Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Big Brother Getting Bigger Part 1: USA

Big Brother Getting Bigger Part 1: USA

Eek, from Slashdot today:The FBI has confirmed to Popular Mechanics that it's not only adding palm prints to its criminal records, but preparing to balloon its repository of photos, which an agency official says 'could be the basis for our facial recognition.' It's all part of a new biometric software system that could store millions of iris scans within 10 years and has privacy advocates crying foul.

June 30, 2008 by in Security

Critical security alert issued for Tor

Critical security alert issued for Tor

If you use Tor for anonymity/privacy on the Web, you might want to pay attention to this critical security announcement from project leader Roger Dingledine.According to the advisory, a known vulnerability in the Debian GNU/Linux distribution's OpenSSL package could allow an attacker to figure out private keys generated by these buggy versions of the OpenSSL library.

June 27, 2008 by in Security

Internet Explorer 'feature' causing drive-by malware attacks

Internet Explorer 'feature' causing drive-by malware attacks

My colleague at Kaspersky Lab Roel Schouwenberg (see disclosure) has discovered a drive-by malware download taking advantage of what Microsoft describes as an Internet Explorer "feature" to launch cross-site scripting attacks.The attack, discovered at a compromised legitimate site, is using a modified GIF file to exploit the cross-site scripting feature/vulnerability.

June 27, 2008 by in Enterprise Software

Tech heavyweights launch security response consortium

Tech heavyweights launch security response consortium

Interesting bit of news coming out of the FIRST Conference in Vancouver today:  Five big-name IT firms have created a non-profit consortium aimed at "proactively driving excellence and innovation in security response."The group -- called ICASI (Industry Consortium for Advancement of Security on the Internet) -- counts Cisco, IBM, Intel, Juniper Networks and Microsoft Corp among its founding members.

June 26, 2008 by in Security

Zero-day flaw haunts Internet Explorer

Zero-day flaw haunts Internet Explorer

An unpatched cross-domain vulnerability in Microsoft's flagship Internet Explorer browser could expose Windows users to cookie hijacks and credentials theft attacks, according to a warning from security researchers.The zero-day flaw, which has been reported to Microsoft, is a variation of Eduardo Vela's IE Ghost Busters talk:Do you believe in ghosts?

June 25, 2008 by in Enterprise Software

Yahoo swats serious cross-site scripting bug

Yahoo swats serious cross-site scripting bug

Web application security firm Cenzic has flagged a serious cross-site scripting vulnerability affecting millions of Yahoo Mail users.The flaw, which was patched by Yahoo on June 13,  opened the door for hackers to steal Yahoo identities and gain access to users' sensitive and private information.

June 24, 2008 by in Collaboration

Another Trojan hits Mac OS X

Another Trojan hits Mac OS X

From a Slashdot article posted by "kdawson", written by "Don't Believe in Imaginary Property": "F-Secure is reporting that there are two new Mac OS X trojans. The first is just a proof-of-concept from the MacShadows people that takes advantage of the unpatched ARDAgent vulnerability to get root access when run by the user.

June 24, 2008 by in Apple

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories