Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CNET News.com. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine. He's a graduate of the Columbia School of Journalism and the University of Delaware.

Charlie Osborne

Charlie Osborne is a cybersecurity journalist and photographer who writes for ZDNet and CNET from London. PGP Key: AF40821B

Catalin Cimpanu

Catalin Cimpanu is a security reporter at ZDNet, where he covers cyber-security, data breaches, hacking, and other related topics. He previously served as security reporter for Bleeping Computer and Softpedia. Catalin is based in Romania.

Jennifer Leggio

Jennifer Leggio has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices. PGP Key: 3A708289 | She prefers other contact on Twitter via @mediaphyter.

Latest Posts

RIM ships fix for BlackBerry code execution bug

RIM ships fix for BlackBerry code execution bug

Just a quick note to update a story I wrote last week on an unpatched remote execution vulnerability affecting BlackBerry business users:Research in Motion (RIM) has finally shipped patches to cover the issue, which affects the BlackBerry Attachment Service component of the BlackBerry Enterprise Server.From the alert:A security vulnerability exists in the PDF distiller of some released versions of the BlackBerry Attachment Service.

July 22, 2008 by in Hardware

A look at the recent Firefox 3 vulnerability

A look at the recent Firefox 3 vulnerability

True to form, Billy Rios promised a more in depth look at the MSFA2008-35 vulnerability which is another protocol handler flaw in Firefox 3.  As previously reported here, this was another protocol handler flaw that led to arbitrary remote command execution, and is especially dangerous since it can be deployed widely through the use of a cross-site scripting attack vector.

July 22, 2008 by in Enterprise Software

E-gold owners plead guilty to money laundering

E-gold owners plead guilty to money laundering

Wow, big morning!  If anyone has seen Nitesh Dhanjani and Billy Rios's talk on phishing and identity theft, which was presented at the last couple Black Hat conferences, and will be on display again at Black Hat Vegas, you know that the identity theft market is a huge problem.

July 22, 2008 by in Security

Vulnerability disclosure gone awry: Understanding the DNS debacle

Vulnerability disclosure gone awry: Understanding the DNS debacle

On July 7, the day before the release of the patch for the now infamous DNS design flaw, hacker Dan Kaminsky (with the help of Black Hat conference organizers) invited reporters to a press conference to "discuss the massive multivendor patch being released this Tuesday.""A synchronized release of this magnitude has not happened before," read the invitation sent to the Black Hat conference press list.

July 22, 2008 by in Security

Has Halvar figured out super-secret DNS vulnerability?

Has Halvar figured out super-secret DNS vulnerability?

[ UPDATE:  Kaminsky has all but confirmed that, yes, the cat is out of the bag ]It looks very much like the nitty gritty of Dan Kaminsky's super-secret -- and heavily hyped -- DNS cache poisoning vulnerability has been figured out by reverse engineering guru Halvar Flake.Clearly irked by a demand request from Kaminsky and others to avoid speculating on the details of the flaw until the patch is fully deployed, Flake (left) published a guess on how to reliably forge and poison DNS lookups.

July 21, 2008 by in Enterprise Software

2008 Pwnie Award nominees announced

2008 Pwnie Award nominees announced

Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on.  From the site:The final list of nominees for the nine Pwnie Award categories is finally published.

July 21, 2008 by in Security

Kaspersky's Malaysian site hacked by Turkish hacker

Kaspersky's Malaysian site hacked by Turkish hacker

According to Zone-h.org, Kaspersky's Malaysian site has been defaced by a Turkish hacker during the weekend, through a SQL injection, leaving the following message - "hacked by m0sted And Amen Kaspersky Shop Hax0red No War Turkish Hacker Thanx to Terrorist Crew all team members".

July 20, 2008 by in Security

Spam coming from free email providers increasing

Spam coming from free email providers increasing

After analyzing three weeks of spam data between June 13 to July 3, 2008, Roaring Penguin Software Inc. found evidence that spam originating from the top three free email providers (Gmail, Yahoo Mail and Hotmail) is increasing, with spammers in favor of abusing Gmail's privacy preserving feature of not including the sender's original IP in outgoing emails :"Spammers are increasingly using free e-mail providers to avoid IP address-based reputation systems.

July 18, 2008 by in Security

Unpatched code execution bug haunts BlackBerry

Unpatched code execution bug haunts BlackBerry

Security alerts aggregator Secunia has raised an alarm for a "highly critical" vulnerability that puts users of the BlackBerry Enterprise Server at risk of code execution attacks.Technical details of bug are not available but Secunia says it is caused by an unspecified error in the BlackBerry Attachment Service when processing PDF files.

July 17, 2008 by in BlackBerry

Ringleader of cybercrime group to be offered a job as cybercrime fighter

Ringleader of cybercrime group to be offered a job as cybercrime fighter

Owen Thor Walker, a 18 years old ringleader of an international cybercrime group, known as AKILL, part of the A-Team, a group of 8 script kiddies which were all caught in a operation called "Operation Bot Roast II" bust executed by the FBI and several international law enforcement agencies in 2007, responsible for pump'n'dump stock price manipulations through spam, infecting 1.

July 16, 2008 by in Security

Top Stories