Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cybersecurity, national security, policy and privacy. He is based out of the New York newsroom, and can also be found on sister sites CNET and CBS News. You can contact him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

DDoS + Web 2.0 == Buckets o' traffic

DDoS + Web 2.0 == Buckets o' traffic

Denial of Service attacks are based upon a simple idea: generate the maximum amount of traffic using the minimum amount of work. At one time this was as simple as sending a spoofed ICMP echo packet to a broadcast address or similar shenanigans.

September 5, 2008 by in Collaboration

Google Chrome vulnerabilities starting to pile up

Google Chrome vulnerabilities starting to pile up

[ UPDATE: See below for Google's official response to these issues ] Security vulnerabilities in the new Google Chrome browser are beginning to pile up.Following our coverage of the carpet bombing combo threat and denial-of-service crashes, several readers have sent pointers to Chrome exploit code floating around the Web:First up is an automatic file download bug found by researchers in the Ukraine.

September 5, 2008 by in Security

Demo Facebook app creates DoS botnet

Demo Facebook app creates DoS botnet

Do you know what that innocent-looking Facebook app is really doing?Researchers at the Institute of Computer Science (ICS) have created a proof-of-concept Facebook application capable of covertly herding users of the popular social network into a powerful -- and malicious -- botnet.

September 5, 2008 by in Developer

Malware and spam attacks exploiting Picasa and ImageShack

Malware and spam attacks exploiting Picasa and ImageShack

In the wake of the recent malvertising attacks where malicious flash ads were appearing at trusted web sites, evidence from multiple vendors and researchers indicates that spammers and malware authors have once again switched tactics, and are one again abusing legitimate services such as Google's Picasa and ImageShack.

September 4, 2008 by in Security

Google Chrome vulnerable to carpet-bombing flaw

Google Chrome vulnerable to carpet-bombing flaw

Google's shiny new Web browser is vulnerable to a carpet-bombing vulnerability that could expose Windows users to malicious hacker attacks.Just hours after the release of Google Chrome, researcher Aviv Raff discovered that he could combine two vulnerabilities -- a flaw in Apple Safari (WebKit) and a Java bug discussed at this year's Black Hat conference -- to trick users into launching executables direct from the new browser.

September 2, 2008 by in Google

Microsoft downplays BitLocker password leakage

Microsoft downplays BitLocker password leakage

Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is "very unlikely."According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

September 2, 2008 by in Hardware

VMware ships patches for 'highly critical' server flaws

VMware ships patches for 'highly critical' server flaws

Virtualization specialist VMware has shipped a mega-patch to cover several "highly critical" vulnerabilities affecting its server and workstation product lines.In all, the patch batch addresses at least 16 documented vulnerabilities affecting the VMware Workstation, VMware Player, VMware ACE, VMware Server and VMware ESX server.

September 2, 2008 by in Hardware

Google Chrome, the security tidbits

Google Chrome, the security tidbits

The oft-rumored Google browser is real. It's called Google Chrome and it comes with a handful of security-related features like privacy mode and blacklist-based blocking of phishing and malware sites.

September 1, 2008 by in Security

Inside India's CAPTCHA solving economy

Inside India's CAPTCHA solving economy

No CAPTCHA can survive a human that's receiving financial incentives for solving it, and with an army of low-waged human CAPTCHA solvers officially in the business of "data processing" while earning a mere $2 for solving a thousand CAPTCHA's, I'm already starting to see evidence of consolidation between India's major CAPTCHA solving companies.

August 29, 2008 by in Social Enterprise

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All

Top Stories