The Register
Wanted. Top infosec pros willing to defend Britain on shabby salaries
While the wages paid by governments seldom match those available in the private sector, it appears that the UK's intelligence, security and cyber agency is a long way short of being competitive in its quest for talent.…
JPMorgan Chase sues scammers following viral 'infinite money glitch'
JPMorgan Chase has begun suing fraudsters who allegedly stole thousands of dollars from the bank's ATMs after a check fraud glitch went viral on social media.…
Feds investigate China's Salt Typhoon amid campaign phone hacks
The feds are investigating Chinese government-linked cyberspies breaking into the infrastructure of US telecom companies, as reports suggest Salt Typhoon - the same crew believed to be behind those hacks - has also been targeting phones belonging to people affiliated with US Democratic presidential candidate Kamala Harris, along with Republican candidate Donald Trump and his running mate, JD Vance.…
Brazen crims selling stolen credit cards on Meta's Threads
Exclusive Brazen crooks are selling people's pilfered financial information on Meta's Threads, in some cases posting full credit card details, plus stolen credentials, alongside images of the cards themselves.…
Delta officially launches lawyers at $500M CrowdStrike problem
Delta Air Lines is suing CrowdStrike in a bid to recover the circa $500 million in estimated lost revenue months after the cybersecurity company "caused" an infamous global IT outage.…
Dutch cops pwn the Redline and Meta infostealers, leak 'VIP' aliases
Dutch police (Politie) say they've dismantled the servers powering the Redline and Meta infostealers – two key tools in a modern cyber crook's arsenal.…
WordPress forces user conf organizers to share social media credentials, arousing suspicions
Organisers of WordCamps, community-organized events for WordPress users, have been ordered to take down some social media posts and share their login credentials for social networks.…
Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns
in brief Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based domain registrars seem to keep popping up as, at best, negligent facilitators of election meddling. …
Worker surveillance must comply with credit reporting rules
The US Consumer Financial Protection Bureau on Thursday published guidance advising businesses that third-party reports about workers must comply with the consent and transparency requirements set forth in the Fair Credit Reporting Act.…
Just how private is Apple's Private Cloud Compute? You can test it to find out
In June, Apple used its Worldwide Developer Conference to announce the creation of the Private Cloud Compute platform to run its AI Intelligence applications, and now it's asking people to stress test the system for security holes.…
Putin's pro-Trump trolls accuse Harris of poaching rhinos
Russian, Iranian, and Chinese trolls are all ramping up their US election disinformation efforts ahead of November 5, but – aside from undermining faith in the democratic process and confidence in the election result – with very different objectives, according to Microsoft.…
AWS Cloud Development Kit flaw exposed accounts to full takeover
Amazon Web Services has fixed a flaw in its open source Cloud Development Kit that, under the right conditions, could allow an attacker to hijack a user's account completely.…
Emergency patch: Cisco fixes bug under exploit in brute-force attacks
Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service attacks.…
Bitwarden's FOSS halo slips as new SDK requirement locks down freedoms
The Bitwarden online credentials storage service is changing its build requirements – which some commentators feel mean it's no longer FOSS.…
Ransomware's ripple effect felt across ERs as patient care suffers
Ransomware infected 389 US healthcare organizations this fiscal year, putting patients' lives at risk and costing facilities up to $900,000 a day in downtime alone, according to Microsoft.…
Voice-enabled AI agents can automate everything, even your phone scams
Scammers, rejoice. OpenAI's real-time voice API can be used to build AI agents capable of conducting successful phone call scams for less than a dollar.…
China's top messaging app WeChat banned from Hong Kong government computers
Hong Kong’s government has updated infosec guidelines to restrict the use of Chinese messaging app WeChat, alongside Meta and Google products like WhatsApp and Google Drive, on computers it operates.…
Anthropic's latest Claude model can interact with computers – what could go wrong?
The latest version of AI startup Anthropic's Claude 3.5 Sonnet model can use computers – and the developer makes it sound like that's a good thing.…
Perfctl malware strikes again as crypto-crooks target Docker Remote API servers
An unknown attacker is abusing exposed Docker Remote API servers to deploy perfctl cryptomining malware on victims' systems, according to Trend Micro researchers.…
Samsung phone users under attack, Google warns
A nasty bug in Samsung's mobile chips is being exploited by miscreants as part of an exploit chain to escalate privileges and then remotely execute arbitrary code, according to Google security researchers.…