Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Episode 73: Security News and Success through Processes with Adam Silver

This entry was posted in Podcasts on April 18, 2020 by Kathy Zant   0 Replies

The FTC is reporting numerous scams targeting fears and uncertainty, with over $12 million lost to Coronavirus-related scams. We also cover BBB warnings against oversharing on social media, over 500,000 Zoom credentials found on the dark web, Google’s removal of malicious Chrome extensions, as well as recent plugin and theme vulnerabilities.

We also chatted with Adam Silver, host of the KitchenSinkWP podcast, currently celebrating 6 years of podcasting. We ask Adam about his consistent success, experiences with WordCamps, as well as the impact of Open | The Community Code, the film about the WordPress community, in which Adam participated.

Timestamps and links are below:
1:05 The U.S. Federal Trade Commission says that approximately $12 million were lost to Coronavirus-related scams.
2:51 Better Business Bureau warns against oversharing on social media, specifically with the senior photo meme.
5:24 Researchers found and bought more than 500,000 Zoom passwords on the dark web for less than a cent each.
6:25 Google removes 49 Chrome extensions caught stealing crypto-wallet keys.
7:25 Critical Vulnerabilities in the WP Lead Plus X WordPress Plugin.
9:00 Vulnerability Patched in Accordion Plugin.
9:43 Unpatched High-Severity Vulnerability in Widget Settings Importer/Exporter Plugin.
10:50 Unauthenticated stored XSS vulnerability in WordPress OneTone theme won’t be patched.

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

Episode 73 Transcript

Adam Silver:
Having a process, having a consistency to your day is key for running a business and not having to recreate the wheel.

Kathy Zant:
Hi and welcome to episode 73 of Think Like a Hacker, the podcast about WordPress, security, and innovation. It’s the middle of April 2020, and we’re all still kind of under lockdown because of COVID-19 but we still have a number of security news items for you, along with an interview with one of my favorite people in WordPress, Adam Silver. Adam is a well-known contributor to the WordPress community. He runs an agency based in North Carolina, ConciergeWP. He’s also one of the longest running podcasters around in the WordPress space, maybe the longest running podcaster around. He has two notable podcasts, KitchenSinkWP and the Get Options podcast that he does with Kyle Maurer from Sandhills Development. But first the news.

So WordPress friends, are you staying busy during all of this COVID-19 craziness? Well hackers certainly are. According to an article in Bleeping Computer, they’re reporting that about $12 million has been lost to coronavirus related scams since January of 2020. According to the FTC, consumers reported over 16,000 fraud incidents so far, with most of these happening in California, Florida, New York, and Texas. These are coming through as phishing emails, text messages, and via social media. The IRS has also issued an additional warning with these economic impact payments showing up. Their warning that fraudsters may be requesting personal information with that economic impact payment as a lure. So imagine a phone call from someone pretending to be the IRS looking for your bank information, so that they can get that payment to you. That’s not going to happen. The IRS isn’t going to call you. They’re not going to text you, nor are they going to send you an email.

There are obviously directives on irs.gov that will tell you how to get those payments. It is not going to come at you. You’ll have to go seek that out yourself. Now most of you listening to this podcast are going to be aware of these types of scams. The thing is that our family members or our friends, who may not be as tech savvy as you, may not know. So it’s important to get the word out and share with them the scams that are happening and help people make better decisions about these types of requests.

The Better Business Bureau is now advising people to think twice before participating in the trend of sharing your old senior photo on social media. Now with many seniors not being able to have graduation, there’s this trend going on where people are sharing their old senior photographs and talking about what year they graduated, what high school they graduated from.

Now there’s a problem with that. That problem starts with your bank account. Think about all of the services that you use that uses secret questions as a method of two-factor authentication. What year did you graduate from high school? What was your high school mascot? In this case, we are providing that easily identifiable information to scammers who may be trolling social media accounts, looking for these answers to secret questions. And we’re providing that on our social media. The Better Business Bureau cites similar concerns about other types of trends on Facebook. For example, name the make and model years of all of the cars you’ve ever owned, your favorite athletes, the concerts that you’ve gone to, what your top shows are, who’s your favorite musician, what was the first musical instrument you ever learned? All of this personal information, when placed on social media, becomes a treasure trove. Especially when hackers have access to so many of our usernames and passwords on breached sites that have been dumped in areas such as the dark web or on torrents.

They may not be able to get into your bank account with your username and password, but if your bank account is asking for the first musical instrument you’ve ever played and you say that that was the guitar and you’re posting that on social media, they have all of the keys they need in order to get into your financial institution. So you have a couple of options. You can either use a password manager, provide fake information on your second factor secret questions on your bank accounts, or you can not provide that information on Facebook. Or maybe we just start lying to our friends. Either way we need to change how we’re sharing information and change how we are using two-factor authentication.

Our next story is about Zoom. Researchers have found and purchased over half a million Zoom passwords on the dark web and they’ve purchased them for less than a penny each. These are being used in credential stuffing attacks. There’s so many new people using Zoom with all of the COVID craziness, and they’re reusing passwords that they’ve used on other sites that have been affected by a breach. So Zoom hasn’t been hacked. These are just accounts that have been obtained using credential stuffing, where hackers are using passwords and emails leaked in previous data breaches. So make sure that if you are using Zoom, if you are using Amazon, if you are using any service whatsoever that you are using unique passwords everywhere. And two-factor authentication if you can. Leverage a password manager like LastPass or one password and keep your passwords safe.

Our next story is from ZDNet and this is about Google removing 49 different Chrome extensions from the web store that were all impersonating legitimate cryptocurrency and wallet apps, but they actually had malicious code that was stealing crypto wallet private keys. This was discovered by Harry Denley, Director of Security at MyCrypto, who shared those findings with ZDNet. And I’ve mentioned this story as a reminder, because we all need reminders, to go check your browser extensions, no matter what browser you’re using. If it’s Safari or Chrome or Firefox or Brave, go check your browser extensions right now. See if there’s anything you don’t recognize or that you’re not using. If you are not using it, delete your browser extensions the same way you would get rid of a WordPress plugin that you are no longer actively using. Keep your digital life safe and clean.

Which leads us to talking about WordPress plugins, and we have a few plugin vulnerability stories to cover. First off, we have the WP Lead Plus X WordPress plugin. This affected over 70,000 WordPress sites, which leads us to talk about some plugin vulnerabilities. The first was an authenticated stored cross site scripting vulnerability, meaning that it could only be exploited by somebody with an active account on that site, but a subscriber counts as an active account. The second vulnerability was actually not patched, so even the live plugin is still vulnerable to a cross-site request forgery attack. This just requires you to be very vigilant about the links that you click within your emails. So if you’re not actively using this plugin, we recommend deactivating it and removing it from your site.

If you do require this plugin’s functionality, we just ask you to be very careful with emails that are coming in and not clicking on links within emails. Because of that cross site request forgery, a firewall cannot actually protect against these types of attacks because the attack appears to come from your site. It appears to come as a legitimate entry into the site and so protecting against it is next to impossible. So you’ll just need to be very careful clicking on links and if that plugin does receive an update that protects against it, we will let you know. Our next plugin vulnerability is the Accordion plugin, Chloe Chamberlain found this one. It’s installed in over 30,000 sites and this was an unprotected Ajax action that worked towards a stored reflected cross site scripting vulnerability. The plugin team patched this very quickly within three hours of our disclosure. The fully patched version is 2.2.9 if you’re using this, make sure you upgrade to that version or later.

If you’re listening at a later date. And Wordfence, both free and premium customers are already protected against this. We’ll have a link to the technical details about this vulnerability in the show notes. And finally another interesting plugin vulnerability discovered by Ram Gall. This was the Widget Settings Importer/Exporter plugin and this vulnerability is high severity and is not going to be patched. This plugin is currently installed on over 40,000 sites. We have technical details about what’s happening with this. We did reach out to the developer and did not receive a response. It’s been over a month. Both free and Wordfence Premium users are protected against this exploit currently, but if you are using this plugin, we do recommend deactivating and removing it from your site. There is another plugin that does something similar. The Widget Importer and Exporter. We have a link to that particular plugin and the blog post for this vulnerability disclosure.

Our threat intelligence team continues to investigate plugins and themes, looking for possible vulnerabilities that could be exploited, and working with developers to keep you safe. And we talk so much about plugin vulnerabilities. It’s been a while since we’ve talked about a theme vulnerability, but those do in fact happen. NintecNet reported on April 3rd that the WordPress OneTone theme installed on over 20,000 sites is prone to an unauthenticated settings import vulnerability that could lead to multiple stored cross site scripting exploits. This is not being patched. This theme is no longer being maintained by the developers. So if you are using the WordPress OneTone theme, you’ll need to find a different theme and make sure that your site stays protected.

Thanks to the amazing work of our threat intelligence team, the Wordfence firewall does indeed have a rule to protect against exploits of this unauthenticated stored cross site scripting vulnerability. Wordfence premium customers already have this rule. Free customers will receive it the first week of May. We still recommend that you find another theme as this is no longer actively maintained and there could be other vulnerabilities that haven’t been discovered yet. And no sign of this being actively maintained, so stay safe out there. Now onto our interview with Adam Silver, we hope you enjoy.

Hi Adam. How are you doing?

Adam:
I’m good. How are you?

Kathy:
I am doing spectacularly. So I have a question about the fact that you’ve had a podcast for six years running. I mean, I’ve done things for many years and you probably have gone through that period of, eh, do I really want to do this? And you keep doing it, but you keep that consistency. You have to have some… What’s your secret sauce of staying consistent and also making sure that it doesn’t take up too much of your time and your life?

Adam:
So my show is relatively short. It’s about 10 to 12 minutes on average. If I do interviews, which is not that often, maybe six or seven times a year. Because interviews, scheduling becomes an issue for some people. People drop off, people cancel. That’s always stressful. I get asked a lot too for people who want to be on the show because they want access to my audience, and I’m very protective of my audience. I take sponsors, but I didn’t take sponsors for the first 100 episodes. Have to match the audience, has to make sense to them. Something that I believe in and use and have used myself, that kind of thing. Same thing with affiliates the same way. For me, it’s consistency. And it’s just commitment. People do ask me how to come up with ideas, and oftentimes I don’t know where it came from, but it always works out and I always have a show.

Adam:
And then I guess from my perspective, I use my agency, and I share a lot. I mean, I’m pretty transparent about how things are, what I’ve learned from running the WordPress agency and dealing with clients, dealing with my contracts team, et cetera. I may leave out names, of course, to protect the innocent or the guilty, but I just share. And when I went solo, back when I took ConciergeWP, which is the agency. When I took that full time, three and a half years ago. I documented it like I did it one month, three, six, nine, 12 months. And I was extremely transparent. I shared numbers and it wasn’t good. It wasn’t pretty at all for a while. It really wasn’t. And those episodes got probably the most downloads I’ve had at one time because it’s true, it’s authentic.

Adam:
And that’s how I am. I share completely freely. I’m not worried at all about competition. I used to be when I was a younger man, I would worry about why is this person working, I’m not? Like when I did photography work. I used to have an old Hotmail, I would send an email to another photographer when I lived in Colorado and get their pricing or something. How much do you charge for this? And all those things. And I would work from a place of scarcity versus abundance. And I changed that mindset years and years ago because there’s plenty of work in every industry. It’s just a matter of finding the work and doing the work and delivering the work. But it’s just a mindset shift. So I think I answered your question.

Kathy:
I think so. So abundant consistency. So mindset and consistency. And that’s your secret sauce?

Adam:
You’ve got to be consistent. Yeah, I mean I think so. And also I have a checklist. I think we talked about also. I do, I use a total checklist. I love the book, the Checklist Manifesto. One of my favorite books, I bought it for people. I’ve sent it to clients actually, that when they get checklists and processes in their place of work. So I use OmniFocus, but I have a checklist. Just every week. This is what happens for every show. I use that, I use Post Haste. It’s a free software tool. Gives me the folder structure for every episode. Exactly the same. So my shows are 12 minutes long, let’s say.

Adam:
Pre-production takes me no more than an hour. It depends on the episode. Let’s say an hour. Recording is real time. Let’s say it’s 12 minutes. Post production, less than a half an hour. But so you figure, I mean two hours for a 15 minute show. It’s a chunk of time, of my time. But I’m pretty quick at it. And the editing. I don’t do a ton of post production. I get it myself. I do my own show notes. I just have it down to a pretty good science.

Kathy:
Is that part of what makes your agency successful, too? Is just creating procedures and checklists?

Adam:
That’s a whole separate can of worms. So my old joke is, I run a non-profitable, not a nonprofit. No, I mean like anything else, success is just that. It’s about putting the time and the effort and the energy. I actually have processes in place. The problem is sometimes remembering to use that. But yeah, having a process, having a consistency to your day is key for running the business, not having to recreate the wheel, of course. I now have a new onboarding process. When someone signs a contract with us, what they get right after that. It’s actually written out to script that’s in my Pipedrive CRM. I can just copy paste. That way it’s the same thing. I change information like start date, end date, those things. But now it’s welcome to ConciergeWP, here’s the next steps, here’s what’s going to happen.

Adam:
Let us know. That way it’s just onboard. I also have a new process for onboarding new contractors. If they don’t want to have an email from ConciergeWP because they’re like, I don’t want another email address, well I guess you’re not going to be a contractor for us. You don’t want to be my Slack channel. I guess you’re not going to be a contractor. I need to have those two things in place. And being loosey goosey about it every time, making different rules, have to go track how to communicate with people in different places. So now across the board. And everyone who’s working with me right now, all my team, actually I’m trying to change the word from contractor to strategic partner. It’s across the board. It has to be consistent because, like I said, otherwise it’s too many different rules. Too many different places to touch points.

Kathy:
Those small things tend to be… They add up and the more small things that you can proceduralize of this is just the way we do things, then it makes the bigger things easier to handle. Right?

Adam:
Right, right. Yeah. And then the last thing on this little topic here I was going to mention was, I can’t control what I can’t control. Meaning things take time. With clients, our clients, they deserve to be taken care of respectfully. But I can’t assume I know what they’re thinking or how they will react to something. And if they don’t like it, it’s unfortunate, but the point of the story here is hours. I have a client that has 10 hours a month retainer and where the recording of this episode, it’s five days into the month. They’re already using half of their hours because last month they waited till the last week for us to do this project. They weren’t even ready to have it all done. So it led into the end of the month and then five hours started on the first, which was not Sunday because we take a couple of days off on the weekends.

Adam:
We try not to work weekends unless it’s an emergency. So Monday, my contractor developer did all his work, so be it. So when we get to eight and a half hours, I let the client know, “Hey, you’re close. We’re going to push past if we keep doing this project.” They’ll go to hourly or you’ll have to push till April. It’s up to them. And if they think, “Well, what happened? Why?” I explain it why. This is why. This is our business. We don’t work for free. So that’s that. So again, I just don’t assume, I try not to. When someone says something, I get an email from somebody. I don’t get upset. I don’t have a reaction to it anymore because so much is lost in text.

Adam:
For me to get stressed out about something that’s going to not change a thing until I have the facts, doesn’t change. When someone tells me my car needs X, Y, or Z done. $3,000 or even $500. I just get really upset. Oh my gosh, 500 bucks. Well, it’s cheaper than a new car. A, my cars are paid for, and B, it’s a number. So now I got to figure out how do I pay for that? Does it need to be done right now? Those things.

Kathy:
Yeah. How does the word-

Adam:
Process.

Kathy:
Process. Yes. How does the WordPress community, and being so involved as you are, how does that either inform or affect your business?

Adam:
I get hit up a lot. People seem to reach out to me in some capacity when there’s news, something new out there. “Hey, what do you think of this? What do you think’s going to happen here?” And it wasn’t like that initially. It just, it’s over time it’s happened that way. I mean there are people who have much bigger profiles than me. I pretty much kind of stay low on the radar, not high on the radar. People don’t need to know my political views. I don’t care about that stuff. I care to some extent. But again, it’s not in my purview at the moment. So people do reach out. People also like to share with me, knowing that I won’t say anything. They want to have a place they can go to for a trusted advisor if you will. Almost some coaching or something. I don’t say counseling but people share with me often. And I share with them. I’ll share with other people, too. I have my trusted people. I’ll share what’s going on, but people do trust with me. So I don’t spread rumors that way.

Adam:
I’m like, you know what, it’s here. I’ll know something ahead of time possibly on some things. I’ll say, “Hey, can I mention this on the podcast? It’s newsworthy.” He said, “Not yet.” I’m like, okay, I respect that. And it definitely affects the business. I mean, I’ve gotten business from the podcast and being in the community. I was at WordCamp, I think it was Chicago a couple years ago. Chicago or Ann Arbor, one of the two, maybe Ann Arbor actually. Yeah, it was Ann Arbor and I wasn’t speaking. I just went to go and surprise some friends. Just popped up there. And at the after party I was in line to get some food, and a woman comes up to me and she goes, “Hi, who are you?” It’s kind of funny. She’s like, “Who are you?” I’m like, “What do you mean? I’m Adam. What do you mean?” She goes, “Well, it seems like you know everybody here, and I just want to know who you were. Because you’re not on the list to speak. And I wondered why you know everybody and how everyone knows you.”

Adam:
I’m like, “Well I spoke here last couple of years, I’m from Los Angeles.” At the time I was living in LA I think. “And I run a small agency.” She’s, “I’m actually looking for a developer.” And I said I had a podcast, and I run an agency. So I gave her my card and then about two weeks later she emails me. She goes, “I love your podcast, I love your voice, I love your honesty. Can we talk about working on my project?” So, it’s a much longer play, if you will. It’s a long strategy, long play strategy. As far as putting myself out there, investing in the go. And I mean I’ve gone to a lot of WordCamps, self-funded.

Adam:
Your job was to go to WordCamp. So you go to more. Sure, I mean Mendel went to thousands, I’m sure. People go because it’s part of your job. My job isn’t to go to WordCamps. My job is to sell and make websites technically. Also to build, I want to be part of that community. So I would be out of pocket to go to 8 to 10 camps a year. It’s not cheap.

Kathy:
It’s not.

Adam:
The cheapest part is the ticket to WordCamp. If I’m paying for it. If it’s 40 to 50 bucks, that’s the cheapest part. So it would usually be covered because of meals and stuff. But hotel, airfare, car rentals, Uber’s, that stuff adds up.

Kathy:
It does, but it’s worth it to you, and it’s worth it to your business?

Adam:
Totally. Totally. It’s lonely working from home by yourself. And for me, getting out… WordCamps are the only place I go where I usually don’t wear WordPress t-shirts. I’ll actually wear a button down, I’ll wear a sweater, a pair of shoes. Not flip flops.

Kathy:
Okay. So the question everybody wants to know is what percentage of your wardrobe is WordPress t-shirts?

