The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

July 9 (Reuters) - German sportscar maker Porsche (P911_p.DE), opens new tab said on Tuesday that global vehicle deliveries were down 7% in the first half of the year compared to the same period in 2023, primarily driven by a 33% year-on-year drop in China. Porsche, majority-owned by Volkswagen (VOWG_p.DE), opens new tab, is highly exposed to the EU-China tariff tensions, with deliveries to China accounting for nearly 20% of global deliveries. An HSBC analyst pointed to weakness in the European car market, saying that "the market is, understandably, worried about China pricing weakness and the prospect of needing to pay dealer compensation." Overall, Porsche delivered 155,945 cars worldwide during the first six months of the year. In North America, deliveries were down 6% year-on-year. Meanwhile, in Porsche’s home market of Germany, deliveries increased by 22% to 20,811 vehicles.

New York CNN — A record number of passengers are expected to pass through US airports this holiday travel week. You’d think this would be a great time to run an airline. You’d be wrong. Airlines face numerous problems, including higher costs, such as fuel, wages and interest rates. And problems at Boeing mean airlines have too few planes to expand routes to support a record numbers of flyers. Strong bookings can’t entirely offset that financial squeeze. The good news for passengers is they will be spared most of the problems hurting airlines’ bottom lines — at least in the near term. Airfares are driven far more by supply and demand, not their costs. But in the long run, the airlines’ difficulties could mean fewer airline routes, less passenger choice and ultimately a less pleasant flying experience. Profit squeeze Industry analysts expect airlines to report a drop of about $2 billion in profit, or 33%, when they report financial results for the April to June period this year. That would follow losses of nearly $800 million across the industry in the first quarter. Labor costs and jet fuel prices, the airlines’ two largest costs, are both sharply higher this year. Airline pilot unions just landed double-digit pay hikes to make up for years of stagnant wages; flight attendant unions now want comparable raises. Jet fuel prices are climbing because of higher demand in the summer. According to the International Air Transport Association’s jet fuel monitor, prices are up 1.4% in just the last week, and about 4% in the last month. Adding to the airlines’ problems is the crisis at Boeing, as well as the less-well-publicized problems with some of the jet engines on planes from rival Airbus. Since an Alaska Airlines Boeing 737 Max jet lost a door plug on a January 5 flight, leaving a gaping hole in the side of the plane 10 minutes after takeoff, the Federal Aviation Administration has limited how many jets Boeing can make over concerns about quality and safety. As a result, airlines have dramatically reduced plans to expand their fleets and replace older planes with more fuel efficient models. In some cases, airlines have asked pilots to take time off without pay, and carriers such as Southwest and United have announced pilot hiring freezes. In addition to the problems at Boeing, hundreds of the Airbus A220 and A320 family of jets globally have also been grounded for at least a month or more to deal with engine problems. Just about all the planes with those engines have been out of sevice for at least a few days to undergo examinations. And Airbus has also cut back the number of planes it expects to deliver to airlines this year because of supply chain problems. Problems for flyers For now, competition in the industry remains fierce: There are 6% more seats available this month compared to July of 2023, according to aviation analytics firm Cirium. And that’s helped to drive fares down — good news for passengers, but more bad news for airlines’ profits. Southwest announced in April that it would stop serving four airports to trim costs — Bellingham International Airport in Washington state, Cozumel International Airport in Mexico, Syracuse Hancock International Airport in New York and Houston’s George Bush Intercontinental Airport. Many more cities lost air service during the financial hard times of the pandemic. While upstart airlines are driving prices lower for travelers, those discount carriers might not survive long term. As the major carriers are making less money, many of the upstarts are flat-out losing money.

According to AndroidAuthority, the Linux kernel used by Android devices is mostly derived from Google's Android Universal Kernel (ACK) branch, which is created from the Android mainline kernel branch when new LTS versions are released upstream. For example, when kernel version 6.6 is announced as the latest LTS release, an ACK branch for Android15-6.6 appears shortly after, with the "android15" in the name referring to the Android version of the kernel (in this case, Android 15). Google maintains its own set of LTS kernel branches for three main reasons. First, Google can integrate upstream features that have not yet been released into the ACK branch by backporting or picking, so as to meet the specific needs of Android. Second, Google can include some features that are being developed upstream in the ACK branch ahead of time, making it available for Android devices as early as possible. Finally, Google can add some vendor or original equipment manufacturer (OEM) features for other Android partners to use. Once created, Google continues to update the ACK branch to include not only bug fixes for Android specific code, but also to integrate the LTS merge content of the upstream kernel branch. For example, the Linux kernel vulnerability disclosed in the July 2024 Android security bulletin will be fixed through these updates. However, it is not easy to distinguish a bug fix from other bug fixes, as a patch that fixes a bug may also accidentally plug a security vulnerability that the submitter did not know about or chose not to disclose. Google does its best to recognize this, but it inevitably misses the mark, resulting in bug fixes for the upstream Linux kernel being released months before Android devices. As a result, Google has been urging Android vendors to regularly update the LTS kernel to avoid being caught off guard by unexpectedly disclosed security vulnerabilities. Clearly, the LTS version of the Linux kernel is critical to the security of Android devices, helping Google and vendors deal with known and unknown security vulnerabilities. The longer the support period, the more timely security updates Google and vendors can provide to devices.

Members of the National Samsung Electronics Union stage a rally near the company's Hwaseong Campus in Gyeonggi Province, Monday, beginning a three-day strike. Korea Times photo by Shim Hyun-chul By Nam Hyun-woo The biggest labor union at Samsung Electronics initiated a three-day strike on Monday, threatening to disrupt the company's chip manufacturing lines unless management agrees to a wage hike and higher incentives. This marks the first strike by unionized workers in the tech giant's 55-year history. The National Samsung Electronics Union (NSEU) claimed that about 4,000 unionized workers from Samsung's plants nationwide participated in a rally at the company's Hwaseong Campus in Gyeonggi Province. Police estimated that approximately 3,000 union members were present at the rally. According to its own survey, the union reported that a total of 6,540 members expressed their intention to participate in the strike. They emphasized that disruptions in manufacturing are anticipated, with over 5,000 members from facility, manufacturing, and development divisions joining the strike. The comments seem to address market expectations that the walkout is unlikely to cause significant disruptions in the chipmaker's operations, largely because most manufacturing lines are automated. The union said that it may launch another strike for an undetermined period, unless management responds to the union’s demand. Since January, the union has been pressing management for a higher wage increase rate for all members, fulfillment of promises regarding paid leave, and improvements to incentive criteria. With negotiations at an impasse, the union announced on May 29 that it would launch a strike. The NSEU has some 30,000 members, accounting for 24 percent of all Samsung employees. Among the union members, about 80 percent work at the device solutions division, which manufactures semiconductors.