fortpoint.me
Clients | Fort Point Legal, PC
http://fortpoint.me/clients
Our clients are innovative companies and entrepreneurs focused on new technologies. A Trusted Advisor to Founders. We ensure that legal decisions promote the business and strategy goals of our clients. Moving the open web forward. Secure, flexible storage for the practical biker. Stop worrying about your stuff and go! A completely self-contained mobile fine coffee tricycle. Discover the best jobs in the restaurant industry. By George Foreman III. The boxing fitness authority. Down the Road Brewery. A lar...
dcepler.net
Projects » David C. Epler
http://www.dcepler.net/page.cfm/projects
David C. Epler. Ant script packaged with AntInstaller to apply all applicable updates to ColdFusion 8.0.1 and 9.0.x. Provides a common Admin API for working with the following:. It works on Adobe ColdFusion 7.0.2, 8.0.1, 9.0.x, Railo 3.1.x, 3.2.x, and Open BlueDragon 1.1, 1.2, 1.4. Learn CF in a Week. Grails for CFML Developers. Powered by Mango Blog. Original design by digitalnature. Ported by Don Bellamy.
dcepler.net
Unofficial Updater 2 now patches APSB13-19 » David C. Epler
http://www.dcepler.net/post.cfm/unofficial-updater-2-now-patches-apsb13-19
David C. Epler. Unofficial Updater 2 now patches APSB13-19. Posted by David Epler in ColdFusion. On July 11, 2013. Well, I kind of missed blogging the last update to Unofficial Updater 2. Back in May while I was at cf.Objective(). The latest update APSB13-19. Dropped while I was on vacation at the beach, but still got it done two days after it was released by Adobe. As usual the best defense is to stay current on patches and properly secure ColdFusion using the published lockdown guides for ColdFusion 9.
dcepler.net
Enough Fail to Go Around » David C. Epler
http://www.dcepler.net/post.cfm/enough-fail-to-go-around
David C. Epler. Enough Fail to Go Around. Posted by David Epler in Adobe. On March 24, 2014. So the talk surrounding the Krebs on Security post, The Long Tail of ColdFusion Fail. The underlying problem is that hackers have identified ColdFusion as an easy target and are going after it. The only way to fix that is to make it more difficult to attack and compromise, but that requires involvement from everyone that touches a ColdFusion installation. The Long Tail of ColdFusion Fail. With the installation...
dcepler.net
Presentations » David C. Epler
http://www.dcepler.net/page.cfm/presentations
David C. Epler. Theses are the presentations I have given. I am more than happy to give any of them at a CFUG meeting. This presentation goes over the most common vulnerabilities found in web applications as listed by the OWASP Top Ten. We will be discussing in depth what these risks are, how the attacker exploits, and how to avoid them. SQL Injection Video 1. SQL Injection Video 2. Which allows one to bundle Ant scripts into a run-able installer like was done for Unofficial Updater 2. The HTML 4.01 ...
dcepler.net
Not surprising, yet another ColdFusion exploit » David C. Epler
http://www.dcepler.net/post.cfm/not-suprising-yet-another-coldfusion-exploit
David C. Epler. Not surprising, yet another ColdFusion exploit. Posted by David Epler in cfobjective. On May 9, 2013. So there has been yet another 0-day found that can exploit ColdFusion by not having directories within CFIDE properly secured as noted in APSA13-03. From Adobe. If you haven't properly secured CFIDE that is public facing, it is only a matter of time until it gets hacked. The previous two that were found in January and April of this year should have been motivation enough. Subscribe to thi...
corfield.org
An Architect's View — CFML, Clojure, Software Design, Frameworks and more...
http://www.corfield.org/blog/index.cfm
Http:/ seancorfield.github.io. For newer blog posts." /. CFML, Clojure, Software Design, Frameworks and more. The Blog Is Dead. Long Live The Blog. June 20, 2014 · By Sean Corfield ·. But that hasn't really worked out - because I don't much like Google , even with all its improvements since I last tried using it. So I'm starting a new blog. That doesn't need software to publish anything! I'll probably set up a. I have also set up framework-one.github.io as a blog and documentation site. Is going to work.
SOCIAL ENGAGEMENT