The SEO Newsletter also has the latest on Google Glass and information on the highly-anticipated SMX Advanced, where both Bruce and Virginia will be speaking, plus a roundup of all the tech, SEO and SMM news that was big in April.

The post The Penguin & Panda Evasion Edition appeared first on BrandBlasting.

Put a face on your company.
Do reputation management, to deal with negative feedback.
Strengthen the focus of your site with new ideas and content.
Publish funny, entertaining or otherwise “viral” content that will get you attention online.

The post Hit the Sweet Spot of Social Engagement appeared first on BrandBlasting.

The post Optimizing Conversion from Strategy to Execution appeared first on BrandBlasting.

The post Taking the Next Step With Twitter appeared first on BrandBlasting.

Fred: Think of it less like painting a house and more like something you need to maintain. Like a plant, your website is organic. You don’t water it once and you’re done. The Internet is not static. Competitors are constantly changing their sites, search engines are constantly changing the search results, and you have to keep up your website, too.

Once you understand that SEO is ongoing, you understand the need for a website maintenance blueprint. Procedures for website updates with SEO Web design best practices will help you and your organization ensure consistency throughout the website’s lifetime.

The post How to Plan for the Never-Ending Update appeared first on BrandBlasting.

The flaw, discovered by researcher Jason Donenfeld, is in W3 Total Cache (W3TC), a plug-in to the blog-hosting platform that caches content in order to speed up request times.

Since data are stored similarly and in searchable form, Donenfeld says it’s possible to extract sensitive information like password hashes and database cache keys from any directory that has been enabled.

Even directories that aren’t enabled wouldn’t be very difficult to guess, a Seclist.org post on the matter said.

At present, all versions of WordPress are vulnerable to the flaw, but a later post by Donenfeld said the author of the plug-in plans to close the gap soon. W3TC users are encouraged to disable the plug-in until such a fix is released.

WordPress is an extremely popular platform for hosting both personal and professional blogs.

The post WordPress Blogs at Risk Due to Plug-In Flaw appeared first on BrandBlasting.

The attacks began last week, and have affected more than 90,000 blogs so far. The hackers behind the attacks have combed through WordPress accounts and attempted to guess passwords via brute force.

Their program cycles WordPress accounts through 1,000 common passwords. While this tactic is useless against savvy users, enough people utilize easy-to-guess passwords to make it worthwhile for the hackers.

After the hack compromises a user’s system, it drafts the blog into a botnet, a collection of compromised systems that communicate with one another and often come in handy for online attacks. Private blogs aren’t too useful in this system, but blogs that are housed on web servers are. Servers recruited into the botnet can attack a multitude of machines at once, and grow the system exponentially.

The ultimate goal of the botnet is a mystery; having administrative access to a number of blogs is not that useful in and of itself. However, a network of more than 90,000 compromised machines can wreak all sorts of havoc, especially in denial-of-service attacks.

Matt Mullenweg, a WordPress founder, took to his blog to provide some advice. He explained that hackers had been targeting users who never changed the “admin” username for their account — in retrospect, an obvious security risk. “If you still use ‘admin’ as a username on your blog, change it,” he recommended.

SEE ALSO: 5 Looming Threats That Keep Security Experts Up at Night
By using a strong password, turning on two-step authentication and updating to the latest version of WordPress software, users will “be ahead of 99 percent of sites out there and probably never have a problem,” Mullenweg said.

WordPress.com users would be wise to heed Mullenweg’s words, especially when it comes to two-step authentication. This won’t benefit the myriad bloggers who use WordPress software and host their work elsewhere, but Mullenweg’s other tips will still help.

If your blog has already been compromised, there’s not much to do at this point except change your username and password and hope for the best.

The post Hackers Attack 90,000 WordPress Blogs appeared first on BrandBlasting.

WordPress 3.5 brings in lots of under the hood enhancements, as well as a few new user-facing features.

Other sites have done a great job of breaking down the new features, but here are some of the highlights:

A New Default Theme Dubbed Twenty Twelve that is both responsive and clean

The Dashboard supports HiDPI — aka Retina — displays

Users can once again import content from Tumblr. Thanks Andrew Nacin for the clarification

A totally rewritten and reworked Media Manager that makes adding and finding images much better

Support for Instagram, SoundCloud and Slideshare embeds. Just put in a URL for a piece of media and it embeds in the post

Of course, the bulk of the changes to WordPress 3.5 are on the backend. Over the last eight years, WordPress has evolved from a blogging platform into a CMS that powers about 17% of the web. As a result, the core WordPress team has worked hard on making sure the platform can support a growing number of sites and use cases.

What do you think of WordPress 3.5? Let us know in the comments

The post WordPress 3.5 Has Arrived appeared first on BrandBlasting.