Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Sony PlayStation's site SQL injected, redirecting to rogue security software

Sony PlayStation's site SQL injected, redirecting to rogue security software

The latest high trafficked web site to fall victim into the continuing waves of massive SQL injection attacks courtesy of copycats and the ASProx botnet, is Sony's PlayStation U.S site according to a recent post at SophosLabs's blog :"Researchers at IT security firm Sophos have warned lovers of video games that pages on the US-based Sony PlayStation website have been compromised by hackers.

July 2, 2008 by in Security

Blizzard introducing two-factor authentication for WoW gamers

Blizzard introducing two-factor authentication for WoW gamers

Password stealing malware targeting popular MMORPGs such as World of Warcraft for instance, has become so prevalent, that video game developers are taking their authentication model a step further, by introducing two-factor authentication into play. And while marketable, is the new authentication layer actually useful in a real life situation?

July 1, 2008 by in Security

Google ships open-source Web security assessment tool

Google ships open-source Web security assessment tool

The Google security team has released a free, open-source Web app security assessment tool capable of flagging vulnerabilities and potential security threats in Internet-facing applications.The tool, called Ratproxy, is described as a passive Web application security audit tool designed to analyze legitimate, browser-driven interactions with tested Web applications -- to automatically pinpoint, annotate, and prioritize potential flaws or areas of concern on the fly.

July 1, 2008 by in Google

Study: 637 million Google users surfing with insecure browser

Study: 637 million Google users surfing with insecure browser

According to a new study from researchers at Google, IBM and ETH Zurich, there are about 637 million Google users surfing the Internet with a vulnerable Web browser.Using data from Google search queries and security vulnerability aggregator Secunia, the study (HTML or PDF) found that a whopping 45 percent of Google users "were not using the most secure Web browser version on any working day from January 2007 to June 2008.

July 1, 2008 by in Enterprise Software

About that cellular interference...

About that cellular interference...

So... maybe it is a real problem.  Pedram Amini (top picture on the right), noted researcher and reverse engineer, posted an article to the Tipping Point DVLabs blog on some interesting observations he made on cellular interference.

July 1, 2008 by in iPhone

Exploit code released for unpatched IE 7 vulnerability

Exploit code released for unpatched IE 7 vulnerability

Another day, another gaping hole affecting fully patched versions of Microsoft's Internet Explorer browser.According to a warning from US-CERT, proof-of-concept exploit code has been published for a new zero-day bug that can be used for a variety of malicious attacks against Windows users running IE 6, IE 7, and IE 8 beta 1.

June 30, 2008 by in Enterprise Software

Big Brother Getting Bigger Part 1: USA

Big Brother Getting Bigger Part 1: USA

Eek, from Slashdot today:The FBI has confirmed to Popular Mechanics that it's not only adding palm prints to its criminal records, but preparing to balloon its repository of photos, which an agency official says 'could be the basis for our facial recognition.' It's all part of a new biometric software system that could store millions of iris scans within 10 years and has privacy advocates crying foul.

June 30, 2008 by in Security

Critical security alert issued for Tor

Critical security alert issued for Tor

If you use Tor for anonymity/privacy on the Web, you might want to pay attention to this critical security announcement from project leader Roger Dingledine.According to the advisory, a known vulnerability in the Debian GNU/Linux distribution's OpenSSL package could allow an attacker to figure out private keys generated by these buggy versions of the OpenSSL library.

June 27, 2008 by in Security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories