The Register

Health care breaches lead to legislation

Partner Content  Breaches breed regulation; which hopefully in turn breeds meaningful change.…

Patch up: The Spring framework dominates the Java ecosystem

If you're running an application built using the Spring development framework, now is a good time to check it's fully updated – a new, critical-severity vulnerability has just been disclosed.…

It's not just the French president, Biden and Putin also reportedly trackable

The French equivalent of the US Secret Service may have been letting their guard down, as an investigation showed they are easily trackable via the fitness app Strava.…

Only took 'em a year to dish up some scary travel advice, and a Secure Innovation … Placemat?

Cyber security agencies from the Five Eyes nations have delivered on a promise to offer tech startups more guidance on how to stay secure.…

GCHQ job ads seek top talent with bottom-end pay packets

While the wages paid by governments seldom match those available in the private sector, it appears that the UK's intelligence, security and cyber agency is a long way short of being competitive in its quest for talent.…

ATMs paid customers thousands ... and now the bank wants its money back

JPMorgan Chase has begun suing fraudsters who allegedly stole thousands of dollars from the bank's ATMs after a check fraud glitch went viral on social media.…

'They're taunting us,' investigator says and it looks like it's working

The feds are investigating Chinese government-linked cyberspies breaking into the infrastructure of US telecom companies, as reports suggest Salt Typhoon - the same crew believed to be behind those hacks - has also been targeting phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican candidate Donald Trump and his running mate, JD Vance.…

The platform 'continues to take action' against illegal posts, we're told

Exclusive  Brazen crooks are selling people's pilfered financial information on Meta's Threads, in some cases posting full credit card details, plus stolen credentials, alongside images of the cards themselves.…

Legal action comes months after alleging negligence by Falcon vendor

Delta Air Lines is suing CrowdStrike in a bid to recover the circa $500 million in estimated lost revenue months after the cybersecurity company "caused" an infamous global IT outage.…

Legal proceedings underway with more details to follow

Dutch police (Politie) say they've dismantled the servers powering the Redline and Meta infostealers – two key tools in a modern cyber crook's arsenal.…

One told to take down posts that said nice things about WP Engine

Organisers of WordCamps, community-organized events for WordPress users, have been ordered to take down some social media posts and share their login credentials for social networks.…

Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more

in brief  Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based domain registrars seem to keep popping up as, at best, negligent facilitators of election meddling. …

US Consumer Financial Protection Bureau demands transparency, accountability from sellers of employee metrics

The US Consumer Financial Protection Bureau on Thursday published guidance advising businesses that third-party reports about workers must comply with the consent and transparency requirements set forth in the Fair Credit Reporting Act.…

Also updates bug bounty program with $1M payout

In June, Apple used its Worldwide Developer Conference to announce the creation of the Private Cloud Compute platform to run its AI Intelligence applications, and now it's asking people to stress test the system for security holes.…

Plus: Iran's IRGC probes election-related websites in swing states

Russian, Iranian, and Chinese trolls are all ramping up their US election disinformation efforts ahead of November 5, but – aside from undermining faith in the democratic process and confidence in the election result – with very different objectives, according to Microsoft.…

Remember Bucket Monopoly? Yeah, it gets worse

Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a user's account completely.…

Who doesn't love abusing buggy appliances, really?

Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service attacks.…

Arguments continue but change suggests it's not Free Software anymore

The Bitwarden online credentials storage service is changing its build requirements – which some commentators feel mean it's no longer FOSS.…

389 US healthcare orgs infected this year alone

Ransomware infected 389 US healthcare organizations this fiscal year, putting patients' lives at risk and costing facilities up to $900,000 a day in downtime alone, according to Microsoft.…

All for the low, low price of a mere dollar

Scammers, rejoice. OpenAI's real-time voice API can be used to build AI agents capable of conducting successful phone call scams for less than a dollar.…