Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B | Research/security tips email: cingred@protonmail.com.

Latest Posts

Facebook introducing new security warning feature

Facebook introducing new security warning feature

With Facebook persistently under attacks from phishers and malware authors, looking for creative ways to efficiently exploit its users base, Facebook's security team has silently introduced a new "security warning feature" alerting its users on the potential maliciousness of the third-party site they are about to visit. Is the newly introduced featured a PR move, and how applicable is this approach during an ongoing attack?

September 15, 2008 by in Social Enterprise

Exploit published for Windows Media Encoder flaw

Exploit published for Windows Media Encoder flaw

If you haven't applied Microsoft's MS08-053 security update, now might be a good time to hit that patch button.Proof-of-concept exploit code for the vulnerability, which allows remote code execution attacks via the Web, has been posted online, raising the likelihood that we'll soon see in-the-wild exploitation.

September 15, 2008 by in Enterprise Software

Spamming vendor launches managed spamming service

Spamming vendor launches managed spamming service

A spamming vendor known as the SET-X Corporation, has recently launched the distributed SET-X Mail System, a sophisticated managed spamming service available for rent on a monthly basis starting from $2000, promising to achieve "spamming speed" of 5000 to 7000 emails per minute and over 1 million spam messages per day, courtesy of the 5000 bots it comes preloaded with.

September 13, 2008 by in Security

Browser Wars 2.0: Firefox scrambles to add 'private mode' browsing

Browser Wars 2.0: Firefox scrambles to add 'private mode' browsing

At Black Hat last month, when I spoke to Mozilla security chief Window Snyder, she made it clear that Private Browsing would not make it into the next revision of Firefox.Today, the open-source group all but announced that the privacy feature, which puts the browser into a temporary state where no information about the user's browsing session is stored locally, will definitely make it into Firefox 3.

September 12, 2008 by in Enterprise Software

Secunia launches pay-as-you-go exploit shop

Secunia launches pay-as-you-go exploit shop

Danish security research firm Secunia has launched a pay-as-you-go vulnerability analysis service aimed at providing technical details, exploits and proof-of-concept code to security software vendors.The new Binary Analysis Service is billed as a one-stop-shop for indepth analysis of the "worst and most interesting vulnerabilities" affecting widely deployed software products.

September 11, 2008 by in Security

Google closes hole in Single Sign-On service

Google closes hole in Single Sign-On service

Google has fixed an implementation flaw in the single sign-on service that powers Google Apps follow a warning from researchers that remote attackers can exploit a hole to access Google accounts.The vulnerability, described in this white paper (.

September 10, 2008 by in Google

Countrywide warning: Ex-employee (may have) sold customer, mortgage data

Countrywide warning: Ex-employee (may have) sold customer, mortgage data

Countrywide Mortgage has started notifying customers that a rogue employee (since dismissed) may have sold sensitive personal information to an unidentified third party.The company mailed "urgent security notification" letters to customers this week, warning that the customer information involved included names, addresses, social security numbers, mortgage loan numbers and "various other loan and application information.

September 9, 2008 by in Government : US

MS Patch Tuesday: 8 critical security holes patched

MS Patch Tuesday: 8 critical security holes patched

Microsoft shipped four high-priority security bulletins today with patches for at least eight code execution vulnerabilities affecting millions of Windows computer users.The September Patch Tuesday updates, all rated "critical," correct security flaws in the Windows Media Player, the Windows Media Encoder, Microsoft Office and the Microsoft Windows GDI+ (graphics device interface).

September 9, 2008 by in Microsoft

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories