Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

A peek inside the bank malware epidemic

A peek inside the bank malware epidemic

My colleague at Kaspersky Lab Roel Schouwenberg (see disclosure) has written a very interesting piece on the banker malware landscape, warning that attacks against financial institutions will get much more targeted and sophisticated.Schouwenberg's Attacks on Banks paper takes a close look at how malicious programs targeting financial institutions are designed to evade anti-malware and examines how phishing and money mules serve as the hub for global identity theft attacks.

October 27, 2008 by in Security

Google Android vulnerable to drive-by browser exploit

Google Android vulnerable to drive-by browser exploit

The Google Android operating system is vulnerable to a serious security vulnerability that allows malicious hackers to launch drive-by browser attacks, according to alert from a security research outfit.Technical details of the vulnerability, which occurs because Google Android uses an unpatched open-source software package, is being kept under wraps until a patch is available.

October 27, 2008 by in Mobility

Latest MS Vuln eerily similar to one from two years previous

Latest MS Vuln eerily similar to one from two years previous

The recently discovered critical Windows vulnerability that necessitated an out-of-cycle patch is extremely similar to one that first appeared two years ago. The MS08-067 vulnerability, which was originally spotted by analyzing in-the-wild captures, is remarkably similar to the MS06-040 vulnerability that enabled the spread of a variant of the Mocbot trojan, leading security researchers to believe that it will be used to renovate an old worm.

October 23, 2008 by in Microsoft

MS ships emergency patch for Windows worm hole

MS ships emergency patch for Windows worm hole

Microsoft has released an out-of-band patch to fix an extremely critical worm hole that exposes Windows users to remote code execution attacks.The emergency update comes just one week after the regularly scheduled Patch Tuesday and follows the discovery of a targeted zero-day attack, Microsoft said in an advisory.

October 23, 2008 by in Enterprise Software

Google to introduce warnings for potentially hackable sites

Google to introduce warnings for potentially hackable sites

Last week, Google's Patrick Chapman and Matt Cutts announced that they're experimenting with a new security feature aiming to alert webmasters on the potential for having their sites hacked due to the outdated version of their web applications, starting with Wordpress only :"Recently we've seen more websites get hacked because of various security holes.

October 22, 2008 by in Security

Inside an affiliate spam program for pharmaceuticals

Inside an affiliate spam program for pharmaceuticals

Bargaining with your health doesn't just mean you're heading for a shorter life expectancy, but also, increases the chances that you will either get scammed in the process, or have to pay more in the long-term while dealing with the health issues arising from using expired pharmaceutical with unverifiable origins, you bargained for at the first place.

October 20, 2008 by in Security

Researchers hack wired keyboards, hijack keystrokes

Researchers hack wired keyboards, hijack keystrokes

A team of Swiss researchers say there are several ways to recover keystrokes from wired keyboards by simply measuring the electromagnetic radiations emitted when keys are pressed.In all, the team of researchers from the Security and Cryptography Laboratory in Lausanne, Switzerland, found four  different ways to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls.

October 20, 2008 by in Hardware

Google readying fix for Chrome file download flaw

Google readying fix for Chrome file download flaw

Just hours after the release of the Google Chrome browser last month, researcher Aviv Raff discovered that he could combine two vulnerabilities -- a flaw in Apple Safari (WebKit) and a Java bug -- to trick users into launching executables direct from the new browser. (Here's a demo showing how a Google Chrome users can be lured into downloading and launching a JAR (Java Archive) file that gets executed without warning.

October 20, 2008 by in Security

Security will suffer in the financial crisis

Security will suffer in the financial crisis

As many of you already know, the anti-Midas touch of the financial crisis is spreading to the technology sector. Sequoia Capital, one of the largest VC funds in Silicon Valley, gave a presentation that pretty much said become profitable now or pack up and go home.

October 19, 2008 by in Security

Survey: 88% of Mumbai's wireless networks easy to compromise

Survey: 88% of Mumbai's wireless networks easy to compromise

Deloitte's recently released Wireless Security Survey assessing Mumbai's -- India's financial capital -- state of security awareness in respect to wireless security, shows an ugly picture of insecure wireless networks in both, business, and residential districts. With Mumbai being the home of India's most important financial institutions, next to the majority of multinational corporations, it may also turn into the playground for the next high profile data breach.

October 16, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories