53 min.
Modernize or Die® - CFML News Podcast for March 5th, 2024 - Episode 212 Modernize or Die ® Podcast - CFML News Edition
-
- Stap voor stap
2024-03-05 Weekly News — Episode 212Watch the video version on YouTube at https://youtube.com/live/Vg81ar7GfW4?feature=share
Hosts:
Gavin Pickin - Senior Developer at Ortus SolutionsDaniel Garcia - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:
Buy workshop tickets to CF Summit EastBuy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/Like and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (phenomenal)
We have 46 patreons: https://www.patreon.com/ortussolutions.
News and Announcements
Whitehouse Mandate - Press Release: Future Software Should Be Memory SafeLeaders in Industry Support White House Call to Address Root Cause of Many of the Worst Cyber AttacksToday, the White House Office of the National Cyber Director (ONCD) released a report calling on the technical community to proactively reduce the attack surface in cyberspace. ONCD makes the case that technology manufacturers can prevent entire classes of vulnerabilities from entering the digital ecosystem by adopting memory safe programming languages. ONCD is also encouraging the research community to address the problem of software measurability to enable the development of better diagnostics that measure cybersecurity quality.Full Report: https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf Blog Post: https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/
Three Recent Lucee VulnerabilitiesLast week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS). Their blog post is a must-read, and I'm not going to rehash their steps from research to discovery to exploitation. Instead, I'm going to look at these vulnerabilities through a defensive lens. https://www.hoyahaxa.com/2024/02/thinking-defensively-about-three-recent.html One Reason Why Your ColdFusion Server May Still Be Vulnerable Even With the Latest Security Updates InstalledNext Tuesday is Adobe Patch Tuesday. Will there be new ColdFusion security updates? I have no idea. But even if there are no new patches released, and your ColdFusion servers already have the latest updates installed, you may still be missing an important step in keeping them secure.https://www.hoyahaxa.com/2024/03/one-reason-why-your-coldfusion-server.html
ICYMI : CF Summit East Announced Adobe and Carahsoft would like to officially invite you to our interactive Adobe ColdFusion Summit East 2024. This event is an unparalleled experience featuring a gathering of professionals, developers, and thought leaders in the dynamic realm of ColdFusion technology.https://carahevents.carahsoft.com/Event/Details/447476-xbyte Into The Box 2024, Third Wave of Sessions!Are you ready for what's in store? In this round of releases, we're excited to announce the addition of two mystery sessions presented by Ortus Solutions. These sessions are set to redefine how you approach CFML development, introducing key tools
2024-03-05 Weekly News — Episode 212Watch the video version on YouTube at https://youtube.com/live/Vg81ar7GfW4?feature=share
Hosts:
Gavin Pickin - Senior Developer at Ortus SolutionsDaniel Garcia - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:
Buy workshop tickets to CF Summit EastBuy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/Like and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (phenomenal)
We have 46 patreons: https://www.patreon.com/ortussolutions.
News and Announcements
Whitehouse Mandate - Press Release: Future Software Should Be Memory SafeLeaders in Industry Support White House Call to Address Root Cause of Many of the Worst Cyber AttacksToday, the White House Office of the National Cyber Director (ONCD) released a report calling on the technical community to proactively reduce the attack surface in cyberspace. ONCD makes the case that technology manufacturers can prevent entire classes of vulnerabilities from entering the digital ecosystem by adopting memory safe programming languages. ONCD is also encouraging the research community to address the problem of software measurability to enable the development of better diagnostics that measure cybersecurity quality.Full Report: https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf Blog Post: https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/
Three Recent Lucee VulnerabilitiesLast week, Harsh Jaiswal and Rahul Maini from ProjectDiscovery released some impressive security research on multiple vulnerabilities in Lucee (and Mura CMS and Masa CMS). Their blog post is a must-read, and I'm not going to rehash their steps from research to discovery to exploitation. Instead, I'm going to look at these vulnerabilities through a defensive lens. https://www.hoyahaxa.com/2024/02/thinking-defensively-about-three-recent.html One Reason Why Your ColdFusion Server May Still Be Vulnerable Even With the Latest Security Updates InstalledNext Tuesday is Adobe Patch Tuesday. Will there be new ColdFusion security updates? I have no idea. But even if there are no new patches released, and your ColdFusion servers already have the latest updates installed, you may still be missing an important step in keeping them secure.https://www.hoyahaxa.com/2024/03/one-reason-why-your-coldfusion-server.html
ICYMI : CF Summit East Announced Adobe and Carahsoft would like to officially invite you to our interactive Adobe ColdFusion Summit East 2024. This event is an unparalleled experience featuring a gathering of professionals, developers, and thought leaders in the dynamic realm of ColdFusion technology.https://carahevents.carahsoft.com/Event/Details/447476-xbyte Into The Box 2024, Third Wave of Sessions!Are you ready for what's in store? In this round of releases, we're excited to announce the addition of two mystery sessions presented by Ortus Solutions. These sessions are set to redefine how you approach CFML development, introducing key tools
53 min.