Unfortunately your hands are tied to policy a lot of the time, and that takes months to go through certification and nonsense.
On Wed, Nov 20, 2013 at 3:42 PM, Sam <[email protected]> wrote: > > I'm guessing they were using old un-patched versions. It's way the > government does things. > > . > > > On Wed, Nov 20, 2013 at 3:23 PM, Matt Blatchley <[email protected]> > wrote: > > > > > I've ran across a few CF servers recently that don't bother to lock down > > the CFAdmin in the Government sector, but Education sector is much worse. > > I can name a few that have even advertised positions on CF-Jobs recently > > that don't lock it down. > > > > Might be some new opportunities there :) > > > > > > On Wed, Nov 20, 2013 at 3:18 PM, LRS Scout <[email protected]> wrote: > > > > > > > > Funny, I just was n the site looking at docs and saw a new security > > message > > > about locking down cfide. > > > > > > people still don't do that like BEFORE it goes online? > > > > > > > > > On Wed, Nov 20, 2013 at 3:16 PM, Matt Blatchley <[email protected]> > > > wrote: > > > > > > > > > > > I'd like to know what set of exploits they refer to using (obviously > > > > they're not going to say directly). > > > > > > > > Is it something known, where the Admin panel wasn't on lock down and > > they > > > > used something like the "h.cfm" for example), or is it something new > > due > > > to > > > > the source code recently being taken from Adobe.... > > > > > > > > Would be nice to know if it was more of the same known issues, or if > we > > > > should all be awaiting another patch for some new unannounced > exploit. > > > > > > > > -Matt > > > > > > > > > > > > On Wed, Nov 20, 2013 at 3:06 PM, Larry C. Lyons < > [email protected] > > > > >wrote: > > > > > > > > > > > > > > More info: > > > > > > > > > > > > > > > > > > > > http://www.informationweek.com/security/attacks-and-breaches/fbi-blames-federal-hacks-on-anonymous-campaign/d/d-id/1112650 > > > > > > > > > > > > > > > On Wed, Nov 20, 2013 at 3:03 PM, Larry C. Lyons < > > [email protected] > > > > > >wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > http://www.slate.com/blogs/the_slatest/2013/11/16/anonymous_hackers_steal_sensitive_government_information.html > > > > > > > > > > > > not good news for CF > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Larry C. Lyons > > > > > web: http://www.lyonsmorris.com/lyons > > > > > LinkedIn: http://www.linkedin.com/in/larryclyons > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:368842 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
