Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Oracle planning Patch Tuesday whopper

Oracle planning Patch Tuesday whopper

Microsoft may be offering a Patch Tuesday respite this month but, if you're an Oracle database administrator, January 13 will be a very busy day.The database server giant announced plans for a monster Patch Day next Tuesday with fixes for 41 security vulnerabilities in "across hundreds of  Oracle products.

January 9, 2009 by in Data Centers

Microsoft study debunks phishing profitability

Microsoft study debunks phishing profitability

Do phishers actually make money, or is phishing an unprofitable business, scammers lose time and resources into? Taking the economic approach of generalizing how much money phishers make, a recently released study by Microsoft researchers Cormac Herley and Dinei Florencio (A Profitless Endeavor: Phishing as Tragedy of the Commons), states that phishing isn't as profitable as originally thought.

January 8, 2009 by in Security

Microsoft planning quiet Patch Tuesday (1 critical)

Microsoft planning quiet Patch Tuesday (1 critical)

Microsoft plans to ship a solitary security bulletin next Tuesday with fixes for a serious security problem in its flagship Windows operating system.The bulletin will carry a "critical" rating, which means that exploitation of the vulnerability could allow the propagation of an Internet worm without user action.

January 8, 2009 by in Windows

A roadmap for the Twitter CSO

A roadmap for the Twitter CSO

The folks at Twitter had to deal with an attack from both phishers and hackers over the past few days. As someone who has been in their shoes many times before, I deeply sympathize with their team and I understand the amount of work that they need to do.

January 7, 2009 by in Security

Bogus LinkedIn profiles serving malware

Bogus LinkedIn profiles serving malware

A currently active malware campaign is taking advantage of bogus LinkedIn profiles impersonating celebrities in an attempt to trick users into clicking on links serving bogus media players. LinkedIn is among the latest social networking services considered as a valuable asset in the arsenal of the blackhat SEO knowledgeable cybecriminal, simply because this approach works.

January 6, 2009 by in Security

Thousands of Israeli web sites under attack

Thousands of Israeli web sites under attack

In the wake of the escalating conflict between Israel and Hamas, it didn't take long before pro-Hamas supporters organized themselves and started to defacing thousands of pro-Israeli web sites in order to use them as vehicles for propaganda -- Israel is meanwhile hijacking TV signals.

January 6, 2009 by in Security

Twitter phishing... inside Twitter

Twitter phishing... inside Twitter

Over the weekend I received a handful of reports of individuals using Direct Messages inside of Twitter to phish for Twitter accounts and passwords.A cluster of compromised Twitter accounts are sending out person-to-person phishing messages inside the Twitter network.

January 4, 2009 by in Security

Adobe Flash, Apple Safari fail privacy test

Adobe Flash, Apple Safari fail privacy test

Third party plug-ins like Adobe Flash do a poor job of cleaning traces of your browser sessions, rendering private-browsing features somewhat useless, according to a new study by researcher Katherine McKinley.McKinley, a researcher at iSec Partners, created a tool for testing the functionality of clearing private data after a browser session and browsing in private mode and found that some browsers -- most notably Apple's Safari for Windows -- do a poor job of wiping traces of a browser session.

January 2, 2009 by in Apple

Military contractor "cyber-defense" gold rush begins

Military contractor "cyber-defense" gold rush begins

Sensing a shift in upcoming defense priorities, Lockheed and Boeing are both launching information security product divisions.Bloomberg is reporting that both Lockheed Martin and Boeing are building security product groups to address the military's needs in defending cyberspace.

January 2, 2009 by in Security

MD5/rogue CA attack: The sky is not falling

MD5/rogue CA attack: The sky is not falling

Guest post by John Viega Today there’s been a lot of buzz about the clever new attack on public key infrastructure from Alex Sotirov and a team of researchers.   In the attack, the bad guy ends up with his own Certification Authority (CA) that is fully trusted according to every major browser.

December 30, 2008 by in Security

An easy fix ignored

An easy fix ignored

Guest post by Chris EngIn the wake of this morning's 25C3 presentation by Alex Sotirov and Jacob Appelbaum, most of the coverage I've read so far has focused on the technical details and real-world impact of their findings. Rightly so -- their paper describing the attack is a fascinating read filled with enough gory details to make any security practitioner salivate.

December 30, 2008 by in Security

Microsoft pours cold water on WMP flaw warning

Microsoft pours cold water on WMP flaw warning

Microsoft is pouring cold water on public reports of a serious code execution vulnerability in the newest versions of its Windows Media Player software.Following the release of proof-of-concept code alongside a claim that the bug can be remotely exploitable to launch arbitrary code, a Microsoft spokesman insists this "is not a product vulnerability.

December 29, 2008 by in Hardware

Santa left a virus under the Christmas tree

Santa left a virus under the Christmas tree

Amazon has warned its customers that one of Samsung's digital picture frames shipped to customers infected with a virus. While Samsung has some egg on its face, malware that ships on consumer hardware is not as serious of an issue as it may seem.

December 27, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories