link1s.site

The largest password leak in history exposes nearly 10 billion credentials

The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews.

This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords.

Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum.

“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.”

Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems.

Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said.

This could affect online services, cameras and hardware

This could affect various targets, from online services to internet-facing cameras and industrial hardware.

“Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded.

However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades.

This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak.

Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information.

That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms.

Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security.

Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

UAE insurance sector continued to grow in Q4-23: CBUAE

The UAE insurance sector continued to grow in Q4-2023, as reflected by increase in the gross written premiums. As of year-end, the number of licensed insurance companies in the UAE remained at 60, according to the Central Bank of the UAE's (CBUAE) Quarterly Economic Review (Q4-2023). The insurance sector comprised 23 traditional national companies, 10 Takaful national and 27 foreign companies, while the number of insurance related professions remained at 491. The review on insurance sector structure and activity showed that the gross written premium increased by 12.7% Y-o-Y in Q4 2023 to AED 53.2 billion, mostly due to an increase in health insurance premiums by 16.5% Y-o-Y and an increase in property and liability insurance premiums by 18.9% Y-o-Y, while the insurance of persons and fund accumulation premiums decreased by 12.4% Y-o-Y, resulting primarily from decrease in individual life premiums. Gross paid claims of all types of insurance plans increased by 12.8% Y-o-Y to AED 31.1 billion at the end of 2023. This was mainly driven by the increase in claims paid in health insurance by 16.9% Y-o-Y and increase in paid claims in property and liability insurance by 10.9% Y-o-Y, partially offset by the decline in claims paid in insurance of persons and fund accumulation by 2.8% Y-o-Y. The total technical provisions of all types of insurance increased by 8.4% Y-o-Y to AED 74.4 billion in Q4 2023 compared to AED68.6 billion in Q4 2022. The volume of invested assets in the insurance sector amounted to AED 76 billion (60.4% of total assets) in Q4 2023 compared to AED 71.4 billion (59.4% of total assets) in Q4 2022. The retention ratio of written insurance premiums for all types of insurance was 52.9 % (AED 28.1 billion) in Q4 2023, compared to 54.9% (AED 25.9 billion) at the end of 2022. The UAE insurance sector remained well capitalized in terms of early warning ratios and risk assessment. Own funds to minimum capital requirement ratio increased to 335.7% in Q4 2023, compared to 309.3% at the end of 2022, due to an increase in own funds eligible to meet the minimum capital requirements. Also, own funds to solvency capital requirement ratio rose to 221% in Q4 2023 compared to 208.5% in Q4 2022, due to an increase in own funds eligible to meet solvency capital requirements. Finally, own funds to minimum guarantee fund ratio reached to 316.3% at the end of 2023 down from 314.6% a year earlier, due to higher eligible funds to meet minimum guarantee funds. In terms of profitability, the net total profit to net written premiums increased to 6.5% in Q4 2023, compared to 2.9% at the end of 2022. The return on average assets increased to 0.3% in Q4 2023 compared to the 0.1% at the of the previous year.

See Pregnant Margot Robbie Debut Her Baby Bump

This Barbie is going to be a mother. And Margot Robbie has no problem putting her burgeoning baby bump on full display. In fact, the Barbie star, who is pregnant with her Tom Ackerley’s first baby, debuted recently her bump while vacationing on Italy’s Lake Como with her husband July 7. For the outing, Margot donned a black blazer over a white tee that was cropped above her stomach, showing off a sweet baby bump. She finished off the look with low-rise black trousers, black platform sandals and a summery straw bag. For his part, Tom—whom Margot wed in a 2016 ceremony in her native Australia—wore olive green trousers and a cream-colored button-down shirt and tan sneakers. The couple were photographed waiting on a dock in Lake Como before they hopped in a boat and sailed off into a literal sunset. While Margot and Tom, both 34, haven’t spoken publicly about their upcoming bundle of joy, the I, Tonya alum has previously expressed hope to have a big family one day. As she told Porter in 2018, “If I'm looking into my future 30 years from now, I want to see a big Christmas dinner with tons of kids there.” Tom and Margot’s new chapter comes over ten years after their love story first began on the set of 2014's Suite Française, in which Margot starred while Tom worked as a third assistant director. But while she was immediately smitten, Margot was convinced her love would go unrequited. "I was always in love with him, but I thought, ‘Oh, he would never love me back,'" she admitted to Vogue in 2016. "'Don't make it weird, Margot. Don't be stupid and tell him that you like him.' And then it happened, and I was like, ‘Of course we're together. This makes so much sense, the way nothing has ever made sense before.'"

Hamas chief says latest Israeli attack on Gaza could jeopardise ceasefire talks

AIRO, July 8 (Reuters) - A new Israeli assault on Gaza on Monday threatened ceasefire talks at a crucial moment, the head of Hamas said, as Israeli tanks pressed into the heart of Gaza City and ordered residents out after a night of massive bombardment. Residents said the airstrikes and artillery barrages were among the heaviest in nine months of conflict between Israeli forces and Hamas militants in the enclave. Thousands fled. The assault unfolded as senior U.S. officials were in the region pushing for a ceasefire after Hamas made major concessions last week. The militant group said the new offensive appeared intended to derail the talks and called for mediators to rein in Israel's Prime Minister Benjamin Netanyahu. The assault "could bring the negotiation process back to square one. Netanyahu and his army will bear full responsibility for the collapse of this path," Hamas quoted leader Ismail Haniyeh as saying. Gaza City, in the north of the Palestinian enclave, was one of Israel's first targets at the start of the war in October. But clashes with militants there have persisted and civilians have sought shelter elsewhere, adding to waves of displacement. Much of the city lies in ruins. Residents said Gaza City neighbourhoods were bombed through the night into the early morning hours of Monday. Several multi-storey buildings were destroyed, they said. The Gaza Civil Emergency Service said it believed dozens of people were killed but emergency teams were unable to reach them because of ongoing offensives. Gaza residents said tanks advanced from at least three directions on Monday and reached the heart of Gaza City, backed by heavy Israeli fire from the air and ground. That forced thousands of people out of their homes to look for safer shelter, which for many was impossible to find, and some slept on the roadside.

Samsung hit the biggest strike! Over 6,500 people attended.

More than 6,500 employees at South Korea's Samsung Electronics began a three-day mass strike on Monday (July 8), demanding an extra day of paid annual leave, higher pay raises and changes to the way performance bonuses are currently calculated. This is the largest organized strike in Samsung Electronics' more than half century of existence, and the union said that if this strike does not push employees' demands to be met, a new strike may be called. One of the core issues of the current dispute between the labor union and Samsung Electronics is raising wages and increasing the number of paid vacation days. The second demand is a pay rise. The union originally wanted a pay rise of more than 3% for its 855 employees, but last week they changed their demand to include all employees (rather than just 855). The third issue involves performance bonuses linked to Samsung's outsized profits - chip workers did not receive the bonuses last year when Samsung lost about Won15tn and, according to unions, fear they will still not get the money even if the company manages to turn around this year.

Google extends Linux kernel support to 4 years

According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.