Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Dan Geer leaves Verdasys for In-Q-Tel

Dan Geer leaves Verdasys for In-Q-Tel

Dan Geer, a risk-management pioneer who is often described as "the dean of the security deep-thinkers' set," has left Verdasys to join In-Q-Tel as chief information security officer.Geer (left) will remain on the masthead at Verdasys as Chief Scientist Emeritus.

May 28, 2008 by in Security

Adobe Flash zero-day exploit in the wild

Adobe Flash zero-day exploit in the wild

[ See important update to this story here ]Malware hunters have spotted a previously unknown -- and unpatched -- Adobe Flash vulnerability being exploited in the wild.The zero-day flaw has been added to the Chinese version of the MPack exploit kit and there are signs that the exploits are being injected into third-party sites to redirect targets to malware-laden servers.

May 27, 2008 by in Enterprise Software

Scam calls... something we've forgot about?

Scam calls... something we've forgot about?

I was thinking about the problem of identity theft today and looked back at notes I took during Nitesh Dhanjani and Billy Rios's presentation at Black Hat and Blue Hat recently and I came to the realization that our government should be doing more about this crap.You see, identity theft is an economy itself.

May 27, 2008 by in Banking

Cisco confirms possibility of IOS rootkits

Cisco confirms possibility of IOS rootkits

On the heels of an EUSecWest conference presentation on malicious rootkits for Cisco IOS (see background), Cisco's security response team has published a must-read document confirming that stealthy malware can be loaded on the software used on the vast majority of its routers and network switches.Cisco warns:It is possible that an attacker could insert malicious code into a Cisco IOS software image and load it onto a Cisco device that supports that image.

May 27, 2008 by in Cisco

Open source software security improving

Open source software security improving

You cannot say something's good or bad unless you benchmark or compare it against something else. According to the Linus's Law, "given enough eyeballs, all bugs are shallow", a mentality which when combined with static code analysis of the most popular and widely used open source projects such as Firefox, Linux and PHP and benchmark it against 250 other open source projects, can truly make an impact.

May 26, 2008 by in Security

Top ten worst spam registrars notified by ICANN

Top ten worst spam registrars notified by ICANN

In a reponse to the recently released cluster analysis of the top 10 worst domain registrars in terms of spam and junk content hosting domains, the ICANN has taken steps to approach the non-compliant registrars :More than half of those registrars named had already been contacted by ICANN prior to publication of KnujOn’s report, and the remainder have since been notified following an analysis of other sources of data, including ICANN’s internal database.

May 26, 2008 by in Enterprise Software

Tracking down the Storm Worm malware

Tracking down the Storm Worm malware

What is the current state of Storm Worm activity, how many infected IPs are found to host the malware on a daily basis, which are the latest domains used by the Storm Worm, and which countries have the largest infected population?

May 26, 2008 by in Security

Malware-infected USB drives distributed at security conference

Malware-infected USB drives distributed at security conference

The folks at Australian mega-telco Telstra are wiping eggs from their faces after distributing malware-infected USB drives to attendees at this year's AusCERT security conference.AusCERT's marketing manager Claire Groves confirmed the USB sticks came certified pre-owned (thanks Dan Geer) and were given out at a tutorial at the conference.

May 22, 2008 by in Hardware

Gaping holes in Trillian IM client

Gaping holes in Trillian IM client

Trillian users beware:  There are multiple serious security holes in the popular cross-platform IM application.According to alerts issued by TippingPoint's Zero Day Initiative (ZDI), the vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Trillian Pro.

May 22, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories