Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B | Research/security tips email: cingred@protonmail.com.

Latest Posts

Will e-voting machines tilt the election?

Will e-voting machines tilt the election?

Unless you have been living under a rock for the past 24 months, you should be well aware that tomorrow millions of Americans will be going to the polls to select their representative, one-third of their senators, and the next president. In general, Americans have become wary of the election process ever since the litigation that follows the 2000 election.

November 3, 2008 by in Hardware

Spammers targeting Bebo, generate thousands of bogus accounts

Spammers targeting Bebo, generate thousands of bogus accounts

The concept of building a fraudulent ecosystem by abusing legitimate services only is nothing new, and as we've already seen numerous times throughout the year, malicious attackers are actively embracing it. Bebo, the popular social networking site is currently under attack from spammers that are automatically registering thousands of bogus accounts advertising fake online pharmacies, with the campaign owners receiving revenue through an affiliate based program.

October 31, 2008 by in Social Enterprise

Happy 20th birthday, internet worm!

Happy 20th birthday, internet worm!

This weekend marks the 20th anniversary of the Internet Worm, the first major worm that propagated on the Internet. Even though many years have passed and underlying media has changed, worms are still able to wreak havoc and keep system administrators up at night.

October 30, 2008 by in Security

Phishers apply quality assurance, start validating credit card numbers

Phishers apply quality assurance, start validating credit card numbers

With the exact number of end users interacting with phishing emails by submitting bogus data still unknown, phishers are on the other hand continuing to apply basic quality assurance processes ensuring that they will be collecting only validated credit card details, and limiting the opportunity for researchers and end users to poison their campaigns.

October 30, 2008 by in Security

Opera sings the security blues

Opera sings the security blues

Guest editorial by Aviv Raff If you ask any Opera fanboy, he will tell you that Opera is the most secured browser. Well frankly, it really is a good and secure browser, implementing many restrictions that other browsers simply ignore.

October 30, 2008 by in Security

Adobe nukes 'critical' Pagemaker flaws

Adobe nukes 'critical' Pagemaker flaws

Adobe has released a patch to fix a pair of critical vulnerabilities in its PageMaker 7 software, warning that a hacker could exploit these flaws to "take control of the affected system."A third vulnerability, confirmed by Adobe, remains unpatched, the company acknowledged in an advisory.

October 30, 2008 by in Security

Cybercrime friendly EstDomains loses ICANN registrar accreditation

Cybercrime friendly EstDomains loses ICANN registrar accreditation

Despite EstDomains persistent press releases during the last couple of days, next to the domain registrar's delayed response to the security community, on Thursday the ICANN has sent a notice of termination of their registrar accreditation agreement with EstDomains, following obtained court records stating that EstDomains president Vladimir Tsastsin has been convicted of credit card fraud, money laundering and document forgery on 6 February 2008. The end of EstDomains?

October 29, 2008 by in Security

CardCops: Stolen credit card details getting cheaper

CardCops: Stolen credit card details getting cheaper

The dynamics of the underground marketplace are pretty similar to that of the legitimate marketplace, with cybercriminals demanding and supplying, consolidating and start to work together, and coming up with new monetization approaches in order to continue enjoying the high profit margins of their goods and services.

October 29, 2008 by in Security

'End of life' beckons for Firefox 2

'End of life' beckons for Firefox 2

If you have not yet upgraded to Firefox 3, keep in mind that Mozilla is very close to pulling the plug on support for older versions of the browser.Support for Firefox 2, which includes security and stability patches, is scheduled to end six months after Firefox 3 shipped (June 17, 2008), which puts the end-of-life date in the mid-December range.

October 29, 2008 by in Enterprise Software

Talkback Tuesday: latest MS vulnerability

Talkback Tuesday: latest MS vulnerability

Everyone was discussing the MS08-067 vulnerability and its out-of-cycle patchlast week. My post on the topic elicited several comments from our readers, including the following by frgough: If this had been Apple, the article slant would have been all aboutpoor security models, inherently flawed structure with lots ofadjectives like massive, dangerous, overconfident, etc.

October 28, 2008 by in Enterprise Software

Exploit published for Windows worm hole

Exploit published for Windows worm hole

Reliable exploit code for the remote code execution vulnerability patched with Microsoft's MS08-067 update has been posted to the Internet, prompting a new "patch immediately" advisory from the Redmond software maker.The exploit, which has been added to the freely available Metasploit point-and-click attack tool, provides a roadmap for code execution on Windows 2000, Windows XP, and Windows Server 2003.

October 28, 2008 by in Enterprise Software

Facebook worm finds a friend in Google Reader

Facebook worm finds a friend in Google Reader

The Facebook worm that has been squirming its way through the popular social network now has a new friend -- Google Reader.According to researchers at Fortinet, the worm's creators are wrapping Google's RSS reader around fake video downloads as part of a strategy to strengthen the social engineering component of the attack.

October 28, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories