Esper: The world's biggest tech companies have lost confidence in one of the Internet's behind-the-scenes gatekeepers. Microsoft, Mozilla, and Google are dropping TrustCor Systems as a root certificate authority in their products. Starting in Chrome version 111 for desktops, the browser will no longer trust certificates issued by TrustCor Systems. The same change is coming to Android, but unlike Chrome for desktops, Android's root certificate store can't be updated independently of the OS, meaning it'll take some time for the certificate changes to roll out. Thankfully, that may no longer be the case in Android 14, as Google is preparing to implement updatable root certificates in the next release.

Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in November. BleepingComputer reports: In credential stuffing attacks, automated tools are used to make a massive number of attempts to sign into accounts using credentials (user/password pairs) stolen from other online services. [...] In a data breach notification filed with the Main Attorney General's office, DraftKings disclosed that the data of 67,995 people was exposed in last month's incident. The company said the attackers obtained the credentials needed to log into the customers' accounts from a non-DraftKings source.

"In the event an account was accessed, among other things, the attacker could have viewed the account holder's name, address, phone number, email address, last four digits of payment card, profile photo, information about prior transactions, account balance, and last date of password change," the breach notification reads. "At this time, there is currently no evidence that the attackers accessed your Social Security number, driver's license number or financial account number. While bad actors may have viewed the last four digits of your payment card, your full payment card number, expiration date, and your CVV are not stored in your account."

After detecting the attack, DraftKings reset the affected accounts' passwords and said it implemented additional fraud alerts. It also restored the funds withdrawn as a result of the credential attack, refunding up to $300,000 identified as stolen during the incident, as DraftKings President and Cofounder Paul Liberman said in November. The common denominator for user accounts that got hijacked seems to be an initial $5 deposit followed by a password change, enabling two-factor authentication (2FA) on a different phone number and then withdrawing as much as possible from the victims' linked bank accounts. While DraftKings has not shared additional info on how the attackers stole funds, BleepingComputer has since learned that the attack was conducted by a threat actor selling stolen accounts with deposit balances on an online marketplace for $10 to $35. The sales included instructions on how the buyers could make $5 deposits and withdraw all of the money from hijacked DraftKings user accounts. "After DraftKings announced the credential stuffing attack, they locked down the breached accounts, with the threat actors warning that their campaign was no longer working," adds the report.

"The company is now advising customers never to use the same password for multiple online services, never share their credentials with third-party platforms, turn on 2FA on their accounts immediately, and remove banking details or unlink their bank accounts to block future fraudulent withdrawal requests."

An anonymous reader quotes a report from Ars Technica: Federal prosecutors have charged two men with allegedly taking part in a spree of swatting attacks against more than a dozen owners of compromised Ring home security cameras and using that access to livestream the police response on social media. Kya Christian Nelson, 21, of Racine, Wisconsin, and James Thomas Andrew McCarty, 20, of Charlotte, North Carolina, gained access to 12 Ring cameras after compromising the Yahoo Mail accounts of each owner, prosecutors alleged in an indictment filed Friday in the Central District of California. In a single week starting on November 7, 2020, prosecutors said, the men placed hoax emergency calls to the local police departments of each owner that were intended to draw an armed response, a crime known as swatting.

On November 8, for instance, local police in West Covina, California, received an emergency call purporting to come from a minor child reporting that her parents had been drinking and shooting guns inside the minor's home. When police arrived at the residence, Nelson allegedly accessed the residence's Ring doorbell and used it to verbally threaten and taunt the responding officers. The indictment alleges the men helped carry out 11 similar swatting incidents during the same week, occurring in Flat Rock, Michigan; Redding, California; Billings, Montana; Decatur, Georgia; Chesapeake, Virginia; Rosenberg, Texas; Oxnard, California; Darien, Illinois; Huntsville, Alabama; North Port, Florida; and Katy, Texas.

Prosecutors alleged that the two men and a third unnamed accomplice would first obtain the login credentials of Yahoo accounts and then determine if each account owner had a Ring account that could control a doorbell camera. The men would then use their access to gather the names and other information of the account holders. The defendants then placed the hoax emergency calls and waited for armed officers to respond. It's not clear how the defendants allegedly obtained the Yahoo account credentials. A separate indictment filed in November in the District of Arizona alleged that McCarty participated in swatting attacks on at least 18 individuals. Both men are charged with one count of conspiracy to intentionally access computers without authorization. Nelson was also charged with two counts of intentionally accessing without authorization a computer and two counts of aggravated identity theft. If convicted, both men face a maximum penalty of five years in prison. Nelson faces an additional maximum penalty of at least seven years on the remaining charges.

Google Workspace is rolling out a new security update on Gmail, adding end-to-end encryption that aims to provide an added layer of security when sending emails and attachments on the web. From a report: The update is still in the beta stages, but eligible Workspace customers with Enterprise Plus, Education Standard, and Education Plus accounts can fill out an application to test the program through Google's support center. Once the encryption update has been completed, Gmail Workspace customers will find that any sensitive information or data delivered cannot be decrypted by Google's servers.

According to the support center, the application window will be open until January 20, 2023, and once users have accessed the feature, they will be able to choose to turn on the additional encryption by selecting the padlock button when drafting their email. But once activated, some features will be disabled, including emojis, signatures, and Smart Compose. The encryption feature will be monitored and managed by users' administrators and comes after Google started working to add more encryption features to Gmail. The report notes that client-side encryption, or CSE, "is already available for Google Drive, including in apps like Google Docs, Sheets, and Slides. It's also in Google Meet, and is in the beta stage for Google Calendar."

IEEE Spectrum: In 2000, at a trade fair in Germany, an obscure Singapore company called Trek 2000 unveiled a solid-state memory chip encased in plastic and attached to a Universal Serial Bus (USB) connector. The gadget, roughly the size of a pack of chewing gum, held 8 megabytes of data and required no external power source, drawing power directly from a computer when connected. It was called the ThumbDrive. That device, now known by a variety of names -- including memory stick, USB stick, flash drive, as well as thumb drive -- changed the way computer files are stored and transferred. Today it is familiar worldwide. The thumb drive was an instant hit, garnering hundreds of orders for samples within hours. Later that year, Trek went public on the Singapore stock exchange, and in four months -- from April through July 2000 -- it manufactured and sold more than 100,000 ThumbDrives under its own label.

Before the invention of the thumb drive, computer users stored and transported their files using floppy disks. Developed by IBM in the 1960s, first 8-inch and later 5 1/4-inch and 3 1/2-inch floppy disks replaced cassette tapes as the most practical portable storage media. Floppy disks were limited by their relatively small storage capacity -- even double-sided, double-density disks could store only 1.44 MB of data. During the 1990s, as the size of files and software increased, computer companies searched for alternatives. Personal computers in the late 1980s began incorporating CD-ROM drives, but initially these could read only from prerecorded disks and could not store user-generated data. The Iomega Zip Drive, called a "superfloppy" drive and introduced in 1994, could store up to 750 MB of data and was writable, but it never gained widespread popularity, partly due to competition from cheaper and higher-capacity hard drives.

Computer users badly needed a cheap, high-capacity, reliable, portable storage device. The thumb drive was all that -- and more. It was small enough to slip in a front pocket or hang from a keychain, and durable enough to be rattled around in a drawer or tote without damage. With all these advantages, it effectively ended the era of the floppy disk. But Trek 2000 hardly became a household name. And the inventor of the thumb drive and Trek's CEO, Henn Tan, did not become as famous as other hardware pioneers like Robert Noyce, Douglas Engelbart, or Steve Jobs. Even in his home of Singapore, few people know of Tan or Trek. Why aren't they more famous? After all, mainstream companies including IBM, TEAC, Toshiba, and, ultimately, Verbatim licensed Trek's technology for their own memory stick devices. And a host of other companies just copied Tan without permission or acknowledgment.

Keylogger-like behavior has some Corsair K100 keyboard customers concerned. Several users have reported their peripheral randomly entering text into their computer that they previously typed days or weeks ago. However, Corsair told Ars Technica that the behavior is a bug, not keylogging, and it's possibly related to the keyboard's macro recording feature. From a report: A reader tipped us off to an ongoing thread on Corsair's support forum that a user started in August. The user claimed that their K100 started typing on its own while they use it with a MacBook Pro, gaming computer, and KVM switch. "Every couple of days, the keyboard has started randomly typing on its own while I am working on the MacBook. It usually seems to type messages that I previously typed on the gaming PC and it won't stop until I unplug the keyboard and plug it back in," the user, "brendenguy," wrote.

Ten users seemingly responded to the thread (we can't verify the validity of each claim or account, but Corsair confirmed this is a known issue), reporting similar experiences. [...] Corsair confirmed to Ars that it's received "several" reports of the K100 acting like this but affirmed that "there's no hardware function on the keyboard that operates as a key logger." The company didn't immediately respond to follow-up questions about how many keyboards were affected. "Corsair keyboards unequivocally do not log user input in any way and do not have the ability to log individual keystrokes," Corsair's rep told Ars Technica.

"Today San Francisco has what is perhaps the most deserted major downtown in America," reports the New York Times. "On any given week, office buildings are at about 40 percent of their prepandemic occupancy..." [T]he vacancy rate has jumped to 24 percent from 5 percent since 2019. Occupancy of the city's offices is roughly 7 percentage points below that of those in the average major American city, according to Kastle, the building security firm.

More ominous for the city is that its downtown business district — the bedrock of its economy and tax base — revolves around a technology industry that is uniquely equipped and enthusiastic about letting workers stay home indefinitely. In the space of a few months, Jeremy Stoppelman, the chief executive of Yelp, went from running a company that was rooted in the city to vacating Yelp's longtime headquarters and allowing its roughly 4,400 employees to work from anywhere in their country.

"I feel like I've seen the future," he said.

Decisions like that, played out across thousands of remote and hybrid work arrangements, have forced office owners and the businesses that rely on them to figure out what's next. This has made the San Francisco area something of a test case in the multibillion-dollar question of what the nation's central business districts will look like when an increased amount of business is done at home.... The city's chief economist, Ted Egan, has warned about a looming loss of tax revenue as vacancies pile up. Brokers have tried to counter that narrative by talking up a "flight to quality" in which companies upgrade to higher-end space. Business groups and city leaders hope to recast the urban core as a more residential neighborhood built around people as well as businesses but leave out that office rents would probably have to plunge for those plans to be viable.

Below the surface of spin is a downtown that is trying to adapt to what amounts to a three-day workweek.... On Wednesdays, offices in San Francisco are at roughly 50 percent of their prepandemic levels; on Fridays, they're not even at 30 percent.... In a typical downturn, the turnaround is a fairly simple equation of rents falling far enough to attract new tenants and the economy improving fast enough to stimulate new demand. But now there's a more existential question of what the point of a city's downtown even is.

Microsoft has quietly banned cryptocurrency mining from its online services, and says it did so to protect all customers of its clouds. The Register reports: The Windows and Azure titan slipped the prohibition into an update of its Universal License Terms for Online Services that came into effect on December 1. That document covers any "Microsoft-hosted service to which Customer subscribes under a Microsoft volume licensing agreement," and on The Register's reading, mostly concerns itself with Azure. Microsoft's Summary of Changes to the license states: "Updated Acceptable Use Policy to clarify that mining cryptocurrency is prohibited without prior Microsoft approval." Within the license itself there's hardly any more info.

A section headed "Acceptable Use Policy" states: "Neither Customer, nor those that access an Online Service through Customer, may use an Online Service: to mine cryptocurrency without Microsoft's prior written approval." Microsoft appears not to have publicized this decision beyond the Summary of Changes page and, in recent hours, in an advisory to partners titled: "Important actions partners need to take to secure the partner ecosystem." That document states "the Acceptable Use Policy has been updated to explicitly prohibit mining for cryptocurrencies across all Microsoft Online Services unless written pre-approval is granted by Microsoft," and adds: "We suggest seeking written pre-approval from Microsoft before using Microsoft Online Services for mining cryptocurrencies, regardless of the term of a subscription." Microsoft told The Register it made the change because "crypto currency mining can cause disruption or even impairment to Online Services and its users and can often be linked to cyber fraud and abuse attacks such as unauthorized access to and use of customer resources."

"We made this change to further protect our customers and mitigate the risk of disrupting or impairing services in the Microsoft Cloud." Permission to mine crypto "may be considered for Testing and Research for security detections."

Today, application security provider Promon released the results of a survey of 311 cybersecurity professionals taken at this year's Black Hat Europe expo earlier this month. Sixty-six percent of the respondents claim to have experienced burnout this year. The survey also found that 51% reported working more than four hours per week over their contracted hours. VentureBeat reports: Over 50% responded that workload was the biggest source of stress in their positions, followed by 19% who cited management issues, 12% pointing to difficult relationships with colleagues, and 11% suggesting it was due to inadequate access to the required tools. Just 7% attributed stress to being underpaid. Above all, the research highlights that cybersecurity analysts are expected to manage an unmanageable workload to keep up with threat actors, which forces them to work overtime and adversely effects their mental health.

This research comes not only as the cyber skills gap continues to grow, but also as organizations continue to single out individuals and teams as responsible for breaches. Most (88%) security professionals report they believe a blame culture exists somewhat in the industry, with 38% in the U.S. seeing such a culture as "heavily prevalent." With so many security professionals being held responsible for breaches, it's no surprise that many resort to working overtime to try and keep their organizations safe -- at great cost to their own mental health.

Federal prosecutors have charged six people for allegedly operating websites that launched millions of powerful distributed denial-of-service attacks on a wide array of victims on behalf of millions of paying customers. From a report: The sites promoted themselves as booter or stressor services designed to test the bandwidth and performance of customers' networks. Prosecutors said in court papers that the services were used to direct massive amounts of junk traffic at third-party websites and Internet connections customers wanted to take down or seriously constrain. Victims included educational institutions, government agencies, gaming platforms, and millions of individuals. Besides charging six defendants, prosecutors also seized 48 Internet domains associated with the services.

"These booter services allow anyone to launch cyberattacks that harm individual victims and compromise everyone's ability to access the Internet," Martin Estrada, US attorney for the Central District of California, said in a statement. "This week's sweeping law enforcement activity is a major step in our ongoing efforts to eradicate criminal conduct that threatens the Internet's infrastructure and our ability to function in a digital world." The services offered user interfaces that were essentially the same except for cosmetic differences. The screenshot below shows the web panel offered by orphicsecurityteam.com as of February 28. It allowed users to enter an IP address of a target, the network port, and the specific type of attack they wanted. The panel allowed users to pick various methods to amplify their attacks. Amplification involved bouncing a relatively small amount of specially crafted data at a third-party server in a way that caused the server to pummel the intended victim with payloads that were as much as 10,000 times bigger.

Microsoft has quietly banned cryptocurrency mining from its online services, and says it did so to protect all customers of its clouds. From a report: The Windows and Azure titan slipped the prohibition into an update of its Universal License Terms for Online Services that came into effect on December 1. That document covers any "Microsoft-hosted service to which Customer subscribes under a Microsoft volume licensing agreement," and on The Register's reading, mostly concerns itself with Azure.

