Zack Whittaker

Zack Whittaker is a security writer-editor for ZDNet. He can be found on sister sites CNET and CBS News. He is based in the New York newsroom. You can send him secure email with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Metasploit Project's site hijacked through ARP poisoning

Metasploit Project's site hijacked through ARP poisoning

Metasploit, the open-source platform for developing, testing, and using exploit code, got its official project site briefly hijacked on Monday by a well known member of the Chinese underground who left the following message offering a new zero day exploit for sale - "hacked by sunwear! just for fun!

June 3, 2008 by in Security

Online brand-jacking increasing

Online brand-jacking increasing

With the evolving sophistication of online scammers' understanding of social engineering and trust building online, the techniques they use to build authenticity into their scam propositions have started directly influencing a targeted brand's reputation online in the most negative way possible - the loss of a customer's trust into the brand's capabilities to defend itself against impersonation attacks.

June 3, 2008 by in Security

Phoenix Mars Lander's mission site hacked

Phoenix Mars Lander's mission site hacked

With the world's eyes on the latest multimedia streaming straight from Mars, during the weekend the Phoenix Mars Mission's site got hit twice, first by an Ukrainian web site defacer who posted a message at the site's blog, and hours later, the Turkish "sql loverz crew 2008" redirected the official mission's site, as well as the Lunar and Planetary Laboratory site to a third-part location serving the defaced page.

June 2, 2008 by in Security

Microsoft's CAPTCHA successfully broken

Microsoft's CAPTCHA successfully broken

UPDATE: Gmail, Yahoo and Hotmail's CAPTCHA broken by spammers. Jeff Yan and Ahmad Salah El Ahmad, at the School of Computing Science, Newcastle University, England recently published a research paper entitled "A Low-cost Attack on a Microsoft CAPTCHA", demonstrating how they've managed to attack the Microsoft's CAPTCHA used on several of their online services such as Hotmail and Windows Live, with over 92% recognition rate.

May 31, 2008 by in Security

Microsoft issues Safari-to-IE blended threat warning

Microsoft issues Safari-to-IE blended threat warning

Microsoft has issued a formal security advisory with a confirmation of public warnings that the Safari "carpet bombing" vulnerability presents a remote code execution threat on all supported editions of Windows XP and Windows Vista.The pre-patch advisory from Redmond follows public pressure from the Google-backed StopBadware.

May 30, 2008 by in Enterprise Software

ActiveX control bug bites Creative Labs AutoUpdate engine

ActiveX control bug bites Creative Labs AutoUpdate engine

A high-severity security flaw in the Creative Software automatic update engine could put Windows computers at risk of remote code execution attacks, according to a warning from the US-CERT (Computer Emergency Readiness Team).The vulnerability affects the software used to provide updates to Creative Labs' audio/video entertainment product line, which includes the popular Zen MP3 player line.

May 30, 2008 by in Security

Attacks on NFC mobile phones demonstrated

Attacks on NFC mobile phones demonstrated

Yesterday, Collin Mulliner of the trifinite.group, a group of computer experts researching insecurities in wireless communications, has released the slides as well as the research tools he came up with in order to demonstrate various attacks and vulnerabilities in Near Field Communication mobile phones, a technology that will change the face of mobile payments, and naturally result in more innovative mobile phishing and malware attempts.

May 28, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All

Top Stories