounts, extract sensitive data, and even infect site users.

Wordfence researchers pointed out that though the developers had followed all the security measures however, the import function in the plugin had a flaw that could be easily compromised.

The vulnerability has been fixed on 25th January, a couple of days later it was reported, with the latest release of the Code Snippet plugin now version 2.14.0. Any admins running an older version of the plugin have been told they must update to the patched version.

As per a WordPress plugin download data of the latest update, approximately 58,000 users have downloaded the updated plugin while over 140,000 users are still on the older version and are vulnerable to hack.

 

Source: TechRadar

How Passwords Get Hacked

Uncategorized No Comment

How many passwords do you use in a given day?

Everything on the internet requires a password. It can be tough to keep track of them all and keep coming up with strong passwords. For proof, listen to the grumblings in most office buildings on the day passwords are set to expire.

The disdain for passwords leads to a lot of bad password practices. This includes reusing passwords or keeping them basic. But steps to make passwords easier to remember also makes them easier for hackers to guess.

How Passwords Get Hacked

To hack a password, first an attacker will usually download a dictionary attack tool. This piece of code will attempt to login many times with a list of passwords. Hackers often publish passwords after a successful attack. As a result, it is easy to find lists of the most common passwords with a simple Google search.

The attacker will then load the dictionary attack tool with a list of passwords. The tool will attempt every password until finding a match. Now, the attacker can log in with administrator credentials and install a backdoor for future entry. With a backdoor in place, the hacker can begin installing additional malware and other malicious code that damages your online presence.

The speed and success of a password hack will vary depending on whether it is an offline attack or an online attack. An offline attack allows an attacker to leverage the full power of their device, which will vary depending on the attacker’s setup.

For example, offline password cracking could make up to 2 million attempts per second when leveraging the power of multiple GPUs. If the attacker has access to a botnet of infected machines, they can speed up the process by using the resources of those devices. A very simple password can be hacked this way in a matter of minutes.

An online attack is much slower. There are constraints set by the victim web server and the application (e.g WordPress) that can hinder the attempt rate. A common example of such a constraint is limiting the amount of password attempts. This will slow down the attack, but attackers won’t stop there.

Next, they will try techniques like credential stuffing. The hacker will find a more tailored password list created from passwords stolen from previous compromises. This is why using complex and unique passwords is key to protecting your website.

Best Password Practices

The best passwords will not have any obvious combination of numbers or letters. That means most easy-to-remember passwords with names, words, and dates won’t cut it. If you can read the password as a word or phrase, a hacker using automated tools will be able to guess it. A good password is much more complex.

To make a password more complex, you will want to make it longer. More characters gives a password a lower chance of being guessed in a dictionary attack. A mixture of lower- and uppercase letters, numbers, and characters is also recommended

Unfortunately, complex means a bit more than replacing the letter “a” with an “@” or an “!” in place of an “i.” Adding a couple random numbers won’t work either. Many people use these tricks and hackers are well aware of them. This hardening technique may buy you a couple extra seconds against a hacker, but they can still get in.

To get a completely secure password, it will also need to be completely unique. If the password was ever used, it may be in a list and more vulnerable to a dictionary attack or credential stuffing. The best passwords are going to look like a random string of characters, numbers, and symbols. Imagine a cat running across a keyboard as you go to type in your password. A secure password should look like that.

Passwords should never be reused on multiple accounts. This increases the chances of a hacker being able to gain further access with the same credentials.

Now you know the best way to make and protect your passwords. Yet, the biggest question on your mind is likely, “How am I supposed to come up with all these passwords, yet alone keep track of them all?”

Using Password Managers

The bad news is that you shouldn’t keep using things like your favorite’s pet’s name or quotes from Caddyshack as a password. But the good news is that making and remembering complex passwords is not difficult. In fact, it’s very easy to do with a password manager.

A password manager is a service that generates unique, complex passwords and saves them in a secure vault. You can then use a browser extension and mobile app to auto-fill usernames and passwords. It makes keeping your passwords secure much easier.

Most browsers and mobile operating systems offer built-in password managers. But it’s recommended to use a third-party manager like LastPass, KeePass, or Dashlane. The built-in browser managers lack many of the best features of more dedicated services.

It’s worth noting many password managers do cost money. While LastPass, KeePass, and Dashlane do offer free versions, they may not work for all users. But the paid accounts cost only a few dollars a month. That’s a small price to pay to get rid of the headache of worrying about passwords.

Conclusion

Hackers have been finding ways to crack or compromise passwords since the day they were invented. The only thing more constant about passwords is the struggle to create and remember them.

Good password practices don’t have to be a taxing chore. Password managers take the burden off of creating and storing unique and complex passwords. It is the easiest way to prevent hackers from guessing your credentials, but the password could still be stolen and used by an attacker using different methods like keyloggers or MiTM attacks. This is why nowadays it is recommended to use additional authentication measures like multi-factor authentication.

But cybersecurity doesn’t stop with good passwords. Hackers have a full arsenal of malicious weapons to gain access to websites. You may want to consider our Website Security Platform  for a more robust cybersecurity solution.

 

Source: Sucuri

7 Reasons Why You Need to Update Your Reputation Management Strategy in 2020

Uncategorized No Comment

The reputation management industry has come a long way since the BIA Kelsey Group predicted that it would become a $5 billion industry sector by 2016. Indeed, there are more review management solutions, sentiment analysis monitoring services, and agencies engaged in ORM than ever before!

However, I am not certain that I would call online reputation management a “mature” industry, yet. Search algorithms have become more sophisticated, making search engine optimization of positive content more challenging to supplant negative items in search. Social media platforms, responsive to criticisms for enabling astroturfing in politics, have tightened security such that it is more challenging for agencies to manage accounts on behalf of reputation clientele. Laws protecting major online companies from liabilities for assisting defamation victims continue to be entrenched. And, personal and private data has become more and more exposed despite some efforts to reduce the public’s exposure.

All of this has made reputations more vulnerable to serious damage and has made reputation management more difficult in terms of clean-up of issues or even proactive development.

But, there are some positive things happening, too, so things are not all doom-and-gloom. Consciousness about online harassment, bullying, extortion and sextortion are on the upswing. The FBI and the Department of Justice have taken more of an interest in helping victims in such situations, and local law enforcement agencies have been increasing their capabilities for assisting in such situations. (See the California Attorney General’s Cyber Exploitation resource, for example.)

So, I have a few predictions for what may be in store for online reputations in 2020 — prepare yourself and prepare your company for what is one of the most important aspects of personal and corporate identity.

2020 predictions for online reputation management

1. SEO will continue to become more difficult for improving and controlling online reputations. My prediction 14 years ago that the practice of SEO might become eclipsed by user-centered design has largely come true. Most respectable SEO consultants now incorporate usability factors and user experience into large portions of their analysis and recommendations, in addition to search-oriented technical elements. Simple methods and tricks for manipulating search engines to rank webpages higher have largely been replaced by solid, mainstream marketing practices combined with a user-centered design focus and solid technical website construction. Further, the advent of search engines’ machine learning processing has made website ranking determinations far more holistic in nature — making it hard to tell what factors are ones that tip the decision as to whether one page outranks another or not. Ironically, aspects of reputation are now search ranking factors, so SEO practitioners need to pay attention to reputational elements as part of holistic optimization efforts.

2. Social media profiles will continue to grow in importance for one’s online identity. Not only do well-developed and actively-maintained social media profiles tend to rank advantageously in search engine results, but users seek them out for individuals and companies when exploring online identities that are new to them. For individuals, simply hiding one’s social media profiles does not really cut it anymore when potential employers and business partners are seeking information. And, consumers deeply desire access via social media profiles to communicate directly to companies — neglecting a company’s social media presence can result in increased consumer frustration, and result in more negative online reviews and ratings.

3. Laws will continue to favor large internet companies, protecting them from liability for content produced by third parties that may appear on their platforms. Silicon Valley lobbyists continue to hold sway in Washington and in state legislatures, keeping laws very friendly towards the large internet companies, resulting in keeping them largely non-liable for helping individuals and organizations remove false and defamatory information online. Section 230 of the Communications Decency Act was enacted in 1996 specifically to save internet companies on costs, while the U.S. legislature knew it would result in collateral damage for small companies and individuals. Arguably, it is time for Section 230 immunity to be changed, but there has been little movement to do anything that would substantially help people. While you might believe that our European counterparts have it better due to their “right to be forgotten” laws, this online “wild west” free-for-all that is maintained in the U.S. negatively impacts anyone in the EU that does business with America because their right to be forgotten is limited to searches conducted within their countries — people in the U.S. can still see contents in search that is no longer relevant or false about them.

4. Business review monitoring will become easier and less costly for companies. There are now multiple companies that provide some degree of review monitoring services across multiple review sites and for multiple business locations. What was once a difficult and costly effort for major chain store companies is now far easier to do from a central office. The increasing number of providers of these services is also starting to enable lower costs as competition in the marketplace produces more options.

5. Public relations and crisis communications will rise as even more important strategic components for online reputation, as opposed to strategies of only ignoring-or-displacing of negative items online. Public relations has been a solid discipline since before the internet, of course, but companies and individuals are again recognizing its value now after many modern companies attempted to skate by without professional staff or external support for public communications. Many have tried a do-it-yourself approach to this, and most fail miserably when trying to position themselves and to respond to public relations crises. Responding with integrity and conveying genuine concern can make all the difference between rapid or eventual reputation recovery in the public’s consciousness, or continuing with a damaged and tarnished reputation that hampers one’s performance in nearly any arena.

6. Professional online reputation management costs will drop within reach of more individuals and small companies. Let’s face it: professional online reputation management has largely been only a service available to individuals and organizations with larger amounts of resources. But, the increasing number of companies operating in the reputation industry is increasing competition, which will result in lower prices for consumers, and the flexibility and functionality available through internet technologies continue to develop, simplifying and making more efficient various aspects of online reputation management services. These factors will drive costs downward. Lawsuits remain one useful and effective option for some types of defamation, trademark infringement and online harassment, but that option remains costly and will be slower to change without further reforms of laws related to online reputation and less costly access to legal relief. Still, while litigation continues to have some major cost barriers, a lot of relief can be obtained more rapidly and cheaper through a combination of SEO, social media management, public relations, crisis communications and strategic internet content development.

7. Proactive online reputation management becomes more important than ever. As the internet became the go-to source for information about everything, one’s internet reputation became more important than ever. That trend has only increased over time, and one can declare 2020 as truly the moment when one’s internet reputation now outweighs nearly every other information source. As such, proactive online reputation management is now vital, and a core piece of best practices for marketing — with a weak and vulnerable online reputation, one is a sitting duck for any crisis, any bad review, and any crank with an axe to grind. Financial analysts are paying more attention to online reputation, and will increasingly check out whether companies are making efforts to manage their identities online in order to proactively protect themselves from any negative event. Do we even need to mention that HR departments check one’s reputation online before making hiring decisions, and people look up individuals for social reasons as well — including for dating, as well as for other social interactions?

As a sort of “bonus” prediction, the #MeToo Movement blew up in a massive way in 2019 — one can easily predict that this trend will continue to grow, and there seems little to stifle it. In the sense that bad behavior deserves to be called out, and that people should feel empowered to speak out against harassment and abuse, the #MeToo movement is a good thing. In this information age and time of growing, ubiquitous surveillance, it is harder to hide bad behavior, and people’s own actions will out them, more and more. So, expect the awareness created through the #MeToo movement to empower many people to speak out and publicize moments when they are mistreated, and these reports will affect individuals and institutions that are called-out. As people are aware of this societal shift, also expect organizations to become increasingly diligent about improving their policies for dealing with such claims, and responding to the reputational damage fallout. We already see this when companies rapidly suspend those accused, pending investigations, and fire those found to be in noncompliance with corporate policies.

