Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cybersecurity, national security, policy and privacy. He is based out of the New York newsroom, and can also be found on sister sites CNET and CBS News. You can contact him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

FEMA's PBX network hacked, over 400 calls made to the Middle East

FEMA's PBX network hacked, over 400 calls made to the Middle East

Someone's been chatting a lot during the weekend, but picking up FEMA's PBX network as their main carrier might not have been the smartest thing to do. Over 400 calls, lasting from three up to ten minutes were placed through their network, a breach made possible due to an insecurely configured Private Branch Exchange system :"A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.

August 20, 2008 by in Networking

Opera patches 7 vulnerabilities but keeps one a secret

Opera patches 7 vulnerabilities but keeps one a secret

Opera Software has shipped a new version of its flagship Web browser with fixes for at least seven documented security problems but details on one vulnerability -- a cross-site scripting issue reported by Chris Weber-- is being kept under wraps.Opera warned that one of the seven flaws is rated "extremely severe" because of the risk of arbitrary code execution.

August 20, 2008 by in Security

Can Adobe mitigate 'clipboard hijack' issue?

Can Adobe mitigate 'clipboard hijack' issue?

Adobe's product security incident response team (PSIRT) says it is investigating possible solutions to the clipboard hijack attacks spotted on Flash-based advertisements on high-profile Web sites.A barebones note on the PSIRT blog simply acknowledges the issue and promised more information after the investigation but, by mentioning "possible solutions," it is clear that that Adobe is looking for ways to mitigate the threat.

August 20, 2008 by in Security

Visa, banks to test real-time fraud alerts

Visa, banks to test real-time fraud alerts

Credit card giant Visa is teaming up with with eight North American banks to deliver fraud alerts in real-time via SMS (text messages) and e-mails to cell phones.The pilot program will allow about 2,000 Visa cardholders to set thresholds that will trigger an immediate transaction alert to a mobile device.

August 20, 2008 by in Telcos

Android security team appeals to hackers

Android security team appeals to hackers

Already burned by the discovery of serious security vulnerabilities in its SDK, the Android Security Team emerged from the shadows this week with an appeal to the security community for help fixing flaws in the Linux-based mobile platform.In a note posted to several public mailing lists, the open-source group published a detailed FAQ covering its security philosophy and process and made a direct request for hackers to use responsible disclosure (.

August 19, 2008 by in Mobility

China busts hacking ring, managed to penetrate 10 gov't databases

China busts hacking ring, managed to penetrate 10 gov't databases

If you needed a university certificate in China during the last couple of months, there's a big chance that a group of ten people could have supplied with you such, going a step further and adding your details in more than ten government databases across different provinces in the country, making $300k in the process.Shanghai Daily is reporting on this sophisticated group of local hackers who were selling "valid" educational certificates by modifying government databases.

August 19, 2008 by in Security

Fortune 500 companies use of email spoofing countermeasures declining

Fortune 500 companies use of email spoofing countermeasures declining

Here's a paradox - a technology originally meant to verify the sender of an email message for the sake of preventing spoofed messages from reaching the network, still hasn't been embraced by the world's biggest companies despite being around for years, but is actively used by adaptive spammers increasingly abusing legitimate services in order to take advantage of their identifiable email reputations.

August 18, 2008 by in Servers

DEFCON 16: List of tools and stuff released

DEFCON 16: List of tools and stuff released

 Guest editorial by Rob FullerDEFCON, the 9000+ attendee hacker conference in Vegas has become a sort of hydra conference. It has become more like a global fair than what most people think of conferences; even the badge is highly unique.

August 18, 2008 by in CXO

uTorrent silently patches critical vulnerability

uTorrent silently patches critical vulnerability

If uTorrent is the client you use to download files, now might be a good time to hit that "check for updates" button.According to security alerts aggregator Secunia, there's a "highly critical" uTorrent vulnerability that could allow remote code execution attacks with rigged .

August 18, 2008 by in Security

Adobe Flash ads launching clipboard hijack attack

Adobe Flash ads launching clipboard hijack attack

Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks.In the Web attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine's clipboard and using a hard-to-delete URL that points to a fake anti-virus program.

August 18, 2008 by in Security

From Metasploit to Microsoft: Skape goes to Redmond

From Metasploit to Microsoft: Skape goes to Redmond

Metasploit developer Matt Miller, who for years frustrated Microsoft officials with the public release of Windows exploits, is heading to Redmond to join Microsoft's Security Science team.Miller, who uses the hacker moniker Skape,will work on improved ways to find security vulnerabilities and better software defenses through mitigations, according to an announcement by SDL guru Michael Howard.

August 18, 2008 by in Microsoft

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All

Top Stories