Microsoft's Summary of Changes to the license states: "Updated Acceptable Use Policy to clarify that mining cryptocurrency is prohibited without prior Microsoft approval." Within the license itself there's hardly any more info. A section headed "Acceptable Use Policy" states: "Neither Customer, nor those that access an Online Service through Customer, may use an Online Service: to mine cryptocurrency without Microsoft's prior written approval."

The U.S. National Security Agency is warning that Chinese government-backed hackers are exploiting a zero-day vulnerability in two widely used Citrix networking products to gain access to targeted networks. From a report: The flaw, tracked as CVE-2022-27518, affects Citrix ADC, an application delivery controller, and Citrix Gateway, a remote access tool, and are both popular in enterprise networks. The critical-rated vulnerability allows an unauthenticated attacker to remotely run malicious code on vulnerable devices -- no passwords needed. Citrix also says the flaw is being actively exploited by threat actors. "We are aware of a small number of targeted attacks in the wild using this vulnerability," Peter Lefkowitz, chief security and trust officer at Citrix, said in a blog post. "Limited exploits of this vulnerability have been reported." Citrix hasn't specified which industries the targeted organizations are in or how many have been compromised.

Microsoft has once again been caught allowing its legitimate digital certificates to sign malware in the wild, a lapse that allows the malicious files to pass strict security checks designed to prevent them from running on the Windows operating system. ArsTechnica: Multiple threat actors were involved in the misuse of Microsoft's digital imprimatur, which they used to give Windows and endpoint security applications the impression malicious system drivers had been certified as safe by Microsoft. That has led to speculation that there may be one or more malicious organizations selling malicious driver-signing as a service. In all, researchers have identified at least nine separate developer entities that abused the certificates in recent months.

The abuse was independently discovered by four third-party security companies, which then privately reported it to Microsoft. On Tuesday, during Microsoft's monthly Patch Tuesday, the company confirmed the findings and said it has determined the abuse came from several developer accounts and that no network breach has been detected. The software maker has now suspended the developer accounts and implemented blocking detections to prevent Windows from trusting the certificates used to sign the compromised certificates. "Microsoft recommends that all customers install the latest Windows updates and ensure their anti-virus and endpoint detection products are up to date with the latest signatures and are enabled to prevent these attacks," company officials wrote.

An anonymous reader quotes a report from KrebsOnSecurity: On Dec. 10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members. The FBI's InfraGard program is supposed to be a vetted Who's Who of key people in private sector roles involving both cyber and physical security at companies that manage most of the nation's critical infrastructures -- including drinking water and power utilities, communications and financial services firms, transportation and manufacturing companies, healthcare providers, and nuclear energy firms. "InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks," the FBI's InfraGard fact sheet reads.

KrebsOnSecurity contacted the seller of the InfraGard database, a Breached forum member who uses the handle "USDoD" and whose avatar is the seal of the U.S. Department of Defense. USDoD said they gained access to the FBI's InfraGard system by applying for a new account using the name, Social Security Number, date of birth and other personal details of a chief executive officer at a company that was highly likely to be granted InfraGard membership. The CEO in question -- currently the head of a major U.S. financial corporation that has a direct impact on the creditworthiness of most Americans -- did not respond to requests for comment. USDoD told KrebsOnSecurity their phony application was submitted in November in the CEO's name, and that the application included a contact email address that they controlled -- but also the CEO's real mobile phone number. "When you register they said that to be approved can take at least three months," USDoD said. "I wasn't expected to be approve[d]." But USDoD said that in early December, their email address in the name of the CEO received a reply saying the application had been approved. While the FBI's InfraGard system requires multi-factor authentication by default, users can choose between receiving a one-time code via SMS or email. "If it was only the phone I will be in [a] bad situation," USDoD said. "Because I used the person['s] phone that I'm impersonating."

USDoD said the InfraGard user data was made easily available via an Application Programming Interface (API) that is built into several key components of the website that help InfraGard members connect and communicate with each other. USDoD said after their InfraGard membership was approved, they asked a friend to code a script in Python to query that API and retrieve all available InfraGard user data. "InfraGard is a social media intelligence hub for high profile persons," USDoD said. "They even got [a] forum to discuss things." USDoD acknowledged that their $50,000 asking price for the InfraGard database may be a tad high, given that it is a fairly basic list of people who are already very security-conscious. Also, only about half of the user accounts contain an email address, and most of the other database fields -- like Social Security Number and Date of Birth -- are completely empty. [...] While the data exposed by the infiltration at InfraGard may be minimal, the user data might not have been the true end game for the intruders. USDoD said they were hoping the imposter account would last long enough for them to finish sending direct messages as the CEO to other executives using the InfraGuard messaging portal.

An anonymous reader quotes a report from TechCrunch: Apple has confirmed that an iPhone software update it released two weeks ago fixed a zero-day security vulnerability that it now says was actively exploited. The update, iOS 16.1.2, landed on November 30 and rolled out to all supported iPhones -- including iPhone 8 and later -- with unspecified "important security updates."

In a disclosure to its security updates page on Tuesday, Apple said the update fixed a flaw in WebKit, the browser engine that powers Safari and other apps, which if exploited could allow malicious code to run on the person's device. The bug is called a zero-day because the vendor is given zero days notice to fix the vulnerability. Apple said security researchers at Google's Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug.

Apple said in its Tuesday disclosure that it is aware that the vulnerability was exploited "against versions of iOS released before iOS 15.1," which was released in October 2021. As such, and for those who have not yet updated to iOS 16, Apple also released iOS and iPadOS 15.7.2 to fix the WebKit vulnerability for users running iPhones 6s and later and some iPad models. The bug is tracked as CVE-2022-42856, or WebKit 247562. It's not clear for what reason Apple withheld details of the bug for two weeks.

Software quality issues may have cost the U.S. economy $2.41 trillion in 2022. From a report: This statistic is unearthed in Synopsys's 'The Cost of Poor Software Quality in the US: A 2022 Report.' The report's findings reflect that as of 2022, the cost of poor software quality in the U.S. -- which includes cyberattacks due to existing vulnerabilities, complex issues involving the software supply chain, and the growing impact of rapidly accumulating technical debt -- have led to a build-up of historic software deficiencies. Co-sponsored by Synopsys, the report was produced by the Consortium for Information & Software Quality (CISQ), an organization developing international standards to automate software quality measurement and promoting the development and maintenance of secure, reliable, and trustworthy software.

The report highlights several key areas of CPSQ growth, including:
Cybercrime losses due to a rising number of software vulnerabilities. Losses rose 64% from 2020 to 2021 and are on track for a further 42% increase from 2021 to 2022. The quantity and cost of cybercrime incidents have been on the rise for over a decade, and now account for a sum equivalent to the world's third-largest economy after the U.S. and China.
Software supply chain problems with underlying third-party components are up significantly. This year's report shows that the number of failures due to weaknesses in open-source software components accelerated by an alarming 650% from 2020 to 2021.
Technical debt has become the largest obstacle to making changes in existing code bases. Technical debt refers to software development rework costs from the accumulation of deficiencies leaving data and systems potentially vulnerable. This year's report illustrates that deficiencies aren't being resolved, leading technical debt to increase to approximately $1.52 trillion.

An anonymous reader shares a report: According to a recent IDC forecast, the PC and tablet markets are expected to shrink. Shipments for tablets and PCs will decline almost 12% in 2022, the research firm reported, and are expected to decline further in 2023. But excess inventory is already forcing suppliers to heavily discount products and shift from the premium segment to more mid-range products, the analysts said. On the other hand, the report states that tablet and PC shipments will continue to remain above pre-pandemic levels. But uncertain economic conditions will threaten inventory and increase market saturation next year.

