Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Conficker worm's copycat Neeris spreading over IM

Conficker worm's copycat Neeris spreading over IM

Imitation has always been a form of flattery, and that's particularly true for the cybercrime ecosystem. From the lone Chinese cybercriminals releasing DIY tools for generating malware actively exploiting the MS08-067 flaw, followed by the original Conficker worm, Microsoft's MMPC (Malware Protection Center) is reporting on a currently spreading Conficker copycat detected as Worm:Win32/Neeris.

April 7, 2009 by in Security

Attackers pounce on Microsoft PowerPoint zero-day

Attackers pounce on Microsoft PowerPoint zero-day

Attackers are using rigged PowerPoint files to exploit an unpatched vulnerability in Microsoft's presentation software, according to warning late Thursday from the software maker.In a pre-patch advisory, Microsoft described the attacks as "limited and targeted," the kind of language that suggests it is being used to steal data from corporate or government networks.

April 2, 2009 by in Microsoft

Eyeballing Conficker with eye-charts and maps

Eyeballing Conficker with eye-charts and maps

As expected, the April 1st activation date for the Conficker worm passed without much noise but, as Microsoft and others are explaining, the botnet associated with the worm is very much alive -- and still potentially dangerous."[This threat] should remain a manageable cause for concern and it doesn’t go away after April 1," says Microsoft's Christopher Budd.

April 2, 2009 by in Developer

Google: Spam volume for Q1 back to pre-McColo levels

Google: Spam volume for Q1 back to pre-McColo levels

It took only a couple of months for cybercriminals to catch-up and reintroduce the massive spam volumes that briefly disappeared following the shutdown of the cybercrime ecosystem's sitting duck McColo in November, 2008.According to Google's Postini Spam data and trends for Q1 2009, during the first quarter of the year the spam volume was the strongest since 2008, increasing with an average of 1.

April 2, 2009 by in Google

Googling for Conficker clean-up information? Be careful

Googling for Conficker clean-up information? Be careful

If you're trawling the Web for information on disinfecting the Conficker worm,  be very, very careful.Cyber-criminals are latching onto the hype around the Windows malware threat and have started registering domain names linked to Conficker and poisoning search results to trick users into installing fake anti-virus software programs.

March 31, 2009 by in Security

Inside BBC's Chimera botnet

Inside BBC's Chimera botnet

Earlier this month, the controversial BBC purchase of a botnet and modifying the infected hosts in the name of "public interest" sparked a lot of debate on the pros and cons of their action.

March 30, 2009 by in Security

German researchers score Conficker detection breakthrough

German researchers score Conficker detection breakthrough

Just days ahead of an April 1st activation date for the Conficker worm squirming through the Windows operating system, security researchers at the Honeynet Project have scored a major breakthrough, finding a way to fingerprint the malware on infected networks.Now, with the help of Dan Kaminsky and Rich Mogull, off-the-shelf network scanning vendors have the ability remotely (and anonymously) detect Conficker infections.

March 30, 2009 by in Security

OpenSSL patches three security holes

OpenSSL patches three security holes

The OpenSSL Project has released new versions of its popular implementation of the SSL v2/v3 and TLS protocols to fix three security vulnerabilities.According to an advisory from the open-source group, the toolkit update fixes three security flaws that carry "moderate severity" ratings.

March 26, 2009 by in Security

Exploit code sends Mozilla scrambling to fix Firefox

Exploit code sends Mozilla scrambling to fix Firefox

[ UPDATE:  Mozilla has shipped a patch for this vulnerability ]Mozilla's security response team is scrambling to ready a patch for what appears to be a serious security flaw affecting its flagship Firefox browser.The vulnerability, released alongside proof-of-concept code on several security sites, could lead to malicious code execution attacks if a Firefox user is lured to a Web site rigged with exploits.

March 25, 2009 by in Enterprise Software

Cisco IOS patch day covers multiple vulnerabilities

Cisco IOS patch day covers multiple vulnerabilities

Cisco has shipped a batch of patches to cover multiple vulnerabilities affecting IOS, the software that powers the vast majority of Cisco's routers and switches.In all, the company released 8 separate advisories with warnings for information disclosure, privilege escalation, denial-of-service vulnerabilities.

March 25, 2009 by in Cisco

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories