Zack Whittaker

Zack Whittaker is the security editor for ZDNet. You can securely reach him on Signal and WhatsApp at 646-755-8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B | Research/security tips email: cingred@protonmail.com.

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

Researcher: Critical vulnerability found in VMware's desktop apps

Researcher: Critical vulnerability found in VMware's desktop apps

Core Security Technologies said Monday that it has discovered vulnerability in VMware's desktop virtualization software that allows an attacker to gain complete control a system and launch executable files on the host operating system.The discovery is notable given that virtualization security is largely uncharted territory.

February 24, 2008 by in Hardware

Cisco confirms vulnerability in 7921 Wi-Fi IP phone

Cisco confirms vulnerability in 7921 Wi-Fi IP phone

Two days after news of the Vocera Wi-Fi VoIP communicator PEAP security bypass vulnerability, I received confirmation from Cisco that their model 7921 Wi-Fi VoIP phone is also vulnerable to the same issue where digital certificates aren't cryptographically verified.  Both Cisco and Vocera have told me that they intend to fix future implementations of PEAP and do the necessary steps to ensure certificate authenticity.

February 22, 2008 by in Cisco

Microsoft: 'We try to reproduce every vulnerability that comes in'

Microsoft: 'We try to reproduce every vulnerability that comes in'

Microsoft outlined what it does with incoming vulnerability research, how it designates flaws and playing the cloak-and-dagger game with hackers.In a Q&A with Ryan Naraine, Jonathan Ness, the lead software engineer on Microsoft's SWI Defense team, addressed a big emerging issue between the software giant and security researchers: Who has the onus to reproduce the flaw?

February 19, 2008 by in Security

Wanted: Black Hat bloggers

Wanted: Black Hat bloggers

Due to a scheduling conflict, I can't make the Black Hat conference so we're calling for guest submissions for Zero Day.In a nutshell, we're looking for brief recaps of the Black Hat presentations and your take on the festivities since I can't be in three places at once.

February 15, 2008 by in Enterprise Software

Opera accuses Mozilla of irresponsible disclosure

Opera accuses Mozilla of irresponsible disclosure

In a blog posted yesterday on Opera's website, blogger Claudio Santambrogio tells us that he isn't happy about the way Mozilla handled an Opera security disclosure.  Here's what Claudio had to say:Mozilla notified us of one security issue ( ) the day before they published their public advisory ( ).

February 14, 2008 by in Enterprise Software

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All

Top Stories