Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

China detains web site defacer spreading earthquake rumors

China detains web site defacer spreading earthquake rumors

The Xinhua news agency is reporting that the web site defacer which I mentioned in a previous post regarding the use of web site defacements as tools for psychological operations, has been located and detained in less than a week after he defaced the Seismic Emergency and Public Center of the Guangxi province where he left a fake message on an upcoming earthquake that's going to hit China.

June 18, 2008 by in Security

Finjan uncovers half a gigabyte of stolen data on crimeware servers

Finjan uncovers half a gigabyte of stolen data on crimeware servers

Finjan's Malicious Code Research Center has uncovered a half of gigabyte of stolen data from US Healthcare organizations and from a major airline on crimeware servers in Argentina and Malaysia.A representative of Finjan stated:"Hackers incorporated sophisticated attacks using crimeware toolkits, Trojans, and Command and Control servers to drive traffic from a specific region with specific characteristics.

June 17, 2008 by in Tech & Work

Fresh off the press: iPhoneDbg toolkit hotness

Fresh off the press: iPhoneDbg toolkit hotness

The guys at Core Security just released an iPhoneDbg toolkit that should make exploit development for the iPhone much easier.  This is outstanding news for all, as I think there has been a lot of concern over the quick rise of mobile devices and the new security concerns that they create.

June 17, 2008 by in iPhone

How to recover GPcode encrypted files?

How to recover GPcode encrypted files?

Got backups? In response to the security community's comments on the futile attempt to directly attack the 1024 bit RSA keys using distributed computing, Kaspersky Labs are now reasonably recommending that affected end users lacking backups of their encrypted data, take advantage of data recovery tools :Currently, it's not possible to decrypt files encrypted by Gpcode.

June 15, 2008 by in Security

Hacking SCADA for terrorism and destruction

Hacking SCADA for terrorism and destruction

SCADA scares me, and I've seen enough things on the Internet to be desensitized to many things, but attacks against SCADA threaten our national security in a very real and topical way by attacking power grids, water treatment plants, nuclear plants, etc.  Hacking networks that SCADA devices reside on and using that access to interact with the SCADA system is nothing really new, it's been covered in the media quite a bit...

June 11, 2008 by in Networking

Fake ImageShack site serving malware, links distributed over IM

Fake ImageShack site serving malware, links distributed over IM

In a combination of domain typosquatting next to spoofed image files, malware authors managed to successfully impersonate ImageShack, the 5th largest image hosting website on the Internet, the result of which is a malware campaign circulating over MSN, enticing users into infecting themselves by clicking on the spammed links to fake image files.

June 10, 2008 by in Security

Proof of Concept "carpet bombing" exploit released in the wild

Proof of Concept "carpet bombing" exploit released in the wild

In what appears to be an attempt to provoke Apple to reconsider its currently passive position on the severity of the dubbed as "carpet bomb" flaw, a working Proof of Concept exploit code has been released at Liu Die Yu's security blog :Nitesh Dhanjani discovered that Safari for Windows puts downloads automatically to Desktop and argued this can potentially make a mess of Desktop, naming it the effect of "Safari Carpet Bomb".

June 10, 2008 by in Windows

What's wrong with an exploit being sexy?

What's wrong with an exploit being sexy?

First off, let me start by saying _dietrich has been following our blog for quite some time and is a consistent poster, providing good advice on how to use Linux securely, sometimes as an alternative to Windows technologies.  I wouldn't have commented about this in a blog posting, except that I took some offense to the way that Dietrich characterized my article in remarks on his blog.

June 10, 2008 by in Enterprise Software

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories