So there has been yet another 0-day found that can exploit ColdFusion by not having directories within CFIDE properly secured as noted in APSA13-03 from Adobe. If you haven’t properly secured CFIDE that is public facing, it is only a matter of time until it gets hacked. The previous two that were found in January and April of this year should have been motivation enough.
Last night I gave a presentation Ant Ain't Hard to the Capital Area ColdFusion User Group. It was the first presentation I have done in years for a user group and really enjoyed doing it. I also would like to thank Phill and Sandy for having me present and everyone that was able to attend.
Surprise, surprise. I open up my email box and see that the latest CFDJ is available. Go scrolling through the articles to find that Jeff Peters has written a really good article on LAMBDA Boxes, and further down mentions me and my site. And because I have been busy with a new job and apartment, I haven’t updated the site much.