Note: This blog post is from 2021. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
If you're running CF9 or 8, beware: a recent spate of ransomware attacks have occurred, hitting such old CF servers that were not updated (in ways offered by Adobe in 2010!) This news has been reported in various
security industry press, but I want to share here more that they generally did not.
TLDR; A most basic message to hear is "get off of CF9", or any version of CF that is no longer supported. But for the sake of those who wonder, "while I work on that, is my CF 9 really impacted?", I address that, and more. But again updating 9 to just "leave it at that" and get on with your life is NOT the main message to be hearing!
Of course, it's always risky to run old versions of software, and to be clear, CF9 was released in 2009 and CF8 in 2007. Sadly, some shops drag their feet to keep even such old software updated (they each got updates for 5 years after their release). But the problem is really coming home to roost for some.
Who's affected, and who's not? And what can you do, if still on CF9 or 8? And what more is known about the attack?
For more, read on. (BTW, yes I am aware that this is not "new info", as some were sharing it as much as 2 weeks ago. It simply took me time to gather up all the info below, to provide more specifics than those general interest articles were sharing.)
[....Continue Reading....]