Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B | Research/security tips email: cingred@protonmail.com.

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

419 scammers using Dilbert.com

419 scammers using Dilbert.com

Scammers too, know Dilbert.On their way to search for clean IPs through which to send out yet another scam email, 419 con-artists (Mrs Sharon Goetz Massey) have recently started  using Dilbert.

July 27, 2009 by in Security

Microsoft to ship emergency IE, Visual Studio patches

Microsoft to ship emergency IE, Visual Studio patches

Less than a month after a first pass at patching a troublesome flaw affecting its dominant Internet Explorer browser, Microsoft has announced plans to release two emergency updates with a comprehensive fix for the problem.The unusual move comes on the heels of a bombshell blog post by reverse engineering specialist Halvar Flake that the original IE kill-bit fix was "insufficient" and that Microsoft "might have accidentally introduced security vulnerabilities into third-party products.

July 26, 2009 by in Developer

A Good Year for Security Collaboration

A Good Year for Security Collaboration

Guest Editorial by  George StathakopoulosIt seems like just yesterday when I was at Black Hat.  Now as I get ready to fly to Las Vegas again, I look forward to seeing a lot of security researchers, hearing their latest exploits and how they fared over the last 352 days.

July 26, 2009 by in Security

Adobe 'zero-day' flaw is eight months old

Adobe 'zero-day' flaw is eight months old

The current zero-day attacks against Adobe Flash Player are not quite zero-day after all.   According to new information, Adobe's security response team knew about the vulnerability since December 31, 2008 (see image below) but it was misdiagnosed as a "data loss corruption" issue.

July 24, 2009 by in Security

China's Green Dam and the cyberwar implications

China's Green Dam and the cyberwar implications

Guest editorial by Oliver DayChinese military leaders have always been aware of the military advantage the US has over the People's Liberation Army.  Reading through their published assessments of Sino-US war possibilities confirm our belief that we would dominate them in the air, land and sea.

July 23, 2009 by in Security

Some important truths about pen-testing

Some important truths about pen-testing

Guest editorial by Alberto SoliñoPenetration testing is a highly scientific, metrics-driven approach to IT security that has been in practice since almost the dawn of the modern computing era when programmers first began conducting organized tests, or “hacks” of their own, or others’ technologies to test their performance and reliability.

July 20, 2009 by in Security

Patch Day double-whammy: Oracle plugs 33 database holes

Patch Day double-whammy: Oracle plugs 33 database holes

For businesses, today is a Patch Tuesday double-whammy.Just hours after Microsoft shipped six bulletins to cover multiple flaws in Windows and Internet Explorer, Oracle is getting set to release its quarterly batch of Critical Patch Updates with fixes for at least 33 security vulnerabilities.

July 14, 2009 by in Oracle

MS Patch Tuesday: 9 bulletins, 6 rated critical

MS Patch Tuesday: 9 bulletins, 6 rated critical

Microsoft today released six bulletins with fixes for at least nine documented security vulnerabilities in a range of products that put users at risk of malicious hacker attacks.At least two of the vulnerabilities are currently being attacked in the wild so it's imperative that Windows users and administrators treat these patches with the highest possible priority.

July 14, 2009 by in Microsoft

Does free antivirus offer a false feeling of security?

Does free antivirus offer a false feeling of security?

Earlier this month, Symantec's product manager David Hall dismissed free security software as equal alternative to the paid versions, and also described  Microsoft's free "Microsoft Security Essentials" as "a stripped down version of the OneCare product Microsoft pulled from retail shelves".

July 13, 2009 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories