Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Microsoft's Bing invaded by pharmaceutical scammers

Microsoft's Bing invaded by pharmaceutical scammers

Rogue online pharmacies have found a way to exploit Bing's advertising program.According to a recently released report by KnujOn and LegitScript, 90% of the Bing sponsored pharmacy ads were rogue ones, shipping counterfeit prescription drugs, with the bogus companies participating part of larger affiliate networks like this one analyzed last year.

August 7, 2009 by in Microsoft

Major security holes in popular XML libraries

Major security holes in popular XML libraries

A security research outfit has issued a warning for several critical vulnerabilities in popular XML libraries used by a wide range of software vendors.The flaws, discovered earlier this year by Codenomicon, affect a wide range of technology products, including servers and server applications, workstations and end user applications, network devices,  embedded systems and mobile devices.

August 6, 2009 by in Servers

Absolute Software downplays BIOS rootkit claims

Absolute Software downplays BIOS rootkit claims

Following a flood of calls from customers, the company behind the LoJack anti-theft service which researchers from Core Security Technologies recently portrait as a security threat, issued a statement downplaying the researchers' claims.According to the statement, LoJack is neither a rootkit, nor does it behave in such a way.

August 5, 2009 by in Security

Apple warns of Mac attack risk via image files

Apple warns of Mac attack risk via image files

Apple today warned that opening or viewing image files could lead to remote code execution attacks against Mac OS X users.In an update that contains fixes for a total of 19 documented vulnerabilities, Apple said malicious hackers could rig PNG (Portable Network Graphics) and other images to take complete control of unpatched Mac systems.

August 5, 2009 by in Apple

Mozilla shuts online store after security breach

Mozilla shuts online store after security breach

The Mozilla Foundation has shuttered its e-commerce store after confirming a security breach at GatewayCDI, the third-party vendor that handles the store's backend operations.The open-source groups said it has asked Gateway CDI to quickly notify individuals who had their sensitive data compromised.

August 5, 2009 by in Security

Plugins compromised in SquirrelMail's web server hack

Plugins compromised in SquirrelMail's web server hack

According to a recently posted update by SquirrelMail's Jonathan Angliss, the source code of three plugins was backdoored during the web server compromise of the popular web-based email application which took place last month.The compromised plugins were embedded with code that was forwarding accounting data to a server maintained by the people behind the hack, something SquirrelMail didn't acknowledge prior to announcing the web server compromise.

August 4, 2009 by in Servers

Fake 'Blue Screen of Death' pushing scareware

Fake 'Blue Screen of Death' pushing scareware

Hackers are using the infamous Windows Blue Screen of Death to trick computer users into downloading fake security software (scareware).According to a discovery by Sunbelt Software, a Windows users are being shown the recognizable blue screen that signifies an operating system crash with a bright red "Security Alert" notice.

August 4, 2009 by in Security

Does Twitter's malware link filter really work?

Does Twitter's malware link filter really work?

Today, researchers from F-Secure stumbled upon a long-anticipated feature in Twitter's fight against malicious abuse of its service - a malware URL filter preventing automatically registered or compromised legitimate accounts from tweeting known malicious links.Whenever a Twitter user is attempting to post a link to a known malware/phishing URL, a "Oops!

August 3, 2009 by in Social Enterprise

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories