Friday 05. of August 2011 What you need to know and need to do if your website has been hacked.

This article aims to give a short overview of the most important things to do after your website has been compromised.

Saturday 30. of July 2011 Breaking changes in the latest TYPO3 Security Release

Since some people contacted us with questions regarding the latest release, this post will elaborate on the changes in that release and why they have been done that way.

Monday 25. of July 2011 New naming scheme for TYPO3 Security Bulletins

The TYPO3 Security Team introduced a new structure and a new naming scheme for security bulletins.

Sunday 03. of April 2011 [Coding] Doing Filename Checks Securely

Recently a security issue in TYPO3 has been fixed, where it was possible to circumvent checks, which should ensure file names to match specific patterns (e.g. denying .php file extensions to be uploaded or renamed to).

As...

Monday 07. of March 2011 Incident Handling of TYPO3 Core Issues

The TYPO3 Security Team has decided to partly handle TYPO3 Core Incidents publicly by the standard Core Review Process.