Following reputation management best practices, one can build a robust online reputation and recover from past reputation damage. Focus on making 2020 your best reputation year, ever.

 

Source: Search Engine Land

How to Protect Your Organization Against Targeted Phishing Attacks

Uncategorized No Comment

Phishing emails are one of the most devious and deceptive means of cyberattack. Often sneaking past automated filters, such emails use social engineering to look real and legitimate enough to trick unsuspecting users into revealing sensitive information.

Beyond automated security tools, there are more people-centric strategies that businesses should adopt to protect themselves against phishing attacks, as described in the 2020 State of the Phish report released Wednesday by the security firm Proofpoint.

Based on a survey of working adults and IT professionals as well as other factors, Proofpoint’s report defines phishing as any type of socially engineered emails. The intent could be to deploy malware, direct users to dangerous websites, or collect sensitive credentials.

About 60% of the respondents said their organization faced fewer or about the same number of phishing attacks last year compared with 2018. That may seem like positive news. However, the trend is one that Proofpoint said it’s seen for a while.

Specifically, it means that cybercriminals are focusing on quality over quantity by launching more targeted, personalized attacks instead of just bulk campaigns.

Some 55% of the respondents dealt with at least one successful phishing attack in 2019. Around 54% of those hit by an attack suffered data loss, 49% saw credentials or accounts compromised, 49% were infected by ransomware, 35% were victims of some type of malware infection, and 34% suffered some type of financial loss or wire transfer fraud.

impacts-of-successful-phishing-attacks-proofpoint.jpg
Proofpoint

Organizations measure the costs of phishing attacks in a number of ways. The most common side effect was downtime hours for users, cited by more than half of the respondents. Other costs included remediation time for security teams, damage to reputation, business impacts due to loss of intellectual property, direct monetary losses, and compliance issues or fines.

how-organizations-measure-the-cost-of-phishing-proofpoint.jpg
Proofpoint

The ultimate goal of many phishing emails is ransomware. Some 33% of the organizations surveyed for the report were infected with ransomware in 2019 and opted to pay the ransom. Another 32% were infected but did not pay.

Among those that did pay the ransom, 22% never regained access to their data, 2% acquiesced to follow-up ransom demands and got back their data, but 7% were hit with additional ransom demands and never recovered their data.

Looking at attacks by a specific method of social engineering, 88% of organizations faced spear phishing attacks, 86% faced business email compromise (BEC), 86% social media-based attacks, 84% smishing (SMS/text phishing), 83% vishing (voice phishing), and 81% malicious USB drops.

To help your organization better defend itself against targeted phishing attacks, Proofpoint offers the following tips:

Commit to building a culture of security

If you want to truly make a change—meaning a mindset and behavior shift that has a positive, day-to-day impact on your organization—you must commit to bringing cybersecurity to the forefront.

Remember that anyone in your organization can be a target of a phishing scam and that anyone in your organization can help or hurt your security posture.

Everyone in your organization should know how they can be more cyber-secure. A broad, companywide security awareness training program will help you do that.

Some 78% of the organizations surveyed for the report said they found a reduction in their phishing susceptibility due to their security awareness training.

Answer the three Ws

You may be familiar with the “five Ws and H” that guide journalists, researchers, and investigators: who, what, where, when, why and how.

At a minimum, answer these three first: 1) Who in my organization is being targeted by attackers? The answer is not as simple as looking at the top tiers of your org chart; 2) What types of attacks are they facing? Knowing the lures and traps attackers are using can help you better position your defenses; and 3) How can I minimize risk if these attacks get through? The answer is to use the information you’ve gathered to deliver the right training to the right people at the right time.

This exercise helps you defend against your most pressing and timely threats. Assessing vulnerabilities at a more granular level and matching those up against your threat intelligence will let you pinpoint where perfect storms are brewing.

Make time for agility

When we get busy, we may want to take a “set it and forget it” approach to cybersecurity. That’s understandable. But it doesn’t work in an era of constantly shifting attack techniques and evolving threats.

Building a security culture takes continued effort and attention. Plan for regular training and reinforcement but be responsive to changes in the threat landscape (and your organization).

