Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Talking Firefox security with Mozilla's Window Snyder

Talking Firefox security with Mozilla's Window Snyder

LAS VEGAS -- Mozilla security chief Window Snyder wants to open-source much more than the Firefox browser.During a sit-down chat at the Black Hat security conference here, Snyder announced plans to launch three new initiatives around threat modeling, training and vulnerability metrics that push the envelope around sharing and collaborating with the rest of the industry.

August 6, 2008 by in Security

Today's assignment : Coding an undetectable malware

Today's assignment : Coding an undetectable malware

Today's dynamic Internet threatscape is changing so rapidly, that the innovations and creativity applied by malware authors can easily render an information security course's curricular on malware outdated pretty fast, or worse, provide the students with a false feeling of situational awareness about today's malware that's driving the entire cybercrime ecosystem at the end of the day.

August 5, 2008 by in Security

Adobe: Beware of fake Flash downloads

Adobe: Beware of fake Flash downloads

Amidst confirmed reports that malicious hackers are starting to use fake Flash Player downloads as social engineering lures for malware, Adobe has issued a call-to-arms for users to validate installers before downloading software updates.The company's notice comes on the heels of malware attacks on Facebook, MySpace and Twitter that attempt to trick Windows users into installing a Flash Player update that turns out to be a malicious executable.

August 4, 2008 by in Windows

Twitter being used to distribute malware

Twitter being used to distribute malware

Last week, when I wrote about Aviv Raff's auto follow-me vulnerability on Twitter, I warned that it was only a matter of time before we see nasty social engineering (malware) attacks on the popular microblogging service.Well, it's here.

August 4, 2008 by in Security

Purewire raises funding, adds Noonan to board

Purewire raises funding, adds Noonan to board

Purewire, a security start-up competing in the software-as-a-service (Saas) market, has banked $2 million in friends-and-family funding and added industry veteran Tom Noonan to its board of directors.The latest funding round, which was led by Imlay Investments, Inc.

August 4, 2008 by in Cloud

On GIFARs

On GIFARs

Ever since Rob McMillan of IDG published a story giving a preview of our coming Black Hat talk, specifically a preview of the portion of our talk related to GIFARs, media coverage of the research has swirled a bit out of control and there's been some misconceptions.  My co-presenter John Heasman has a write-up on GIFARs that explains this all just a bit more.

August 2, 2008 by in Security

Rise of the 'legit' malware sites

Rise of the 'legit' malware sites

About 75 percent of all Web sites serving up malicious code are legitimate sites that have been hacked/compromised, according to a new report from WebSense.This number validates statistics from ScanSafe showing a dramatic rise in 'good' sites being being used as a conduit for drive-by malware downloads and other social engineering attacks.

August 1, 2008 by in Security

The empty debate over open source security

The empty debate over open source security

Guest editorial by Roger ThorntonLast week, Fortify published a study on adoption of security best-practices within the Open Source community. Given mounting risk posed by extensive use of Open Source technologies within business and government IT, we were gratified to see the passionate discussions that followed.

July 31, 2008 by in Open Source

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories