link1s.site

The largest password leak in history exposes nearly 10 billion credentials

The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews.

This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords.

Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum.

“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.”

Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems.

Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said.

This could affect online services, cameras and hardware

This could affect various targets, from online services to internet-facing cameras and industrial hardware.

“Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded.

However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades.

This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak.

Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information.

That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms.

Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security.

Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

SpaceX astronaut returns with an incredible change in his body
A provocative new study reveals the complex effects of the space environment on human health, providing insight into potential damage to blood, cell structure and the immune system. The study focused on SpaceX's Inspiration4 mission, which successfully sent two men and two women into space in 2021 to orbit the Earth for three days and shed some light on the effects of space travel on the human body. The research data, derived directly from the Inspiration4 mission, shows that even a brief trip to space can significantly damage the human immune system, trigger an inflammatory response, and profoundly affect cell structure. In particular, space travel triggered unprecedented changes in cytokines that play a key role in immune response and muscle regulation but are not usually directly associated with inflammation. In particular, the study found a significant increase in muscle factors, which are physiological responses specific to skeletal muscle cells in microgravity, rather than a simple immune response. Although non-muscular tissues did not show changes in proteins associated with inflammation, specific leg muscles such as soleus and tibialis anterior muscles showed significant signs of metabolic activity, especially increased interleukin in the latter, further enhancing the activation of immune cells.
"Corrupt Politicians GPT" "Fiscal Bill GPT", Kenyan protesters use AI to "protest"
In the past few weeks of anti-government activities in Kenya, AI tools have been creatively used by protesters to serve protests. According to the US "Flag" News Agency on July 5, protests in Kenya triggered by the 2024 fiscal bill are still continuing. In the past few weeks, Kenyan protesters, mainly young people, have creatively developed a series of AI tools to assist anti-government activities. The Kenyan government expressed concern about the risks associated with the use of AI tools in protests. Kelvin Onkundi, a software engineer in Kenya, developed the "Fiscal Bill GPT", which operates similarly to ChatGPT and can receive questions about the fiscal bill and generate responses. Martin Siele, a reporter from the "Flag" News Agency, analyzed: "The 'Fiscal Bill GPT' can convert professional terms in many legislative fields into easy-to-understand information for protesters, helping Kenyans understand the potential impact of the fiscal bill." Another software engineer, Marion Kavengi, developed the "SHIF GPT" to provide Kenyans with information about the upcoming Social Health Insurance Fund (SHIF). In addition to AI tools designed to help people understand controversial policies, protesters have also developed "Corrupt Politicians GPT" to assist protest demonstrations. After entering the name of a politician on the platform, the platform will generate a list of corruption scandals about the politician in chronological order. Developer BenwithSon wrote on the social platform X on June 28: "'Corrupt Politicians GPT' allows people to search for any scandal related to any politician. I have seen some leaders stand at the forefront of the political arena, but they are corrupt behind the scenes." Kenyan Chief Minister and Foreign Minister Mudavadi issued a communiqué to ambassadors of various countries in Nairobi on July 2 local time on protests and relevant government measures, expressing concerns about the use of AI and false information in protests. Mudavadi said: "AI technology is used by people with ulterior motives, which will fill the global information system with false narratives." The Kenya Times reported on June 30 that AI technology enables people to force the government to increase transparency and strengthen accountability, and its role in Kenyan political activities is becoming increasingly prominent. Martin Siller believes that AI is reshaping African political behavior in many ways. AI is a new tool for both governments and opposition parties in Africa, but Kenya is one of the African countries with the most developers, and its young protesters are particularly good at using AI technology to fight the government. The 2024 fiscal bill voted and passed by the Kenyan National Assembly on June 25 clearly stated that additional taxes will be levied to repay the interest on high sovereign debt, triggering large-scale demonstrations. After President Ruto announced the withdrawal of the tax increase bill on the evening of the 26th, demonstrations in many parts of Kenya continued. According to Reuters on July 3, Kenyan anti-government protesters are re-adjusting their activities to prevent the protests from turning into violent incidents.
Exclusive: India's Paytm gets government panel nod to invest in payments arm, sources say
NEW DELHI, July 9 (Reuters) - India's beleaguered Paytm (PAYT.NS), opens new tab has secured approval from a government panel that oversees investments linked to China to invest 500 million rupees ($6 million) in a key subsidiary, three sources with direct knowledge of the matter said. The approval, which still has to be vetted by the finance ministry, will remove the main stumbling block to the unit, Paytm Payment Services, resuming normal business operations. Paytm Payment Services is one of the biggest remaining parts of the fintech firm's business, accounting for a quarter of consolidated revenue in the financial year ended March 2023. A separate unit, Paytm Payments Bank, was wound down this year by order of the central bank due to persistent compliance issues, triggering a meltdown in Paytm's stock. The government panel had earlier held back approval due to concerns about the 9.88% stake in Paytm held by China's Ant Group. India has intensified scrutiny of Chinese businesses since a 2020 border clash between the two countries. All in all, Paytm has been waiting for the nod from the government panel for about two years and without it, it would have had to also wind down its payment services business, which was forbidden from taking on new customers in March 2023. Once the approval has been formalised, it will be able to seek a so-called "payment aggregator" licence from the Reserve Bank of India. The sources, two of whom are government sources, declined to be identified as the decision has not been formally announced. India's foreign, home, finance and industries ministries, whose representatives sit on the panel, did not reply to emails seeking comment. A Paytm spokesperson said the company does not comment on market speculation. "We will continue to make disclosures in compliance with our obligations under the SEBI Regulations, and will inform the exchanges when there is any new material information to share," the spokesperson said.
Boeing will be fined 3.5 billion yuan for "conspiracy to defraud" in two air crashes. Will the company slide into the abyss?
Taking the initiative to plead guilty to Boeing is not small, but it can avoid being exposed to more problems when it is publicly tried, which is a "minor penalty" for Boeing. So now the families of the crash victims are very opposed to the move, demanding that the trial continue to be open. But after all, Boeing is America's oldest industrial son, whether it is Trump or Biden, and finally have to gently put down, give a chance. The Justice Department had been seeking a guilty plea from Boeing as early as May, when it launched the investigation. After all, if you plead guilty, you only need to pay a fine, and if you really go to court, you don't know how many quality problems Boeing will be exposed by your witnesses. Boeing also knew it had too many flaws, and paying a $243.6 million fine and bringing in a third party to monitor its compliance for three years, totaling more than $400 million in additional expenses, is small change for Boeing. Given Boeing's style in the past few years, this fine may not even force Boeing to tighten production line management. Just this kind of "reconciliation" that completely excludes the victims of the crash can not get the families to agree. Paul Cassell, an attorney for the victims' families, said he plans to ask the federal judge overseeing the case to reject the agreement and "hold this case to an open trial so that all the facts of this case can be presented in a fair and public manner before a jury." The demand is reasonable, but the US judge will most likely side with Boeing.
Diphtheria outbreak in Vietnam kills one person
On the afternoon of July 8, local time, the Vietnamese Ministry of Health issued a notice stating that an 18-year-old girl in the country died of diphtheria. The Ministry of Health asked Nghe An Province and Bac Giang Province to take urgent action to control the epidemic. Diphtheria is an acute respiratory infectious disease caused by Corynebacterium diphtheriae, which is mainly transmitted through droplets and can also be indirectly transmitted by contact with objects containing Corynebacterium diphtheriae. Severe cases may show symptoms of poisoning throughout the body, complicated by myocarditis and peripheral nerve paralysis.