Attackers’ targets change over time so the firm recommends identifying the employees most actively targeted by cyberattacks on a monthly, if not weekly, basis.

By pairing granular analysis with organization-wide training, the people being targeted will have a cybersecurity foundation you can build on with additional, targeted training.

Understanding general phishing trends is important. Having benchmarks to measure your users against them is valuable. But other organizations’ data isn’t as important as your organization’s data. You must understand your own threat climate in order to change things in your environment.

“Effective security awareness training must focus on the issues and behaviors that matter most to an organization’s mission,” Joe Ferrara, senior vice president and general manager of Security Awareness Training for Proofpoint, said in a statement.

“We recommend taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education. The goal is to empower users to recognize and report attacks.”

Proofpoint’s data was based on survey results from 3,500 working adults and 600 IT security professionals from the US, UK, Australia, France, Germany, Japan, and Spain. Information also was derived from 50 million simulated phishing attacks sent by Proofpoint customers over 12 months and nine million suspicious emails reported by the end users of the company’s customers.

 

Source: Tech Republic

Shopify Offering Startup Loans to Merchants – No Sales or Credit Checks Required

Business Advice, E-Commerce, What's New No Comment

Shopify is looking to spur entrepreneurship and boost its merchant count by removing a fundamental barrier to launching a business: startup capital.

The Ottawa-based e-commerce giant announced an expansion of its Shopify Capital program Tuesday that will see the company provide initial loans of $200 to qualifying applicants looking to test out entrepreneurship.

In its most recent earnings report last fall, Shopify highlighted how its existing Shopify Capital program issued $141 million in merchant cash advances and loans in the third quarter of 2019, an increase of 85 per cent year-over-year. Until now, the program’s financing terms have typically been tied to a business’s sales history on the platform.

These early-stage loans, on the other hand, can be approved without any sales or a credit check. In a release, the company positioned the idea as an alternative to dipping into savings, borrowing from friends and family or racking up credit card debt.

Kaz Nejatian, vice-president of Shopify’s financial solutions division, wrote on Twitter that the new program was aimed at entrepreneurs struggling to get started with a business idea, such as recently landed immigrants who haven’t built up a financial foundation yet or a founder targeting non-traditional industries.

The move to ease the on-boarding of new users comes amid a broader push to continue growing the number of merchants using Shopify’s platform.

Though the company passed a sizeable milestone with its one-millionth user in 2019, the company’s year-to-year growth in merchant base has showed signs of slowing in recent years. This has pushed Shopify to increase expansion efforts outside its core North American market; CFO Amy Shapero said during the company’s most recent quarterly earnings call that it was seeing its most rapid growth in international markets.

Shopify itself has been having a strong start to 2020 with its shares hitting new highs on the Toronto and New York stock exchanges. The firm’s shares on the TSX were trading at $576.25 on Tuesday, an increase of nearly nine per cent since the start of the year.

Source: Ottawa Business Journal

Elegant Themes Divi Theme Code Injection Vulnerability

Wordpress No Comment

Elegant Themes Divi Theme Code Injection VulnerabilityIf you are someone who is using the WordPress Divi Themes, you might want to update it right away. Just last week, Elegant Themes announced that several of their products contained a code injection vulnerability, their team discovered this during a routine code audit.

What is the vulnerability?

Code Injection, also called Remote Code Execution (RCE), is a general term for attacks that exploit poor handling of untrusted data. The code injection vulnerability can allow an attacker to install malware on a website. The Divi vulnerability allows users who are logged in to execute a small set of PHP functions. 

Who is affected?

WordPress Websites who are using Divi version 3.23 and above, Extra 2.23 and above or Divi Builder version 2.23 and above, are affected.

What is the fix?

Updating your themes and plugins will fix this problem. You can update your themes and plugins from within your WordPress dashboard, or you can download the latest versions from the members area and update them manually. 

Good experience

★★★★★
5 5 1
SimplioWebStudio did a great job

Project accomplished

★★★★★
5 5 1
Project accomplished

Plugin developed successfully

★★★★★
5 5 1
Plugin developed successfully

ANOTHER SUCCESSFUL PROJECT

★★★★★
5 5 1
ANOTHER SUCCESSFUL PROJECT

Thank you Simplio team

★★★★★
5 5 1
Great experience

Working with Simplio Web Studio was a fantastic experience.

★★★★★
5 5 1
Working with Simplio Web Studio was a fantastic experience. The service provided was amazing and professional. It was a delight to work with Nir, who went the extra mile to meet our demands in a timely manner. He really made our vision a reality by creating us a classic site, but moreover the relationship we formed is something our company really appreciates. It was a pleasure working with Nir and the team at Simplio Web Studio. We highly recommend them to all and we look forward to working and doing more business with them in the future.

a great project

★★★★★
5 5 1
a great project

All the best

★★★★★
5 5 1
All the best to Simplio

My website is Live

★★★★★
5 5 1
My website is Live , thank you Simplio

From beginning to end, the team at Simplio provided top of the line customer service.

★★★★★
5 5 1
From beginning to end, the team at Simplio provided top of the line customer service. The web developers are incredible and made sure we got exactly what we were looking for! They truly went above and beyond to make us happy and we couldn’t have been more pleased with their talents. We would highly recommend them. Thanks so much Nir!

After over two years of research we chose Simplio.

★★★★★
5 5 1
After over two years of research we chose Simplio. We are so far very satisfied. These people answered the phone on a Sunday and fixed a problem that was not even their fault. It was the host company which I had chosen that had caused our site to go down.

Outstanding in both knowledge and professionalism.

★★★★★
5 5 1
Outstanding in both knowledge and professionalism. Nir and the staff at Simplio are Excellent in branding, web design and overall web presence. Definitely recommended!

I cannot even imagine having another company managing my Presta shopping cart.

★★★★★
5 5 1
They are now part of the Diastasis Rehab business team after working with them almost a year now. I cannot even imagine having another company managing my Presta shopping cart. After a bad experience with a programmer, I needed a new programmer (one that knew prestashop shopping cart) and most important one that I could trust. Finding all three was a difficult process! Lucky for me I found them. I cannot say enough about the diversity of services that this company provides. Every step of the way they make amazing suggestions to increase my sales and they get back to be right away either by email or phone. They have even created a simple and easy check out program for Presta Shop. They are actually a one stop shop! They updated my SSL, are setting up and changing my server to a dedicated one, setting up streaming of my DVD, website design, creating a specific program for address verification on Presta cart and handled the integration of Presta cart with my fulfillment house. I am now working on developing an APP with them

Simplio really helped me out of a jam.

★★★★★
5 5 1
Simplio really helped me out of a jam. They did exactly what I needed on a very tight time frame (with little notice too!!!!) They are my new go-to guys for any Prestashop needs! Thanks Simplio!

Excellent service!

★★★★★
5 5 1
Excellent service! Nir was exceptionally helpful in solving a lot of issues with our website and making the user experience more smooth. He understood the needs of our school and helped improve the website tremendously.

impressed

★★★★★
5 5 1
What impressed me most about working with Simplio was their attention to detail and excellent communication. Not only are they talented developers, but, they are also pleasant to work with and highly professional. Highly recommended!

professional service

★★★★★
5 5 1
What a profissional service Simplio offers.I hired them to rebuild my website for my business and they were creative and professional. Nir was on top of the whole project from day one, until he delivered the project on time. I will defiantly recommend Simplio to anyone who is looking for website services. From creating, designing to maintaining your image online. Good Job Nir and the rest of your group.

Great Logo

★★★★★
5 5 1
Great Logo, Very happy

fantastic to work with

★★★★★
5 5 1
Simplio was fantastic to work with. They were fast, communicative and incredibly helpful to me. I highly recommend them to anyone who needs help with their digital needs!

Awesome experience

★★★★★
5 5 1
All details and requests were met in prompt an friendly manner. Would recommend on any day to anyone who wants to feel their business is in great hands.