Adam:
75 easy. I mean, I think I can go and I’m in the 90 range of how many days in a row I can go wearing a WordPress related shirt. Without doing laundry or wearing the same shirt twice. I took a picture of it before I went to US. I shared it on Twitter. I’m like, which ones to bring? And that’s the thing also. Which one did you bring to a WordCamp? I’ve learned to bring three less shirts to WordCamp.

Kathy:
Have you?

Adam:
Because I bring home three more. Yeah.

Kathy:
At least.

Adam:
Because you don’t need them when you’re there. So yeah. I mean today, can I say who I’m wearing on your show?

Kathy:
Of course.

Adam:
So today I’m wearing LifterLMS, a great group of guys. And I’m also wearing a speaker hoodie, a thin hoodie which is perfect for inside the house from WordCamp Birmingham. It was a gift. Love this hoodie. So I’m wearing this. Yeah. I mean I have this one, I have WordCamp… I have so many hoodies now. I have the one you sent me.

Kathy:
Yeah, WordCamp Phoenix.

Adam:
I have two of those, you know that right?

Kathy:
You have two of those. Yes I know.

Adam:
Because you and Clancy didn’t talk. That’s awesome.

Kathy:
Yeah. There was an unfortunate situation that happened with that.

Adam:
Right.

Kathy:
You are the beneficiary of it.

Adam:
Right. I was like sweet. Yeah. So I have two from Phoenix. WordCamp Phoenix. And WordCamp Phoenix by the way, it was one of my favorite WordCamps years ago. A couple of years back when I spoke, I did a talk on podcasting to grow your business. It was a big room, big audience, very well engaged. It was one of my favorite camps, one of my favorite. I mean I use a photo of me on stage. That’s one of my photos I have on one of my websites. There’s a picture of me on stage speaking.

Kathy:
Oh excellent. Is there anything I haven’t asked you about that you want to talk about?

Adam:
What about Open, dot film?

Kathy:
Hey, aren’t you the star of that movie?

Adam:
Not quite. I can tell you though. I mean I was nervous when you told me I was in it. For those who don’t know, there’s a phone call. You’ve talked about it on the show.

Kathy:
Oh yeah, a few times.

Adam:
Okay. So I’m in it, and when you told me that I was in it, I was nervous and… Because it’s one of the things you kind of forget. What’d I say or do? The backstory is I know that I made the camera man and who was the director on it?

Kathy:
Sean and Andrew were the…

Adam:
Sean and Andrew. So Sean was behind camera, Andrew was asking the questions and I took a moment because I got emotional about it, about the issues that we have in the community in my opinion. And so I was curious to know what was used for the footage of that. And luckily when it came out I was happy with what was chosen. It was just fine. And that went out on Twitter, that day when that played at State of the Word, that made the rounds. That was pretty interesting.

Kathy:
It was pretty epic. Yeah. We made you look good though, didn’t we?

Adam:
It was very nice. Yeah.

Kathy:
And we kind of kept it under wraps that it was going to be shown at State of the Word because things can get bumped and we just wanted to wait and see. But I was sitting in the audience when it was happening. It was very surreal because we had spent so much time on it.

Adam:
And that’s the thing also, the feedback was amazing. People were like, when they realized I was in it and they go, “Wait, that was Adam.” It was kind of funny. My kids have seen it. I mean watching it, still thinking about, it still makes me slightly emotional. It’s still really impactful. It still means a lot to me. I am in a place, using WordPress for two years. First when the community existed, jumping in the community. No idea I’d ever be leading the camp in Los Angeles. I just didn’t think that was on my radar. And then be in the documentary about the project and about the community. Who knew? And then now, 10 years later, I’m coming up on 10 years doing this type of stuff. I don’t know what it is I even do. And six years of the podcast. It’s just weird. It’s just very surreal. Same thing, right?

Kathy:
Yeah. Well it is. It’s very surreal, but it’s your efforts and the support you have given to so many members of the community, makes WordPress very much what it is. I mean, WordPress wouldn’t be what it is without the community. And that was what we were trying to show. And you’re a huge part of that. So I was…

Adam:
Thanks.

Kathy:
You are.

Adam:
On the flip side of the same coin, I’m a firm believer that there are, obviously Matt said it at State of the Word, where more people have not gone to a WordCamp than have. Because you can’t, you can’t have all the people that use WordPress go to a camp, it’s just not feasible. At the same token from a business perspective, I’m confident that there are, I’m not sure what the number would be, a large number of people, companies who use WordPress who have nothing to do with and don’t want anything to do with the community. It’s not their thing. They use WordPress as a platform. They run their business and they move on and that’s fine. [inaudible 00:28:05] them. We’re not a cult, the joke is it’s WordPress cult. It’s not Capital P. Dang it, those things. It’s fun. I just find that I have some of my closest friends in my life are in the community. Simple as that. I have I think over 12,000 photos on my iPhone. Guarantee you 6,000 of them are WordCamp related. WordPress related.

Kathy:
Yeah.

Adam:
The other half are actually my family and friends that aren’t-

Kathy:
Those people.

Adam:
The people I live with. People I put through college.

Kathy:
Your offspring.

Adam:
My offspring, the dog.

Kathy:
Your life partner.

Adam:
Right.

Kathy:
Nice of you to squeeze them in.

Adam:
Yeah. Yeah. I mean, yeah, it’s just interesting that way. But again, I didn’t see it coming. I didn’t see it coming at first and then we made the conscious decision that I would put in the time. My wife and I made that decision to invest the time and the money to do this, from a perspective that it makes me happy, that I enjoy doing it. I love solving problems, helping people and people trust me. And apparently that helps with business.

Kathy:
It helps with business and it helps just in terms of the personal growth of everybody that comes in contact with you. I knew who you were before I met you and I was relatively new. I’m not new to WordPress. I had been using WordPress for… I was one of those people that Matt referenced of people who use WordPress who never come to WordCamps. And it just started happening that, okay, let’s do this. Let’s see what this is about. And when I met Thomas in Los Angeles and he was the one that basically showed me the wonder, the wizardry of Adam Silver. And then I’m like, I have to meet this individual.

Adam:
That’s right, I forgot about that. Thomas is one of the people who credits me, for better or for worse, for bringing him into the community, to the fold. And Thomas is behind LifterLMS ironically.

Kathy:
Yes.

Adam:
He’s one of their partners, one of the owners and he’s the lead developer there. When I met him and Chris Badgett at CaboPress and all those things. If you just look all the way back in the CaboPress, I almost didn’t go because I had a different job at the time. I was actually working for the man. I was doing this on the side and I was literally trying to save a marriage. I got a job-job because I got laid off from a big numbers job. A big director position. And I was torn between buying an Apple watch at the time or going to CaboPress, couldn’t do both. And CaboPress being middle of the week was like, how do I take that time off? I had no vacation time left with the old job. So I remember Chris Lema and myself and Jeff, Matt, we were all this Friday night Facebook group. Or not a Facebook group, a Google hangout back in the day, having a beer and stuff.

Adam:
And I popped in and then Chris was saying, “Hey Adam, what are you doing here?” Because I was asking some questions back and forth about was it refundable for the deposit, apply to go. All those little rules that he had at the time. And four years ago, five years ago. And I was nervous about all those elements of paying $200 for a deposit if I couldn’t get the time off.

Adam:
So I popped in, asked him a question. He’s like, “Wait, you have time to ask questions. But not time to fill out the application at least? It’s refundable, go do it.” And my wife walked by right at that time. She says, “You haven’t applied yet?” I said, “Hey Ellen.” My wife’s name, I said, “Ellen, Apple watch or CaboPress?” She’s like, “CaboPress.” So I applied right then, literally. And then I got it, I got approved and I got it. And then I told my boss at the time and said, “Hey, I was asked to…” He knew I spoke at conferences. I’d gone I believe early Fridays and fly away and fly back Sunday nights. So he kind of knew what I did outside of there. Because I did some website work for that company as well.

Adam:
But I pitched him like, “Hey, I was asked to participate in this conference but it’s Tuesday through Friday. Is it okay to take some time off? It’s an off week for us.” We were a live auction company, and I’ll just go unpaid. He’s like, “Okay.” I didn’t tell him that I was paying to attend a business conference that would entail me to then leave working for him within a year. It’s all marketing. I was in marketing. I marketed it the way it benefited me, truth be told. Where I worked was pretty toxic. And then a year later I left, literally. I had to, I was done. They just didn’t value what I was trying to do for them and stuff. But it took me going to CaboPress. Again it’s where I met Chris Badgett and Patrick Thomas. Thomas Patrick Levy, and just all those things and just kind of who knew again?

Adam:
Yeah. So it’s interesting. But anyway, I don’t know how we got onto that. Oh, how we met. How you found out who I was in the community. Right. It’s crazy. And then you’d asked earlier real quick what keeps me going as far as the consistency or the podcast itself on my show. I wonder from time to time, who am I speaking to? And then randomly I’ll get an email, I’ll get a text, a tweet, something from somebody who I’ve never heard of saying thank you for the show, loved that episode.

Kathy:
That’s awesome.

Adam:
I have a couple of people in Dubai, Sri Lanka, in Jakarta, listen to my podcast.

Kathy:
That’s great. Global reach.

Adam:
Kind of weird. It’s a very, very, very long reach.

Kathy:
It’s awesome.

Adam:
Six years. It’s six years. It takes to nail pretty well.

Kathy:
Awesome. Well, I hope for six, 12, 18 more years. Who knows?

Adam:
Who knows? Who knows? I have no idea. I mean honestly I’ll do it until I don’t.

Kathy:
Well thank you for joining me today, Adam. With us not traveling this year, this has been a treat for me because I haven’t yet seen you since… And I barely got to talk to you at US because it was just constant chaos. But I’m so happy to just see your smiling face and catch up with you and see it for everybody that’s listening. We’re using a tool where we can see each other, but you guys can only hear us.

Adam:
It’s good to see you, too.

Kathy:
Yeah. So thanks for joining me and thanks for everybody who was listening and if you want to find Adam, it’s… What’s your Twitter handle again?

Adam:
@HeyAdamSilver.

Kathy:
HeyAdamSilver. Are you still doing-

Adam:
“Hey, Adam Silver!”

Kathy:
Are you still doing stand up?

Adam:
Only on podcasts.

Kathy:
Only on podcast so if you want the best podcast in WordPress, we are the best podcast over here in WordPress security, but the best podcast in WordPress, Adam Silver at the KitchenSinkWP. Right?

Adam:
That’s it, yeah.

Kathy:
Awesome. Thank you. We’ll talk to you soon.

Kathy:
We hope you enjoyed this episode 73 of Think like a Hacker. I am your host, Kathy Zant. You can follow me on Twitter @KathyZant. You can also follow me on Facebook and Instagram if you like looking at funny videos of dogs and cats, of which I have a couple. Check out our YouTube channel. We have some new videos that’ll help you get the most out of Wordfence. We’re also doing Wordfence office hours weekly now, every Tuesday at 9:00 AM Pacific, at noon on the East coast. If you need an invite link, I will have that in the show notes. We’re going to do it every week, answer some questions and help you get up to speed on all of the tools that Wordfence offers in order to keep your WordPress sites safe. And there are quite a few. Thanks again for listening and we will talk to you soon.

Did you enjoy this post? Share it!

No Comments on "Episode 73: Security News and Success through Processes with Adam Silver"

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates