The largest collection of stolen passwords ever has been leaked to a notorious crime marketplace, according to cybersecurity researchers at Cybernews. This leak, dubbed RockYou2024 by its original poster “ObamaCare,” holds a file containing nearly 10 billion unique plaintext passwords. Allegedly gathered from a series of data breaches and hacks accumulated over several years, the passwords were posted on July 4th and hailed as the most extensive collection of stolen and leaked credentials ever seen on the forum. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world,” the researchers told Cybernews. “Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks.” Credential stuffing attacks are among the most common methods criminals, ransomware affiliates, and state-sponsored hackers use to access services and systems. Threat actors could exploit the RockYou2024 password collection to conduct brute-force attacks against any unprotected system and “gain unauthorized access to various online accounts used by individuals whose passwords are included in the dataset,” the research team said. This could affect online services, cameras and hardware This could affect various targets, from online services to internet-facing cameras and industrial hardware. “Moreover, combined with other leaked databases on hacker forums and marketplaces, which, for example, contain user email addresses and other credentials, RockYou2024 can contribute to a cascade of data breaches, financial frauds, and identity thefts,” the team concluded. However, despite the seriousness of the data leak, it is important to note that RockYou2024 is primarily a compilation of previous password leaks, estimated to contain entries from a total of 4,000 massive databases of stolen credentials, covering at least two decades. This new file notably includes an earlier credentials database known as RockYou2021, which featured 8.4 billion passwords. RockYou2024 added approximately 1.5 billion passwords to the collection, spanning from 2021 through 2024, which, though a massive figure, is only a fraction of the reported 9,948,575,739 passwords in the leak. Thus, users who have changed their passwords since 2021 may not have to panic about a potential breach of their information. That said, the research team at Cybernews stressed the importance of maintaining data security. In response to the leak, they recommend immediately changing the passwords for any accounts associated with the leaked credentials, ensuring each password is strong and unique and not reused across different platforms. Additionally, they advised enabling multi-factor authentication (MFA), which requires an extra form of verification beyond the password, wherever possible, to strengthen cyber security. Lastly, tech users should utilize password manager software, which securely generates and stores complex passwords, mitigating the risk of password reuse across multiple accounts.

The U.S. Navy's Pacific Fleet announced on Wednesday (May 22) that the 2024 Rim of the Pacific Exercise (RIMPAC 2024) is expected to take place on June 26, with 29 countries participating in and around the Hawaiian Islands, a larger lineup than the previous exercise in 2022. The Philippines, which has had multiple maritime conflicts with China recently, and Japan, which has tense diplomatic relations with China, will send troops to participate. China has been excluded from participating in the international military exercise since 2018, and its aggressive actions and reactions are causing tensions in the Pacific region to continue to rise. The biennial Rim of the Pacific military exercise is the world's largest international maritime exercise. The U.S. Navy said that the exercise will last until August 2, and it is expected to involve 29 countries, 40 surface ships, 3 submarines, 14 countries' army forces, more than 150 aircraft and more than 25,000 personnel. The U.S. Navy said that the theme of the 29th RIMPAC 2024 is "Partners: Integrated and Ready", emphasizing inclusiveness as the core, promoting multinational cooperation and trust, and using military interoperability to achieve their respective national goals to strengthen integrated and ready alliance partners. Its goal is to "enhance collective strength and promote a free and open Indo-Pacific region" through joint training and operations. The 29 countries participating in the exercise this year include Australia, Belgium, Brazil, Brunei, Canada, Chile, Colombia, Denmark, Ecuador, France, Germany, India, Indonesia, Israel, Italy, Japan, Malaysia, Mexico, the Netherlands, New Zealand, Peru, South Korea, the Philippines, Singapore, Sri Lanka, Thailand, Tonga, the United Kingdom and the United States. Compared with the 28th RIMPAC held in 2022, which involved 26 countries, 38 surface ships, 4 submarines, 9 countries' army forces, more than 170 aircraft, and about 25,000 officers and soldiers, the number of countries, ships and army forces participating in this exercise has increased. The countries participating in this year's RIMPAC military exercise include all members of the Quadrilateral Security Dialogue (QUAD) between the United States, Japan, India and Australia, and the Australia-UK-US Trilateral Security Partnership (AUKUS), as in the previous exercise. In addition, countries surrounding the South China Sea and the South Pacific island nation of Tonga are also participating. Many analysts believe that the military exercise itself is sending a message to China: China's expansion in the Western Pacific region will be blocked and defeated. The United States invited China to participate in the RIMPAC military exercise twice in 2014 and 2016. In 2018, due to China's expansion in the South China Sea, the United States withdrew its invitation to China. In addition, despite Taiwan's repeated willingness to participate, Taiwan is still not included in the 29 countries participating in this year's RIMPAC military exercise. Analysts pointed out that the US-led RIMPAC military exercise is intended to unite allies to militarily intimidate China. If Taiwan is invited to join, it will be too provocative to China, which will not only aggravate the tension between the United States and China, but also embarrass some allies. The U.S. Navy said the commander of the U.S. Third Fleet will serve as the commander of the joint task force for the exercise, while Chilean Navy Commodore Alberto Guerrero will serve as deputy commander of the joint task force, which is a first in the history of the RIMPAC military exercise. In addition, Japan Maritime Self-Defense Force Rear Admiral Kazushi Yokota will also serve as deputy commander. Other key leaders of the multinational force exercise include Canadian Commodore Kristjan Monaghan, who will command the maritime forces, and Australian Air Force Commodore Louise Desjardins, who will command the air forces. According to the U.S. Stars and Stripes, Vice Admiral Michael Boyle is currently the commander of the U.S. Third Fleet. Vice Admiral John Wade has been nominated to replace Boyle. The U.S. Navy press release said the exercise will enhance the ability of international joint forces to "deter and defeat aggression by major powers in all domains and conflict levels," but did not provide specific information on which exercises will be held this summer. Previous RIMPAC training exercises have included sinking ships at sea with missiles, amphibious landings and the first landing of a Marine Corps Osprey aircraft on an Australian ship.

July 4 (Reuters) - A hacker gained access to the internal messaging systems at OpenAI last year and stole details about the design of the company's artificial intelligence technologies, the New York Times reported, opens new tab on Thursday. The hacker lifted details from discussions in an online forum where employees talked about OpenAI's latest technologies, the report said, citing two people familiar with the incident. However, they did not get into the systems where OpenAI, the firm behind chatbot sensation ChatGPT, houses and builds its AI, the report added. OpenAI executives informed both employees at an all-hands meeting in April last year and the company's board about the breach, according to the report, but executives decided not to share the news publicly as no information about customers or partners had been stolen. OpenAI executives did not consider the incident a national security threat, believing the hacker was a private individual with no known ties to a foreign government, the report said. The San Francisco-based company did not inform the federal law enforcement agencies about the breach, it added. OpenAI in May said it had disrupted five covert influence operations that sought to use its AI models for "deceptive activity" across the internet, the latest to stir safety concerns about the potential misuse of the technology. The Biden administration was poised to open up a new front in its effort to safeguard the U.S. AI technology from China and Russia with preliminary plans to place guardrails around the most advanced AI Models including ChatGPT, Reuters earlier reported, citing sources.

July 8 (Reuters) - Microsoft (MSFT.O), opens new tab intends to offer Apple's (AAPL.O), opens new tab iOS-based devices to its employees in China to access authentication apps, a company spokesperson said on Monday, citing absence of Google's (GOOGL.O), opens new tab Android services in the country. Microsoft has been under increased scrutiny after a series of security breaches, the latest being that of Russian hackers who spied and accessed emails of the company's employees and customers earlier this year. The development was first reported by Bloomberg News, which, citing an internal memo, said the Windows OS-maker instructed its employees in China to use Apple devices at workplace from September. As a part of Microsoft's global Secure Future Initiative, the move to switch to iOS-devices stems from the lack of availability of Google Play Store in China that limits its employees' access to security apps such as Microsoft Authenticator and Identity Pass, the report added. "Due to the lack of availability of Google Mobile Services in this region, we look to offer employees a means of accessing these required apps, such as an iOS device," a company spokesperson told Reuters in an email. Microsoft is among those U.S. companies that have a strong presence in China. It entered the Chinese market in 1992 and also operates a large research and development center in the country. The company will provide iPhone 15 models to employees, currently using Android handsets across China, including Hong Kong, the Bloomberg report said.

A look at the day ahead in U.S. and global markets from Mike Dolan After an intense month focused on election risk around the world, markets quickly switched back to the more prosaic matter of the cost of money - and whether disinflation is resuming to the extent it allows borrowing costs to finally fall. Thursday's U.S. consumer price update for June is the key moment of the week for many investors - with the headline rate expected to have fallen two tenths of a percentage point to 3.1% but with 'core' rates still stuck at 3.4%. With Federal Reserve chair Jerome Powell starting his two-pronged semi-annual congressional testimony later on Tuesday, the consensus CPI forecast probably reflects what the central bank thinks of the situation right now - encouraging but not there yet. But as the U.S. unemployment rate is now back above 4.0% for the first time since late 2021, markets may look for a more nuanced approach from the Fed chair that sees it increasingly wary of a sudden weakening of the labor market as real time quarterly GDP estimates ebb again to about 1.5%. There were some other reasons for Fed optimism in the lead up to the testimony. The path U.S. inflation is expected to follow over coming years generally softened in June, amid retreating projections of price increases for a wide array of consumer goods and services, a New York Fed survey showed on Monday. Inflation a year from now was seen at 3% as of June - down from the expected rise of 3.2% in May - and five-year expectations fell to 2.8% from 3%. Crude oil prices are better behaved this week, too, falling more than 3% from the 10-week highs hit late last week and halving the annual oil price gain to 10%. The losses on Tuesday came after a hurricane that hit a key U.S. oil-producing hub in Texas caused less damage than many in markets had expected - easing concerns over supply disruption. Before Powell starts speaking later, there will also be an update on U.S. small business confidence for last month.