Show all feed information | Ping Blog Update
I will be speaking at the Adobe / Carahsoft ColdFusion Zeus Sneak Preview Event on Wednesday March 28th at the Crystal Gateway Marriott in Washington DC. My topic is called Boost Security Using ColdFusion Zeus: Writing Secure CFML which will cover the new security enhancements in ColdFusion 10. …
Adobe this week released a security hotfix for the HashDos vulnerability for ColdFusion versions 8.0 through 9.0.1. Today I was setting up a new secure ColdFusion instance for a client, and I though I'd document the steps needed to go from ColdFusion 9.0 to ColdFusion 9.0.1 fully patched (this …
If you want to use very strong encryption in ColdFusion you may need to install the Unlimited Strength Jurisdiction Policy Files in the JVM running ColdFusion. For example if you want to use AES encryption with anything higher than a 128 bit key, then you need to do this otherwise you will get …
I've been playing around with Nginx web server over the past few days, its a great light weight web server, ideal for VPS's or smaller Amazon EC2 instances where resources are not as abundant. One thing I like about nginx so far is the configuration, while I haven't had to do anything overly …
Earlier this week at the 28C3 security conference in Berlin researchers presented on a denial of service (DOS) technique that several web application platforms (PHP, ASP.NET, Node.js, Tomcat, Java's HashMap/Hashtable etc) are vulnerable to, known as hashdos . The exploit takes advantage of hash …
Adobe released a security hotfix APSB11-29 for ColdFusion 8 and 9 on Tuesday, which fixes two XSS (Cross Site Scripting) vulnerabilities (CVE-2011-2463 and CVE-2011-4368). One vulnerability exists in cfform and the other in RDS. Our HackMyCF ColdFusion Server Security Scanner has been updated to …
keywords adobe, cfform, cfm, coldfusion, coldfusion server, coupon code, hotfixes, limited time, rds, screenshot, security hotfix, security scanner, server security, subscriber, vulnerabilities, vulnerability, xss
Adobe has asked me to do an online e-seminar: Protecting ColdFusion Applications with FuseGuard thursday November 3rd at 10am PT / 1pm ET. If you're curious about FuseGuard and how it works please head over to Adobe.com and register now!
It's not always obvious which Cumulative hotfixes are installed on a ColdFusion server. I'm pleased to announce that the paid subscriptions for HackMyCF now let you know which cumulative (non security) hotfixes you have installed, and which ones you don't. As you may know Adobe released …
A few months back I was researching two/multi factor authentication solutions to employ to meet PCI compliance, I came across a somewhat new company called DuoSecurity . If your not familiar with two factor authentication the basic premis is that in order to authenticate you must provide more …
This week (September 12-16 2011) is ColdFusion Developer Week over at Adobe.com: ColdFusion Developer Week is a series of free, live webinars hosted by seasoned ColdFusion experts who will cover a wide range of topics from what ColdFusion is, how to code it, all the way through to more in depth …
Owner of @Foundeo Inc. a ColdFusion / Java Consulting and Products Company http://www.petefreitag.com/
@MichaelPStone I will be posting the slides on my blog, today probably.@pfreitag
Utica, NY
Products and Consulting for ColdFusion Developers http://foundeo.com/
Foundeo just mailed in our sponsorship check for #cfobjective 2012 - see you there!@foundeo
