Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Talking Firefox security with Mozilla's Window Snyder

Talking Firefox security with Mozilla's Window Snyder

LAS VEGAS -- Mozilla security chief Window Snyder wants to open-source much more than the Firefox browser.During a sit-down chat at the Black Hat security conference here, Snyder announced plans to launch three new initiatives around threat modeling, training and vulnerability metrics that push the envelope around sharing and collaborating with the rest of the industry.

August 6, 2008 by in Security

Today's assignment : Coding an undetectable malware

Today's assignment : Coding an undetectable malware

Today's dynamic Internet threatscape is changing so rapidly, that the innovations and creativity applied by malware authors can easily render an information security course's curricular on malware outdated pretty fast, or worse, provide the students with a false feeling of situational awareness about today's malware that's driving the entire cybercrime ecosystem at the end of the day.

August 5, 2008 by in Security

Adobe: Beware of fake Flash downloads

Adobe: Beware of fake Flash downloads

Amidst confirmed reports that malicious hackers are starting to use fake Flash Player downloads as social engineering lures for malware, Adobe has issued a call-to-arms for users to validate installers before downloading software updates.The company's notice comes on the heels of malware attacks on Facebook, MySpace and Twitter that attempt to trick Windows users into installing a Flash Player update that turns out to be a malicious executable.

August 4, 2008 by in Windows

Twitter being used to distribute malware

Twitter being used to distribute malware

Last week, when I wrote about Aviv Raff's auto follow-me vulnerability on Twitter, I warned that it was only a matter of time before we see nasty social engineering (malware) attacks on the popular microblogging service.Well, it's here.

August 4, 2008 by in Security

Purewire raises funding, adds Noonan to board

Purewire raises funding, adds Noonan to board

Purewire, a security start-up competing in the software-as-a-service (Saas) market, has banked $2 million in friends-and-family funding and added industry veteran Tom Noonan to its board of directors.The latest funding round, which was led by Imlay Investments, Inc.

August 4, 2008 by in Cloud

On GIFARs

On GIFARs

Ever since Rob McMillan of IDG published a story giving a preview of our coming Black Hat talk, specifically a preview of the portion of our talk related to GIFARs, media coverage of the research has swirled a bit out of control and there's been some misconceptions.  My co-presenter John Heasman has a write-up on GIFARs that explains this all just a bit more.

August 2, 2008 by in Security

Rise of the 'legit' malware sites

Rise of the 'legit' malware sites

About 75 percent of all Web sites serving up malicious code are legitimate sites that have been hacked/compromised, according to a new report from WebSense.This number validates statistics from ScanSafe showing a dramatic rise in 'good' sites being being used as a conduit for drive-by malware downloads and other social engineering attacks.

August 1, 2008 by in Security

The empty debate over open source security

The empty debate over open source security

Guest editorial by Roger ThorntonLast week, Fortify published a study on adoption of security best-practices within the Open Source community. Given mounting risk posed by extensive use of Open Source technologies within business and government IT, we were gratified to see the passionate discussions that followed.

July 31, 2008 by in Open Source

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories