Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cybersecurity, national security, policy and privacy. He is based out of the New York newsroom, and can also be found on sister sites CNET and CBS News. You can contact him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Google closes hole in Single Sign-On service

Google closes hole in Single Sign-On service

Google has fixed an implementation flaw in the single sign-on service that powers Google Apps follow a warning from researchers that remote attackers can exploit a hole to access Google accounts.The vulnerability, described in this white paper (.

September 10, 2008 by in Google

Countrywide warning: Ex-employee (may have) sold customer, mortgage data

Countrywide warning: Ex-employee (may have) sold customer, mortgage data

Countrywide Mortgage has started notifying customers that a rogue employee (since dismissed) may have sold sensitive personal information to an unidentified third party.The company mailed "urgent security notification" letters to customers this week, warning that the customer information involved included names, addresses, social security numbers, mortgage loan numbers and "various other loan and application information.

September 9, 2008 by in Government : US

MS Patch Tuesday: 8 critical security holes patched

MS Patch Tuesday: 8 critical security holes patched

Microsoft shipped four high-priority security bulletins today with patches for at least eight code execution vulnerabilities affecting millions of Windows computer users.The September Patch Tuesday updates, all rated "critical," correct security flaws in the Windows Media Player, the Windows Media Encoder, Microsoft Office and the Microsoft Windows GDI+ (graphics device interface).

September 9, 2008 by in Microsoft

Google patches 'critical' Chrome code execution flaws

Google patches 'critical' Chrome code execution flaws

The first security patch for Google's new Chrome browser is out, fixing at least two "critical" vulnerabilities that put Windows users at risk of code execution attacks.[ SEE: Google Chrome vulnerable to carpet-bombing flaw ]The patch, which is rolled out automatically via Chrome's auto-update feature, also addresses two additional security vulnerabilities -- the carpet-bombing issue and a denial-of-service flaw that could lead to browser crashes and data loss.

September 8, 2008 by in CXO

Spammers are social, too

Spammers are social, too

If you have a social networking account, you are aware that spam has moved to that media. Each social network is scrambling to deploy technologies and policies to prevent spam from becoming as endemic their platforms as it is in the e-mail space.

September 8, 2008 by in Networking

DDoS + Web 2.0 == Buckets o' traffic

DDoS + Web 2.0 == Buckets o' traffic

Denial of Service attacks are based upon a simple idea: generate the maximum amount of traffic using the minimum amount of work. At one time this was as simple as sending a spoofed ICMP echo packet to a broadcast address or similar shenanigans.

September 5, 2008 by in Collaboration

Google Chrome vulnerabilities starting to pile up

Google Chrome vulnerabilities starting to pile up

[ UPDATE: See below for Google's official response to these issues ] Security vulnerabilities in the new Google Chrome browser are beginning to pile up.Following our coverage of the carpet bombing combo threat and denial-of-service crashes, several readers have sent pointers to Chrome exploit code floating around the Web:First up is an automatic file download bug found by researchers in the Ukraine.

September 5, 2008 by in Security

Demo Facebook app creates DoS botnet

Demo Facebook app creates DoS botnet

Do you know what that innocent-looking Facebook app is really doing?Researchers at the Institute of Computer Science (ICS) have created a proof-of-concept Facebook application capable of covertly herding users of the popular social network into a powerful -- and malicious -- botnet.

September 5, 2008 by in Developer

Malware and spam attacks exploiting Picasa and ImageShack

Malware and spam attacks exploiting Picasa and ImageShack

In the wake of the recent malvertising attacks where malicious flash ads were appearing at trusted web sites, evidence from multiple vendors and researchers indicates that spammers and malware authors have once again switched tactics, and are one again abusing legitimate services such as Google's Picasa and ImageShack.

September 4, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All

Top Stories