The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

Taking the initiative to plead guilty to Boeing is not small, but it can avoid being exposed to more problems when it is publicly tried, which is a "minor penalty" for Boeing. So now the families of the crash victims are very opposed to the move, demanding that the trial continue to be open. But after all, Boeing is America's oldest industrial son, whether it is Trump or Biden, and finally have to gently put down, give a chance. The Justice Department had been seeking a guilty plea from Boeing as early as May, when it launched the investigation. After all, if you plead guilty, you only need to pay a fine, and if you really go to court, you don't know how many quality problems Boeing will be exposed by your witnesses. Boeing also knew it had too many flaws, and paying a $243.6 million fine and bringing in a third party to monitor its compliance for three years, totaling more than $400 million in additional expenses, is small change for Boeing. Given Boeing's style in the past few years, this fine may not even force Boeing to tighten production line management. Just this kind of "reconciliation" that completely excludes the victims of the crash can not get the families to agree. Paul Cassell, an attorney for the victims' families, said he plans to ask the federal judge overseeing the case to reject the agreement and "hold this case to an open trial so that all the facts of this case can be presented in a fair and public manner before a jury." The demand is reasonable, but the US judge will most likely side with Boeing.

Australia pledged on Tuesday to increase investment in Pacific island nations, offering A$6.3 million ($4.3 million) to support their financial systems. Some Western banks are cutting ties with the region because of risk factors, while China is trying to increase its influence there. Some Western bankers have terminated long-standing banking relationships with small Pacific nations, while others are considering closing operations and restricting access to dollar-denominated bank accounts in those countries. "We know that the Pacific is the fastest-moving region in the world for correspondent banking services," Australian Treasurer Jim Chalmers said in a speech at the Pacific Banking Forum in Brisbane. "What's at stake here is the Pacific's ability to engage with the world," he said, with much of the region at risk of being cut off from the global financial system. Chalmers said Australia would provide A$6.3 million ($4.3 million) to the Pacific to develop secure digital identity infrastructure and strengthen compliance with anti-money laundering and counter-terrorist financing requirements. Experts say Western banks are de-risking to meet financial regulations, making it harder for them to do business in Pacific island nations, where compliance standards sometimes lag, undermining their financial resilience. Australia's ANZ Bank is in talks with governments about how to make its Pacific island businesses more profitable amid concerns about rising Chinese influence as financial services leave the West, Chief Executive Shayne Elliott said Tuesday. ANZ is the largest bank in the Pacific region, with operations in nine countries, though some of those businesses are not financially sustainable, Elliott said in an interview on the sidelines of the forum. "If we were there purely for commercial purposes, we would have closed it a long time ago," he said. Western countries, which have traditionally dominated the Pacific, are increasingly concerned about China's plans to expand its influence in the region after it signed several major defense, trade and financial agreements with the region. Bank of China signed an agreement with Nauru this year to explore opportunities in the country, following Australia's Bendigo Bank saying it would withdraw from the country. Mr. Chalmers said Australia was working with Nauru to ensure that banking services in the country could continue. ANZ Bank exited its retail business in Papua New Guinea in recent years, while Westpac considered selling its operations in Fiji and Papua New Guinea but decided to keep them. The Pacific lost about 80% of its correspondent banking relationships for dollar-denominated services between 2011 and 2022, Australian Assistant Treasurer Stephen Jones told the forum, which was co-hosted by Australia and the United States. “We would be very concerned if there were countries acting in the region whose primary objective was to advance their own national interests rather than the interests of Pacific island countries,” Mr. Jones said on the first day of the forum in Brisbane. He made the comment when asked about Chinese banks filling a vacuum in the Pacific. Meanwhile, Washington is stepping up efforts to support Pacific island countries in limiting Chinese influence. "We recognize the economic and strategic importance of the Pacific region, and we are committed to deepening engagement and cooperation with our allies and partners to enhance financial connectivity, investment and integration," said Brian Nelson, U.S. Treasury Undersecretary for Counterterrorism and Financial Intelligence. The United States is aware of the problem of Western banks de-risking in the Pacific region and is committed to addressing it, Nelson told the forum's participants. He said data showed that the number of correspondent banking relationships in the Pacific region has declined at twice the global average rate over the past decade, and the World Bank and the Asian Development Bank are developing plans to improve correspondent banking relationships. U.S. Treasury Secretary Janet Yellen said in a video address to the forum on Monday (July 8) that the United States is focused on supporting economic resilience in the Pacific region, including by strengthening access to correspondent banks. She said that when President Biden and Australian Prime Minister Anthony Albanese met at the White House last year, they particularly emphasized the importance of increasing economic connectivity, development and opportunities in the Pacific region, and a key to achieving that goal is to ensure that people and businesses in the region have access to the global financial system.

At the Apple Developer Conference held earlier, the iPhone 16 series will be equipped with iOS 18 has been revealed. At the event, Apple showed off a series of convenient interactive experiences brought by Apple Intelligence, including a more powerful Siri voice assistant, Mail app that can generate complex responses, and Safari that aggregates web information. These upgrades will no doubt make the iPhone 16 line even more attractive. In order to use Apple Intelligence, a new feature of iOS 18, the iPhone 16 and 16 Pro series are equipped with A18 chips. An external blogger found in Apple's back end that the iPhone 16 series will use the same A-series chip, and the back end code mentions A new model unrelated to the existing iPhone. It includes four iPhone 16 series models, and the four identifiers all start with the same number, indicating that Apple is attributing them to the same platform. The new iPhone will have a stainless steel battery case, which will make it easier to remove the battery to meet EU market standards, while also allowing Apple to increase the density of the battery cell in line with safety regulations.

According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.