Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Targeted malware attacks exploiting IE7 flaw detected

Targeted malware attacks exploiting IE7 flaw detected

Researchers at TrendMicro have detected a targeted malware attack exploiting last week's patched critical MS09-002 vulnerability affecting Internet Explorer 7.  Upon opening the spammed Microsoft office document, vulnerable users are automatically forwarded to a Chinese live exploit site which still remains active.

February 17, 2009 by in Security

Crimeware tracking service hit by a DDoS attack

Crimeware tracking service hit by a DDoS attack

A week after a newly launched crimeware tracking service went public, cybercriminals didn't hesitate to prove its usefulness by launching a distributed denial of service attack (DDoS) against it. According to the Swiss security blog, the Zeus tracker came under attack from a previously known source that also attacked abuse.

February 17, 2009 by in Security

Is your Java up to date?

Is your Java up to date?

For a long time, the experience of patching Sun's Java software has been less than pleasant. The updates were huge and time consuming, the patching instructions were a mess and, even worse, Sun never removed older, vulnerable versions from the patched machine.

February 14, 2009 by in Innovation

Apple Patch Day: Gaping Mac OS X, Safari holes

Apple Patch Day: Gaping Mac OS X, Safari holes

It's Apple's turn on the Patch Day treadmill and, for Mac OS X users, it's quite ugly.As I write, Apple has released four different bulletins to cover 48 documented vulnerabilities in the Mac OS X ecosystem, a solitary code execution flaw affecting Safari for Windows and four different security problems in Java for Mac OS X.

February 12, 2009 by in Security

Pwn2Own hacker contest targets browsers, smart phones

Pwn2Own hacker contest targets browsers, smart phones

After two straight years of taking dead aim at Macbooks and Windows-powered machines, hackers at this year's CanSecWest conference will have shiny new targets:  Web browsers and mobile phones.According to CanSecWest organisers, there will be two separate Pwn2Own competitions this year -- one pitting hackers against IE8, Firefox 3 and Safari and another targeting Google Android, Apple iPhone, Nokia Symbian and Windows Mobile.

February 11, 2009 by in Enterprise Software

BlackBerry bitten by ActiveX control flaw

BlackBerry bitten by ActiveX control flaw

Research in Motion (RIM) today raised an alarm for a serious security vulnerability in the BlackBerry Application Web Loader, warning that it exposes Windows users to code execution attacks.When a BlackBerry device user browses to a web site that is designed to install the BlackBerry Application Web Loader ActiveX control on BlackBerry devices over a USB connection, and clicks Yes to install and run the ActiveX control, the ActiveX control introduces the vulnerability to the computer.

February 10, 2009 by in Mobility

Microsoft: 'Consistent exploit code likely' for IE vulnerabilities

Microsoft: 'Consistent exploit code likely' for IE vulnerabilities

Microsoft today shipped four bulletins with patches for at least 8 documented security vulnerabilities affecting Windows users and warned that "consistent exploit code could be easily crafted" to launch attacks via the Internet Explorer browser.The Patch Tuesday batch includes fixes for a pair of code execution holes in IE, two bugs in the Microsoft Exchange Server, a remote code execution issue in the Microsoft SQL Server, and three separate flaws haunting users of Microsoft Office Visio.

February 10, 2009 by in Enterprise Software

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories