Zack Whittaker

Zack Whittaker is the security editor for ZDNet, covering cyber and national security. He is based in New York newsroom, and is also found on sister-sites CNET and CBS News. You can reach him with his PGP key: EB6CEEA5.

Charlie Osborne

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charlie currently works as a journalist and photographer -- with the occasional design piece -- and writes for ZDNet, CNET and SmartPlanet. She has particular interests in social media, IP law, social engineering and security.

Latest Posts

Targeted spear phishing attacks

Targeted spear phishing attacks

A colleague of mine, Dave Wong, from Ernst & Young's Advanced Security Center in New York, pointed me to a really interesting article on targeted spear phishing attacks by John Markoff of the New York Times.  Phishing has been really interesting to me lately, as I've seen a wave of discussions, black hat presentations, and technologies abound that deal with phishing and identity theft.

April 16, 2008 by in Collaboration

Mark Dowd's null pointer dereference exploit and advanced Flash ActionScript techiques proove definitively: Aliens Do Exist!

Mark Dowd's null pointer dereference exploit and advanced Flash ActionScript techiques proove definitively: Aliens Do Exist!

Alright, I'm just going to start out with a little background before I start, this particular research was so cool that I've been talking about it all day.  Reading this whitepaper, written by Mark Dowd, was as exciting to me as watching highlights of Michael Jordan sinking that winning shot, which when you look at the replay looks like he's jump kicking Craig Ehlo right in his face.

April 16, 2008 by in Enterprise Software

Oracle patches DB, apps

Oracle patches DB, apps

Oracle on Tuesday delivered 41 patches--including two that are rated the highest risk--for a wide range of products.According to the Oracle security team blog:This Critical Patch Update (CPU) addresses a total of 41 vulnerabilities affecting Oracle Database Server, Oracle Application Express, Oracle Application Server, Oracle E-Business Suite, Oracle Enterprise Manager, Oracle PeopleSoft Enterprise, and Oracle Siebel CRM Applications.

April 15, 2008 by in Enterprise Software

Websense: Microsoft Live Hotmail CAPTCHA hacked in 6 seconds

Websense: Microsoft Live Hotmail CAPTCHA hacked in 6 seconds

Websense says that hackers have streamlined their anti-CAPTCHA tools and can attack Microsoft's Live Hotmail service in about 6 seconds.Websense has been on the CAPTCHA case for a while and the latest attack on Microsoft's Hotmail is an evolutionary leap because hackers' tools are automated and operating almost instantaneously.

April 13, 2008 by in Microsoft

Oracle preps critical database patches

Oracle preps critical database patches

Oracle has announced details of its own patch Tuesday--April 15--with 17 security fixes covering the company's flagship database and 41 patches collectively.Oracle said in an advisory that the patches cover "multiple security vulnerabilities" across its products.

April 11, 2008 by in Data Management

DHS to name new CIO

DHS to name new CIO

The Department of Homeland Security said this week that it will name Richard Mangogna CIO.Mangogna comes to the DHS from Mason Harriman Group, where he was a senior advisory to the firm's agencies.

April 10, 2008 by in CXO

Apple bolsters QuickTime defenses... or do they?

Apple bolsters QuickTime defenses... or do they?

A couple of great articles came out recently, one from Ryan Naraine and one from our very own Larry Dignan, about some of the defenses that Apple is trying to build into QuickTime to defend Vista users.As we've talked about here before, with Vista, it's all about the DEP and the ASLR (ok, and SafeSEH, stack/heap canaries, etc.

April 8, 2008 by in Enterprise Software

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories