Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Russia kinda-sorta owns up to Estonia cyberwar

Russia kinda-sorta owns up to Estonia cyberwar

Radio Free Europe is reporting that an official from Putin's party has publicly stated that he orchestrated the 2007 DDoS Attacks on Estonia.The information security and military communities have been speculating for the past two years about who were the primary actors behind the 2007 Estonian DDoS attacks.

March 8, 2009 by in Security

Metasploit's HD Moore releases 'war dialing' tools

Metasploit's HD Moore releases 'war dialing' tools

HD Moore wants to simplify pen-testing and simulated hacking attacks against telephone systems.The Metasploit founder has released WarVOX as a free suite of tools to explore, classify and audit a range of telephone systems, including modems, faxes, voicemail boxes, PBXs, loops, dial tones, IVRs and forwarders.

March 5, 2009 by in CXO

FAA confirms data breach; 45,000 affected

FAA confirms data breach; 45,000 affected

A computer breach at the Federal Aviation Administration (FAA) has led to the theft of personal information on more than 45,000 employees and retirees, the agency confirmed this week.All told, the FAA said the hackers hijacked 48 files, two containing sensitive personal information that could expose the employees and retirees to identity theft.

March 5, 2009 by in Hardware

What is security transparency?

What is security transparency?

Guest editorial by Andrew StormsTransparency is a common theme in politics and Wall Street these days. The 2008 elections, dealings of TARP, financial institutions run a-muck are all places where we hear the word transparency bandied about on a daily basis.

March 4, 2009 by in Microsoft

Google downplays severity of Gmail CSRF flaw

Google downplays severity of Gmail CSRF flaw

Yesterday, Vicente Aguilera Diaz from Internet Security Auditors released proof of concept of a CSRF (Cross-Site Request Forgery) vulnerability in Google's Gmail, which he originally communicated to Google two years ago. The CSRF flaw affects Gmail's "Change Password" function, since according to Diaz the session cookie is automatically sent by the browser in every request making the attack possible.

March 4, 2009 by in Security

Bad, bad, cybercrime-friendly ISPs!

Bad, bad, cybercrime-friendly ISPs!

In a post-McColo, post-Atrivo and post-EstDomains cybercrime ecosystem, the researchers at FireEye have recently launched a "Bad Actors series" aiming to put the spotlight on some of the currently active badware actors online. The sampled ISPs represent safe heavens for drop zones for banker malware,  DNSChanger malware, rogue security software and live exploit URLs.

March 4, 2009 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories