The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

Beijing self-driving cars on the road will usher in legislative protection. Recently, the Beijing Municipal Bureau of Economy and Information Technology solicited comments on the "Beijing Autonomous Vehicle Regulations (Draft for Comment)". The city intends to support the use of autonomous vehicles for urban public electric bus passenger transport, online car booking, car rental and other urban travel services. In addition to application scenarios, the draft for comments also standardizes autonomous driving innovation from many aspects, such as whether there is a driver, how to deal with traffic problems, and so on. The release of the opinion draft also means that the commercialization of automatic driving is accelerating, and perhaps soon we will be able to experience the convenience of automatic driving. In addition, the accelerated pace of autonomous driving, and whether it will have an impact on the taxi and traditional network car industry, it is also worth thinking about.

More than 6,500 employees at South Korea's Samsung Electronics began a three-day mass strike on Monday (July 8), demanding an extra day of paid annual leave, higher pay raises and changes to the way performance bonuses are currently calculated. This is the largest organized strike in Samsung Electronics' more than half century of existence, and the union said that if this strike does not push employees' demands to be met, a new strike may be called. One of the core issues of the current dispute between the labor union and Samsung Electronics is raising wages and increasing the number of paid vacation days. The second demand is a pay rise. The union originally wanted a pay rise of more than 3% for its 855 employees, but last week they changed their demand to include all employees (rather than just 855). The third issue involves performance bonuses linked to Samsung's outsized profits - chip workers did not receive the bonuses last year when Samsung lost about Won15tn and, according to unions, fear they will still not get the money even if the company manages to turn around this year.

Google Wallet can help you store your IDs, driving license, loyalty cards, concert tickets and more. You can also store your payment cards and use tap to pay to pay anywhere Google Pay is accepted. Google wallet is available in various countries but Google never launched it in India. Google let indian users stick with the Gpay which facilitates UPI payments. Tap to pay is not part of it. Also we can not store things such as IDs and Passes in indian version of Gpay. This might change and Google may launch Google Wallet in India. With the recent version of Google Wallet and Google Play Services, Google has added some flags and code which indicate that Google is working on something for Indian users regarding wallet. The first change I noticed recently when going through the Google Play Services apk was addition of two new flags Both flags are part of com.google.android.gms.pay package in the Google Play Services. This package contains all the flags for features of Gpay/Wallet. Google does server side flipping of flags to enable/disable features for users. So both these flags doesn't really provide any info about what features enabling these flags is going to bring. But the point here is that Google Wallet is not launched in India so why Google added these flags inside Play Services ? The answer could be that Google may be working on bringing Google Wallet to India. It can enable tap to pay, store payments and various other features for Indian users which we don't have in the current Gpay for India. I found similar flags in the analysis Google Wallet APK - These flags are also disabled by default. But this is again a clear indication of Google working towards something for Indian users. In both cases, enabling the flags doesn't bring anything noticeable UI or feature because there is nothing much added besides flags. Google has dogfood/testing versions internally, so the code will show up slowly in upcoming versions. The last piece of code I found is also from Google Play Services. In case you don't know, Google was working on Digilocker integration in the Google Files app which was supposed to bring your digital document inside the app such as driving license, COVID certificates, aadhar card. But Google has ditched the effort of bringing these features and they removed the "Important" tab (where digilocker was supposed to be integrated) from the Google Files app completely. So things are going to change and here is how. This is the code which I found in the Google Play Services - So the word "PASS" along with PAN, DRIVERS LICENCE, VACC CERTIFICATE & AADHAR CARD, is clear indication of the possibility of Google adding support for these directly through Google Wallet using Digilocker, just like Samsung Pass does it. This code is not old as I have checked older beta versions of Play Services where this code is not present. Here is a string which was added in a previous beta version a few weeks ago but I completely ignored it because it didn't make any sense without flags and the other code - This addition was surprising because there was nothing regarding digilocker before in the Play Services. In the words "pay_valuable", the "pay" to Wallet/Gpay and "valuable" refers to the things like Passes, loyalty cards and transit cards. Since we are talking about digilocker, these "valuable" are driving license, vaccination certificate, PAN card and Aadhar card which can be store in Google Wallet after digilocker integration. That's all about it. We will know more about it in upcoming app updates or maybe Google can itself annouce something about this.

US President Joe Biden signed an executive order on Wednesday restricting investments in China, intended to further stymie China's advances in three cutting-edge technology areas: semiconductors and microelectronics, quantum information technologies and certain artificial intelligence systems. The "decoupling" of high tech from China began under Donald Trump, and the Biden administration has continued that ambition. However, the new order doesn't target US investments already invested in China, but the new ones. The Biden administration has repeatedly claimed that the US restrictions will be narrowly targeted and will not "have a fundamental impact on affecting the investment climate for China." Biden's new executive order is still subject to consultation with the US business community and the public and is not expected to take effect until next year. The order has been brewed for a long time and has generated a lot of publicity. But almost no one believes that this executive order will deal a new practical blow to Chinese high technology, because almost everyone knows that China needs American technology more than American money. The order has gained much attention because it is seen as part of a broader trend of the US drifting away from China. The promulgation and brewing process of the executive order reflects the strong desire of American political elites to suppress China's high-tech development, as well as a fierce game between those supporting the executive order and the concerns of the technology and economic sectors about a potential backfire on the US. It is a kind of compromise. Washington obviously hopes that major allies will follow Biden's executive order. The UK's Sunak government has made cautious statements, stating that it is consulting business and the financial sector before deciding whether to follow suit. In fact, China also has the ability to influence the extent to which Biden's executive order is implemented, as well as the extent to which the US will go in terms of "decoupling" from China. We are definitely not just passive recipients of US policies. American political elites are eager to "decouple" from China as quickly and deeply as possible, but they fear two things: First, this will immediately damage the performance of relevant high-tech companies in the US, undermine their influence and further innovation. The current Biden administration, in particular, does not want to incur strong resentment from Silicon Valley and Wall Street toward the escalating "decoupling," which will ultimately lead to the loss of support for the Democratic Party. Second, they are afraid of pushing China toward more resolute independent innovation to achieve breakthroughs in key technologies such as chips. If the US "decoupling" policy gives birth to major technological achievements in China, it means that Washington will completely lose the gamble: They originally wants to stifle China's high-tech development, but ends up strangling their own companies. What China needs to do next is to fully unleash our innovation vitality, continuously reduce our dependence on high-tech products from the US, and prove that as long as we are determined to achieve independent innovation, we have the ability to accomplish things. We need to prove that being pressured by the US will only make us stronger. As long as there are several solid proofs of this trend, the US policy community will fall into unprecedented chaos, and their panic will be much more severe than when they saw the rapid expansion of the Chinese economy before Trump started the trade war. Regardless of the future of China-US relations, the current battle will be the key battle that determines the future competition between China and the US. China can only win and cannot afford to lose. High-tech products such as chips are not isolated. The innovation power of China's entire manufacturing industry and the creative vitality of the whole society are the foundation for shaping these key achievements. When pressured by the US, our society needs to generate confidence and resilience from all directions, and we need to accelerate and seize every opportunity, rather than shrink and simply defend. Otherwise, the US will gain the upper hand in momentum, and we will truly be in a passive and defensive position. We must see that the US is on the offensive, but its offensive is becoming weaker and weaker, and it is always hesitant with each step. What is presented to China are difficulties and risks, but also the dawn of victory.