Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B | Research/security tips email: cingred@protonmail.com.

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

eBay warns of developer password-theft flaw

eBay warns of developer password-theft flaw

If you are a member of the eBay Developer Program, you might want to change your password immediately.According to a warning from eBay's Kumar Kandaswamy, a vulnerability in the service allows malicious hackers to gain information to developer accounts.

August 12, 2009 by in Developer

Campaign Monitor hacked, accounts used for spamming

Campaign Monitor hacked, accounts used for spamming

E-mail marketing software developer Campaign Monitor warned users today of a server compromise that took place during the weekend.The compromise allowed the attackers to gain access to customer accounts, which they abused by importing their own lists of harvested emails in order to launch spam campaigns using the clean IP reputation of their servers.

August 11, 2009 by in Servers

Password-reset flaw haunts WordPress admins

Password-reset flaw haunts WordPress admins

Researchers are sounding the alarm for a serious administrator password-reset vulnerability affecting the latest version of WordPress, the popular open-source blog publishing platform.The flaw, which can be exploited via the browser, gives an attacker a trivial way to compromise the admin account of any WordPress of WordPress MU (multiple user) installation.

August 11, 2009 by in Security

Microsoft's Bing invaded by pharmaceutical scammers

Microsoft's Bing invaded by pharmaceutical scammers

Rogue online pharmacies have found a way to exploit Bing's advertising program.According to a recently released report by KnujOn and LegitScript, 90% of the Bing sponsored pharmacy ads were rogue ones, shipping counterfeit prescription drugs, with the bogus companies participating part of larger affiliate networks like this one analyzed last year.

August 7, 2009 by in Microsoft

Major security holes in popular XML libraries

Major security holes in popular XML libraries

A security research outfit has issued a warning for several critical vulnerabilities in popular XML libraries used by a wide range of software vendors.The flaws, discovered earlier this year by Codenomicon, affect a wide range of technology products, including servers and server applications, workstations and end user applications, network devices,  embedded systems and mobile devices.

August 6, 2009 by in Servers

Absolute Software downplays BIOS rootkit claims

Absolute Software downplays BIOS rootkit claims

Following a flood of calls from customers, the company behind the LoJack anti-theft service which researchers from Core Security Technologies recently portrait as a security threat, issued a statement downplaying the researchers' claims.According to the statement, LoJack is neither a rootkit, nor does it behave in such a way.

August 5, 2009 by in Security

Apple warns of Mac attack risk via image files

Apple warns of Mac attack risk via image files

Apple today warned that opening or viewing image files could lead to remote code execution attacks against Mac OS X users.In an update that contains fixes for a total of 19 documented vulnerabilities, Apple said malicious hackers could rig PNG (Portable Network Graphics) and other images to take complete control of unpatched Mac systems.

August 5, 2009 by in Apple

Mozilla shuts online store after security breach

Mozilla shuts online store after security breach

The Mozilla Foundation has shuttered its e-commerce store after confirming a security breach at GatewayCDI, the third-party vendor that handles the store's backend operations.The open-source groups said it has asked Gateway CDI to quickly notify individuals who had their sensitive data compromised.

August 5, 2009 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All