id="info"

Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cybersecurity, national security, policy and privacy. He is based out of the New York newsroom, and can also be found on sister sites CNET and CBS News. You can contact him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

$10k hacking contest announced

$10k hacking contest announced

Israeli software developer Gizmox is challenging hackers to try hacking into the company's Visual WebGui Platform, by offering a $10,000 incentive to those who manage to achieve the objectives of their contest launched at the beginning of the month. What's particularly interesting about the contest is the fact that the company is running the contest as an investigation into the identity of their secret agent, the data for whom resides on their unhackable platform.

November 12, 2008 by in Security

Google fixes critical XSS vulnerability

Google fixes critical XSS vulnerability

All your accounting data are not belong to us. Hours after a proof of concept example detailing a XSS vulnerability at Google's account login page was posted at the XSS Project's clearing house, the company quickly took notice and fixed it.

November 12, 2008 by in Security

Spam rates massively down on shutdown of rogue ISP

Spam rates massively down on shutdown of rogue ISP

Several major news outlets are reporting that the shutdown of a rogue ISP in the Bay Area has lead to a massive drop in the global amount of spam. While this is "good thing", this event is not an end of spam, nor is it even the beginning of the end of spam; it is merely a temporary lull.

November 12, 2008 by in Security

Why did Microsoft wait 7 years to fix SMBRelay attack flaw?

Why did Microsoft wait 7 years to fix SMBRelay attack flaw?

One of the code execution vulnerabilities fixed in this month's Microsoft Patch Tuesday release dates back to 2001 when it was first disclosed by Cult of the Dead Cow hacker Sir Dystic (pictured left).If that wasn't cause for worry, get this:  An exploit for the bug -- in the way that Microsoft Server Message Block (SMB) Protocol handles NTLM credentials -- has been part of the Metasploit hacking tool since July 2007.

November 12, 2008 by in Security

MS Patch Tuesday: Critical Windows, Office flaws fixed

MS Patch Tuesday: Critical Windows, Office flaws fixed

Microsoft's scheduled batch of patches for November crossed the wires today with fixes for at least four documented vulnerabilities affecting millions of Windows and Office users.As previously reported, the company released two security bulletins -- one rated critical, one rated important -- with fixes for flaws that could lead to remote code execution attacks.

November 11, 2008 by in Enterprise Software

BBC hit by a DDoS attack

BBC hit by a DDoS attack

The British Broadcasting Corporation (bbc.co.uk) was hit by a DDoS attack on Thursday, according to a statement sent to the Inquirer :"In a statement to the INQ, the BBC said the attack originated in a number of different countries but didn't specify which.

November 11, 2008 by in Security

AVG and Rising signatures update detects Windows files as malware

AVG and Rising signatures update detects Windows files as malware

Yesterday, a signatures update pushed by AVG falsely labeled a critical Windows file as a banker malware, prompting the company to quickly fix the issue and issue a workaround, following end users complaints at its support forums.AVG's false positive causing downtime for Windows users is happening a week after Rising antivirus apologized to its customers for falsely detecting Outlook Express as malware leading to loss of emails, and yes, productivity too.

November 11, 2008 by in Security

'Memoryze' utility pinpoints malware code in live memory

'Memoryze' utility pinpoints malware code in live memory

Jamie Butler, a Windows internals expert who co-wrote the definitive book on rootkits, has created a free forensics tool capable of finding malicious code in live memory.The utility, called Mandiant Memoryze, was released at this year's Hack in the Box conference in Kuala Lumpur, Malaysia.

November 10, 2008 by in Hardware

Koobface Facebook worm still spreading

Koobface Facebook worm still spreading

Originally spreading since July, the Koobface worm remains active according to a recent security alert issued by Websense :"The email reveals that infected user accounts are being used to post messages to Facebook friends lists. The content was an enticing message with a link that used a Facebook open redirector.

November 10, 2008 by in Security

Rigged PDFs exploiting just-patched Adobe Reader flaw

Rigged PDFs exploiting just-patched Adobe Reader flaw

Just three days after Adobe shipped a patch with fixes for a critical Adobe Reader vulnerability, hackers are using booby-trapped PDF files to fire exploits against Windows users.[ SEE: Heads up: Patch your Adobe Reader now ]The in-the-wild attacks, first spotted by the SANS Internet Storm Center, follows the public release of proof-of-concept exploits at Milw0rm.

November 7, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All

Top Stories