Dimitris Kokoutsidis, Sept 26, 2024, CyberFM 1. Audit Overview Objective:The goal of an audit is to ensure the reliability, security, and operational effectiveness of the FileMaker solution. The audit process involves identifying potential points of failure or security risks in the system and addressing them proactively. Process: Documentation Tips:Maintain both physical and digital copies of
Dimitris Kokoutsidis, Oct 6, 2024, CyberFM Menu: Understanding the Weakness of Startup Scripts as a Security Measure: The Illusion of Security with Startup Scripts: The Role of Script Debugger in Exploiting Startup Scripts: Full Access Account Reinsertion via Decompilation: The Critical Importance of Encryption and Robust Account Management: Encryption as the First Line of Defense:
Dimitris Kokoutsidis, Sept 26, 2024, CyberFM Introduction In the rapidly evolving landscape of artificial intelligence, Large Language Models (LLMs) like GPT-4 have become integral to numerous applications, including chatbots, virtual assistants, content generation, and more. While these models offer remarkable capabilities, they also introduce a new set of security challenges that must be addressed to
CVE macOS, Windows, Ubuntu FileMaker Server CVE-2024-23202 Source: https://fm-security.com/posts/priv_esc/ I have identified a privilege escalation vulnerability in FileMaker Server for all platforms (macOS, Windows, Ubuntu) This vulnerability allows an attacker, that has the most limited access to a remote database, hosted on FileMaker Server, to get full access privileges, with access to all data from all tables
Bypass authorization of FileMaker Server or “there is no such category” Source: https://fm-security.com/posts/bypass_auth/ CVE FileMaker Server CVE-2024-27790 Menu Introduction In the summer of 2023, I decided to investigate the internal communication protocol between FileMaker clients and the server. This led to the discovery of perhaps the most significant vulnerability in the platform’s history. I discovered that it
Dirk Schittko, Oct 1, 2024, FileMaker Konferenz 2024 Menu At FMK 2024, Dirk Schittko delivered an insightful talk on the intricacies of setting up and managing FileMaker Server on Linux, particularly on Ubuntu. FileMaker Server, traditionally a Windows or macOS application, has found a new home in Linux, offering increased performance, cost savings, and reliability
Understanding the Risks and Mitigations of dylib Hijacking in macOS FileMaker Pro CVE-2023-42920 Source: https://fm-security.com/posts/dylib/ CVE macOS FileMaker Pro CVE-2023-42920 Menu Introduction The dylib hijacking vulnerability for macOS is well known and studied. But from a FileMaker developer’s point of view, I have not seen any analysis of this problem. I will begin a little bit from afar. Embedding into someone else’s
Claus Lavendt, FileMaker Training Videos – Aug 14, 2024 FileMaker Server is an essential component for hosting FileMaker databases, but its built-in administrative tools often leave much to be desired, particularly for users managing large deployments or needing fine-grained control. Enter Claus Lavendt’s Missing Admin Tool, a robust, free, and open-source solution that fills the
Richard Carlton, Jul 30, 2024, FileMaker Training Videos Menu Introduction to FileMaker Upgrades To top Upgrading FileMaker to its latest version is a decision that many organizations delay, often due to concerns about cost, downtime, or compatibility. However, running an outdated version of FileMaker comes with several risks, including slower performance, security vulnerabilities, and compatibility
Jasper Schoonackers (Lesterius), Doug Wallis, and Sangita Banerjee (Claris) , Claris Community Live 6 Data breaches and cyber threats are becoming increasingly sophisticated, the security of your database systems is more critical than ever. Claris FileMaker 2024 introduces a comprehensive suite of new security features and enhancements designed to help developers, administrators, and organizations protect
Claris Support The Linux’s FileMaker server installer now have a docker folder which contains a bunch of script to build and deploy a FileMaker Server on docker. You can rely on it instead of the article. Source: https://support.claris.com/s/article/Running-FileMaker-Server-in-a-Docker-container-for-Ubuntu-20-04?language=en_US Claris Engineering Blog August 1, 2022 Updates: This engineering blog describes why you might want to use
John Mathewson, Jun 20, 2024, Kyologic blog Source: https://kyologic.com/2024/06/keeping-filemaker-secure/ FileMaker is an incredibly powerful tool for managing relational databases. Of course, the nature of this platform means a variety of sensitive material may be stored on these databases. From employee social security numbers to client’s banking info to company finances, it’s crucial to ensure this
Decoding the fmp12 File Format: A Deep Dive into Passwords and Account Security Source: https://davidhamann.de/2024/06/17/how-does-filemaker-store-passwords/ Introduction On This Page I had been planning for a while to dive deeper into the fmp12 file format to explore how data is organized and how accounts and passwords are stored. A few months ago, I finally found the
Wim Decorte, Doug Wallis, Jun 13, 2024, Claris Community Live 1. Introduction Security in FileMaker development has evolved from a “nice-to-have” feature to an absolute necessity. In the third Claris Community Live event, Rosemary Tietge, along with experts Wim Decorte and Doug Wallis, walked through the most relevant security challenges, solutions, and best practices for
Wim Decorte, Jacob Taylor, Jun 11, 2024, In this blog post, we take a deep dive into the FileMaker 2024 Server (also known as FileMaker 21) Q&A session featuring experts Wim Decorte from Soliant Consulting and Jacob Taylor from RCC. This session provided a comprehensive look at FileMaker Server’s latest features, performance optimizations, and essential