Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can send tips securely via Signal and WhatsApp to 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Adobe: Turn off JavaScript in PDF Reader

Adobe: Turn off JavaScript in PDF Reader

In response to confirmed reports of a zero-day vulnerability in its PDF Reader software, Adobe today urged users on all platforms to disable JavaScript as a temporary measure to avoid code execution attacks.In sharp contrast to previous problems in responding to known security issues, the company acted swiftly to provide information on the affected software versions and offer mitigation guidance to its customers.

April 28, 2009 by in Enterprise Software

Swine flu email scams circulating

Swine flu email scams circulating

Opportunistic scammers and spammers are actively exploiting the swine flu buzz across the web by spamvertising links to pharmaceutical scams, and bogus 'Swine Flu Survival Guides' using search engine optimization of typosquatted domains related to the outbreak.

April 28, 2009 by in Enterprise Software

Internet Explorer + Google Chrome = security problem

Internet Explorer + Google Chrome = security problem

Security problems surrounding protocol handling and Web browsers have surfaced again -- this time with Google Chrome and Microsoft's Internet Explorer.According to an advisory from the Google Chrome team, there's an error in handling URLs with the a chromehtml: protocol that could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk under certain conditions.

April 27, 2009 by in Security

Is Twitter finally taking security seriously?

Is Twitter finally taking security seriously?

Now that Oprah's all a twitter, it looks like everyone's favorite micro-blogging tool is finally taking a hard look at security.According to a job listing posted online, Twitter is searching for software engineers to focus specifically on application and infrastructure security.

April 27, 2009 by in Security

Macs in the enterprise: The security conundrum

Macs in the enterprise: The security conundrum

Guest editorial by Andrew StormsManaging IT for a software company has its challenges.  For me, the lines between efficiency, security and innovation are difficult to draw at a company like nCircle where engineers require some freedom to perform their best.

April 27, 2009 by in Security

Mozilla patches a dozen Firefox vulnerabilities

Mozilla patches a dozen Firefox vulnerabilities

Mozilla has shipped a refresh of its flagship Firefox browser to fix a dozen documented vulnerabilities that expose users to URL spoofing, cross-site scripting, code injection and code execution attacks.The most serious fix (MFSA 2009-14) covers four browser engine and JavaScript engine crashes where Mozilla's developers found evidence of memory corruption.

April 22, 2009 by in Security

Google's CAPTCHA experiment and the human factor

Google's CAPTCHA experiment and the human factor

Any research is prone to irrelevance if it starts with the wrong research questions, takes the wrong perspective, or in this case, attempts to fight the wrong enemy - automated bots attempting to recognize CAPTCHAs.Researchers at Google recently released a paper detailing a new CAPTCHA system consisting of correct image rotation (Socially Adjusted CAPTCHAs) whose main purpose is to make it easier for humans, and much harder for bots to recognize them.

April 20, 2009 by in Google

iBotnet: Researchers find signs of zombie Macs

iBotnet: Researchers find signs of zombie Macs

Malware hunters at Symantec have discovered a direct link between a malicious file embedded in pirated copies of Apple’s iWork 09 software and what appears to be the first Mac OS X botnet launching denial-of-service attacks.Writing in the current issue of Virus Bulletin (subscription required), researchers Mario Ballano Barcena and Alfredo Pesoli found two malware variants -- OSX.

April 16, 2009 by in Enterprise Software

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories