Dimitris Kokoutsidis, Oct 22, 2024, CyberFM Monitoring tools are essential for maintaining the stability, performance, and security of your FileMaker Server. These tools enable developers and administrators to automate tasks, gain insights into server activity, and address issues before they escalate. In this comprehensive guide, we’ll delve into the top monitoring tools available for FileMaker
Ensuring Cyber Resilience in Manufacturing: Navigating NIS 2 Requirements with FileMaker Solutions Dimitris Kokoutsidis, Oct 16, 2024, CyberFM Understanding the practical implications of the NIS 2 Directive is crucial for manufacturing companies that rely on FileMaker solutions. The following detailed scenarios illustrate potential risks and challenges that such companies may face, along with the obligations
Uncovering Access and Role Restriction Vulnerabilities in the FileMaker Server Admin Console Source: https://davidhamann.de/2024/10/09/fms-bypassing-restrictions/ With a few security features added to the FileMaker Server Admin Console in the last few versions, I decided to play around with them to see how they are implemented. In this article I want to highlight three of the issues
Dimitris Kokoutsidis, Sept 8, 2024, CyberFM Many FileMaker developers rely on hardcoded license keys for plugin solutions. I have a few questions regarding this approach: Overview of Plugin License Texts Following the blog post, you’ll find the detailed license texts for major FileMaker plugins. This section serves as a guide to understand how each plugin
Dirk Schittko, Oct 1, 2024, FileMaker Konferenz 2024 Menu At FMK 2024, Dirk Schittko delivered an insightful talk on the intricacies of setting up and managing FileMaker Server on Linux, particularly on Ubuntu. FileMaker Server, traditionally a Windows or macOS application, has found a new home in Linux, offering increased performance, cost savings, and reliability
Understanding the Risks and Mitigations of dylib Hijacking in macOS FileMaker Pro CVE-2023-42920 Source: https://fm-security.com/posts/dylib/ CVE macOS FileMaker Pro CVE-2023-42920 Menu Introduction The dylib hijacking vulnerability for macOS is well known and studied. But from a FileMaker developer’s point of view, I have not seen any analysis of this problem. I will begin a little bit from afar. Embedding into someone else’s
Unlocking the Secrets of the FileMaker Server Keystore: A Cryptographic Exploration Source: https://davidhamann.de/2023/05/29/deciphering-the-filemaker-keystore/ Introduction On This Page While checking out how the FileMaker Pro to Server upload feature worked, I noticed that credentials were encrypted using a RSA public key before being sent to the server. I looked into FileMaker Server’s installation directory and found that
Uncovering XXE Vulnerabilities in FileMaker’s XML Parsing Source: https://davidhamann.de/2021/11/18/filemaker-xxe-vulnerability/ CVE FileMaker Pro CVE-2021-44147 A couple of months ago I looked more deeply into the “Import Records” functionality in FileMaker, especially the XML parsing, and was wondering if any XXE vulnerability may exist and how one could exploit this in technically interesting ways. The vulnerability is/was indeed there