The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

The world's deepest diving pool, Deepspot, opened this weekend near the Polish capital Warsaw. The 45.5-meter pool contains artificial underwater caves, Mayan ruins and a small shipwreck for scuba divers and free divers to explore. Deepspot can hold 8,000 cubic meters of water, more than 20 times the capacity of a normal 25-meter swimming pool. Unlike ordinary swimming pools, Deepspot can still open despite Poland's COVID-19 epidemic prevention restrictions because it is a training center that provides courses. The operator also plans to open a hotel where guests can observe divers at a depth of 5 meters from their rooms. "This is the deepest diving pool in the world," Michael Braszczynski, 47, Deepspot's director and a diving enthusiast, told AFP at the opening yesterday. The current Guinness World Record holder is a 42-meter-deep pool in Montegrotto Terme, Italy. The 50-meter-deep Blue Abyss pool in the UK is scheduled to open in 2021. On the first day of Deepspot's opening, about a dozen people visited, including eight experienced divers who wanted to pass the instructor exam. "There are no spectacular fish or coral reefs here, so it can't replace the ocean, but it is certainly a good place to learn and train safe open water diving," said 39-year-old diving instructor Przemyslaw Kacprzak. "And it's fun! It's like a kindergarten for divers."

AIRO, July 8 (Reuters) - A new Israeli assault on Gaza on Monday threatened ceasefire talks at a crucial moment, the head of Hamas said, as Israeli tanks pressed into the heart of Gaza City and ordered residents out after a night of massive bombardment. Residents said the airstrikes and artillery barrages were among the heaviest in nine months of conflict between Israeli forces and Hamas militants in the enclave. Thousands fled. The assault unfolded as senior U.S. officials were in the region pushing for a ceasefire after Hamas made major concessions last week. The militant group said the new offensive appeared intended to derail the talks and called for mediators to rein in Israel's Prime Minister Benjamin Netanyahu. The assault "could bring the negotiation process back to square one. Netanyahu and his army will bear full responsibility for the collapse of this path," Hamas quoted leader Ismail Haniyeh as saying. Gaza City, in the north of the Palestinian enclave, was one of Israel's first targets at the start of the war in October. But clashes with militants there have persisted and civilians have sought shelter elsewhere, adding to waves of displacement. Much of the city lies in ruins. Residents said Gaza City neighbourhoods were bombed through the night into the early morning hours of Monday. Several multi-storey buildings were destroyed, they said. The Gaza Civil Emergency Service said it believed dozens of people were killed but emergency teams were unable to reach them because of ongoing offensives. Gaza residents said tanks advanced from at least three directions on Monday and reached the heart of Gaza City, backed by heavy Israeli fire from the air and ground. That forced thousands of people out of their homes to look for safer shelter, which for many was impossible to find, and some slept on the roadside.

July 8 (Reuters) - Microsoft (MSFT.O), opens new tab intends to offer Apple's (AAPL.O), opens new tab iOS-based devices to its employees in China to access authentication apps, a company spokesperson said on Monday, citing absence of Google's (GOOGL.O), opens new tab Android services in the country. Microsoft has been under increased scrutiny after a series of security breaches, the latest being that of Russian hackers who spied and accessed emails of the company's employees and customers earlier this year. The development was first reported by Bloomberg News, which, citing an internal memo, said the Windows OS-maker instructed its employees in China to use Apple devices at workplace from September. As a part of Microsoft's global Secure Future Initiative, the move to switch to iOS-devices stems from the lack of availability of Google Play Store in China that limits its employees' access to security apps such as Microsoft Authenticator and Identity Pass, the report added. "Due to the lack of availability of Google Mobile Services in this region, we look to offer employees a means of accessing these required apps, such as an iOS device," a company spokesperson told Reuters in an email. Microsoft is among those U.S. companies that have a strong presence in China. It entered the Chinese market in 1992 and also operates a large research and development center in the country. The company will provide iPhone 15 models to employees, currently using Android handsets across China, including Hong Kong, the Bloomberg report said.

NEW DELHI, July 9 (Reuters) - India's beleaguered Paytm (PAYT.NS), opens new tab has secured approval from a government panel that oversees investments linked to China to invest 500 million rupees ($6 million) in a key subsidiary, three sources with direct knowledge of the matter said. The approval, which still has to be vetted by the finance ministry, will remove the main stumbling block to the unit, Paytm Payment Services, resuming normal business operations. Paytm Payment Services is one of the biggest remaining parts of the fintech firm's business, accounting for a quarter of consolidated revenue in the financial year ended March 2023. A separate unit, Paytm Payments Bank, was wound down this year by order of the central bank due to persistent compliance issues, triggering a meltdown in Paytm's stock. The government panel had earlier held back approval due to concerns about the 9.88% stake in Paytm held by China's Ant Group. India has intensified scrutiny of Chinese businesses since a 2020 border clash between the two countries. All in all, Paytm has been waiting for the nod from the government panel for about two years and without it, it would have had to also wind down its payment services business, which was forbidden from taking on new customers in March 2023. Once the approval has been formalised, it will be able to seek a so-called "payment aggregator" licence from the Reserve Bank of India. The sources, two of whom are government sources, declined to be identified as the decision has not been formally announced. India's foreign, home, finance and industries ministries, whose representatives sit on the panel, did not reply to emails seeking comment. A Paytm spokesperson said the company does not comment on market speculation. "We will continue to make disclosures in compliance with our obligations under the SEBI Regulations, and will inform the exchanges when there is any new material information to share," the spokesperson said.