"The reality is that both PC and tablet makers will struggle in the coming months as not only are volumes expected to decline, but so will average selling prices," Jitesh Ubrani, IDC's research manager for mobility and consumer device trackers, said in a release. In October of this year, IDC reported that tablet shipments were down 8.8%, signaling the fifth straight quarter of the tablet market's decline. This market contraction followed two years of massive growth, which can be mostly attributed to economic factors.

A little-known phone monitoring app called Xnspy has stolen data from tens of thousands of iPhones and Android devices, the majority whose owners are unaware that their data has been compromised. From a report: Xnspy is one of many so-called stalkerware apps sold under the guise of allowing a parent to monitor their child's activities, but are explicitly marketed for spying on a spouse or domestic partner's devices without their permission. Its website boasts, "to catch a cheating spouse, you need Xnspy on your side," and, "Xnspy makes reporting and data extraction simple for you."

Stalkerware apps, also known as spouseware, are surreptitiously planted by someone with physical access to a person's phone, bypassing the on-device security protections, and are designed to stay hidden from home screens, which makes them difficult to detect. Once installed, these apps will silently and continually upload the contents of a person's phone, including their call records, text messages, photos, browsing history and precise location data, allowing the person who planted the app near-complete access to their victim's data. But new findings show many stalkerware apps are riddled with security flaws and are exposing the data stolen from victims' phones. Xnspy is no different.

Microsoft's Chromium-based Edge browser was an improvement over the initial version of Edge in many ways, including its support for Windows 7 and Windows 8. But the end of the road is coming: Microsoft has announced that Edge will end support for Windows 7 and Windows 8 in mid-January of 2023, shortly after those operating systems stop getting regular security updates. From a report: Support will also end for Microsoft Edge Webview2, which can use Edge's rendering engine to embed webpages in non-Edge apps. The end-of-support date for Edge coincides with the end of security update support for both Windows 7 and Windows 8 on January 10, and the end of Google Chrome support for Windows 7 and 8 in version 110. Because the underlying Chromium engine in both Chrome and Edge is open source, Microsoft could continue supporting Edge in older Windows versions if it wanted, but the company is using both end-of-support dates to justify a clean break for Edge.

"Employees have gotten more — not less — engaged over the past three years since remote work became the norm for many knowledge workers," argues an assistant professor of management from the business school at the University of Texas at Austin. He'd teamed up with a software company providing analytics to large corporations to measure the number of spontaneously-happening individual remote meetings: Given the anecdotal evidence of workers recently disengaging or quiet quitting, we had originally predicted that one of the easiest ways to observe this effect would be a continual decrease in the number of times remote or hybrid coworkers were engaging — or meeting — with each other. However, we found quite the opposite.

To more deeply explore the nature of how remote collaboration is changing over time, we gathered metadata from all Zoom, Microsoft Teams, and Webex meetings (involving webcams on and/or off) from 10 large global organizations (seven of which are Fortune 500 firms) spanning a variety of fields, including technology, health care, energy, and financial services. Specifically, we compared six-week snapshots of raw meeting counts from April through mid-May in 2020 following the Covid-19 lockdowns, and the same set of six weeks in 2021 and 2022.... This dataset resulted in a total of more than 48 million meetings for more than half a million employees....

In 2020, 17% of meetings were one-on-one, but in 2022, 42% of meetings were one-on-one... In 2020, only 17% of one-on-one meetings were unscheduled, but in 2022, 66% of one-on-one meetings were unscheduled. Furthermore, the growth in one-on-one meetings between 2020 and 2022 was almost solely due to the increase in unscheduled meetings (whereas scheduled meetings remained relatively constant)... The combination of these findings presents an interesting picture: not that remote workers seem to be becoming less engaged, but rather — at least with respect to meetings — they are becoming more engaged with their colleagues.

This data also suggests that remote interactions are shifting to more closely mirror in-person interactions. Whereas there have been substantial concerns that employees are missing out on the casual and spontaneous rich interactions that happen in-person, these findings indicate that remote employees may be beginning to compensate for the loss of those interactions by increasingly having impromptu meetings remotely.