Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can send tips securely via Signal and WhatsApp to 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Google Android vulnerable to drive-by browser exploit

Google Android vulnerable to drive-by browser exploit

The Google Android operating system is vulnerable to a serious security vulnerability that allows malicious hackers to launch drive-by browser attacks, according to alert from a security research outfit.Technical details of the vulnerability, which occurs because Google Android uses an unpatched open-source software package, is being kept under wraps until a patch is available.

October 27, 2008 by in Mobility

Latest MS Vuln eerily similar to one from two years previous

Latest MS Vuln eerily similar to one from two years previous

The recently discovered critical Windows vulnerability that necessitated an out-of-cycle patch is extremely similar to one that first appeared two years ago. The MS08-067 vulnerability, which was originally spotted by analyzing in-the-wild captures, is remarkably similar to the MS06-040 vulnerability that enabled the spread of a variant of the Mocbot trojan, leading security researchers to believe that it will be used to renovate an old worm.

October 23, 2008 by in Microsoft

MS ships emergency patch for Windows worm hole

MS ships emergency patch for Windows worm hole

Microsoft has released an out-of-band patch to fix an extremely critical worm hole that exposes Windows users to remote code execution attacks.The emergency update comes just one week after the regularly scheduled Patch Tuesday and follows the discovery of a targeted zero-day attack, Microsoft said in an advisory.

October 23, 2008 by in Enterprise Software

Google to introduce warnings for potentially hackable sites

Google to introduce warnings for potentially hackable sites

Last week, Google's Patrick Chapman and Matt Cutts announced that they're experimenting with a new security feature aiming to alert webmasters on the potential for having their sites hacked due to the outdated version of their web applications, starting with Wordpress only :"Recently we've seen more websites get hacked because of various security holes.

October 22, 2008 by in Security

Inside an affiliate spam program for pharmaceuticals

Inside an affiliate spam program for pharmaceuticals

Bargaining with your health doesn't just mean you're heading for a shorter life expectancy, but also, increases the chances that you will either get scammed in the process, or have to pay more in the long-term while dealing with the health issues arising from using expired pharmaceutical with unverifiable origins, you bargained for at the first place.

October 20, 2008 by in Security

Researchers hack wired keyboards, hijack keystrokes

Researchers hack wired keyboards, hijack keystrokes

A team of Swiss researchers say there are several ways to recover keystrokes from wired keyboards by simply measuring the electromagnetic radiations emitted when keys are pressed.In all, the team of researchers from the Security and Cryptography Laboratory in Lausanne, Switzerland, found four  different ways to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls.

October 20, 2008 by in Hardware

Google readying fix for Chrome file download flaw

Google readying fix for Chrome file download flaw

Just hours after the release of the Google Chrome browser last month, researcher Aviv Raff discovered that he could combine two vulnerabilities -- a flaw in Apple Safari (WebKit) and a Java bug -- to trick users into launching executables direct from the new browser. (Here's a demo showing how a Google Chrome users can be lured into downloading and launching a JAR (Java Archive) file that gets executed without warning.

October 20, 2008 by in Security

Security will suffer in the financial crisis

Security will suffer in the financial crisis

As many of you already know, the anti-Midas touch of the financial crisis is spreading to the technology sector. Sequoia Capital, one of the largest VC funds in Silicon Valley, gave a presentation that pretty much said become profitable now or pack up and go home.

October 19, 2008 by in Security

Survey: 88% of Mumbai's wireless networks easy to compromise

Survey: 88% of Mumbai's wireless networks easy to compromise

Deloitte's recently released Wireless Security Survey assessing Mumbai's -- India's financial capital -- state of security awareness in respect to wireless security, shows an ugly picture of insecure wireless networks in both, business, and residential districts. With Mumbai being the home of India's most important financial institutions, next to the majority of multinational corporations, it may also turn into the playground for the next high profile data breach.

October 16, 2008 by in Security

Secunia: popular security suites failing to block exploits

Secunia: popular security suites failing to block exploits

In a recently conducted comparative review, Danish security company Secunia, tested the detection rate of 12 different Internet Security Suites against 300 exploits (144 malicious files and 156 malicious web pages) affecting popular end user applications, to find that even the top performer in the test is in fact performing poorly in general. Their conclusion :"These results clearly show that the major security vendors do not focus on vulnerabilities.

October 14, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories