Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can send tips securely via Signal and WhatsApp to 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

OpenSSL patches three security holes

OpenSSL patches three security holes

The OpenSSL Project has released new versions of its popular implementation of the SSL v2/v3 and TLS protocols to fix three security vulnerabilities.According to an advisory from the open-source group, the toolkit update fixes three security flaws that carry "moderate severity" ratings.

March 26, 2009 by in Security

Exploit code sends Mozilla scrambling to fix Firefox

Exploit code sends Mozilla scrambling to fix Firefox

[ UPDATE:  Mozilla has shipped a patch for this vulnerability ]Mozilla's security response team is scrambling to ready a patch for what appears to be a serious security flaw affecting its flagship Firefox browser.The vulnerability, released alongside proof-of-concept code on several security sites, could lead to malicious code execution attacks if a Firefox user is lured to a Web site rigged with exploits.

March 25, 2009 by in Enterprise Software

Cisco IOS patch day covers multiple vulnerabilities

Cisco IOS patch day covers multiple vulnerabilities

Cisco has shipped a batch of patches to cover multiple vulnerabilities affecting IOS, the software that powers the vast majority of Cisco's routers and switches.In all, the company released 8 separate advisories with warnings for information disclosure, privilege escalation, denial-of-service vulnerabilities.

March 25, 2009 by in Cisco

Foxit PDF Reader being exploited in the wild

Foxit PDF Reader being exploited in the wild

Adobe isn't the only PDF software maker facing in-the-wild malware attacks.Just weeks after the availability of patches for critical security flaws in the popular FoxIt Reader, there is word that malicious hackers are already targeting unpatched versions of the software.

March 25, 2009 by in Security

"No more free bugs"?  There never were any free bugs

"No more free bugs"? There never were any free bugs

Vulnerability researchers have always extracted value out of their work, even before there was a monetary value placed on exploits.Security researchers at last week's CanSecWest conference dramatically announced their new philosophy that software vulnerabilities should no longer be given away.

March 24, 2009 by in Security

Study: IE8's SmartScreen leads in malware protection

Study: IE8's SmartScreen leads in malware protection

A recently released NSS Labs study, claims that Internet Explorer 8 greatly outperforms competing browsers in terms of protecting users against web based malware.According to the study based upon a modest sample of 492 URLs, not only is IE8's SmartScreen Filter achieving a leading position against the rest of the popular browsers, but also, it also outperforms them in terms of the average time it takes to block known and already tested malicious sites.

March 24, 2009 by in Security

Ex-botnet master hired by TelstraClear

Ex-botnet master hired by TelstraClear

Remember Owen Thor Walker (AKILL) that got busted in the FBI's "Bot Roast" investigation for operating a 1.3 million hosts botnet in 2007, and even once considered to be offered a job as a cybercrime fighter by detectives impressed by his (mediocre) botnet management skills?

March 23, 2009 by in Government : US

Stealthy router-based botnet worm squirming

Stealthy router-based botnet worm squirming

Researchers at DroneBL have spotted signs of a stealthy router-based botnet worm targeting routers and DSL modems.The worm, called "psyb0t," has been circulating since at least January this year, infecting vulnerable embedded Linux devices such as the Netcomm NB5 ADSL modem (above) and launching denial-of-service attacks on some Web sites.

March 23, 2009 by in Security

BBC: Botnet purchase experiment was in 'public interest'

BBC: Botnet purchase experiment was in 'public interest'

The British Broadcasting Corporation (BBC) is defending its decision to purchase and experiment with a powerful botnet as a public service to expose the inner workings of the underground malware economy.The controversial move, which has been widely criticized, included posing as a customer to buy a piece of software that gave the BBC control of thousands of infected computers around the world.

March 22, 2009 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories