No, not ColdFusion the product (well, no more than usual). I am referring to an ongoing series of attacks by hackers deliberately targeting ColdFusion servers, essentially looking for CFIDE directory structures that are inadequately locked down. And as per customer reports, it appears as though many ColdFusion servers have indeed been compromised. The ColdFusion team is looking into this one. But in the interim, please read this post and this post by Charlie Arehart. Oh, and I highly recommend using HackMyCF, as well.
Leave a Reply