Many internet companies posted record performance during the pandemic as consumers turned to apps and other cloud software to work, study, socialize and shop from home. But as vaccines roll out and restrictions relax, some of this unprecedented digital demand is fading. From a report: Data from research firm Apptopia reveal how the superstar apps of the Covid-19 era are faring now in the U.S. Plus, stats from New Zealand, a country that reopened earlier, show what the future might hold for these services. Here's the main takeaway: Many well-known apps are losing ground, or usage has stabilized. Some behaviors are sticking, though, suggesting the pandemic will provide a more-permanent boost for a few internet companies.

Zoom Video Communications's app has been so ubiquitous during the pandemic that it's now a verb. Lately, though, workers complain of "Zoom fatigue," and data from New Zealand are ominous. Usage has dropped in that country as employees and students return to offices and schools. Even in the U.S., where most offices remain virtual, Zoom use peaked in September. The company said recently it's well positioned for strong growth. Microsoft's Teams communication software was another work-from-home hit last year. That service has seen mobile app usage decline, too, especially in New Zealand. Other staples of the virtual workplace are here to stay, according to Apptopia data. DocuSign's app, which lets you sign contracts and other documents digitally, has seen consistently high usage lately. The app has become a popular way to close real-estate transactions, so it is likely getting an extra boost from the housing boom.

Security researcher Brian Krebs wants you to know... "New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let's just get this out of the way right now: It wasn't me." The Shadowserver Foundation, a nonprofit that helps network owners identify and fix security threats, says it has found 21,248 different Exchange servers which appear to be compromised by a backdoor and communicating with [a domain that begins with brian . krebsonsecurity... Not a safe domain.] Shadowserver has been tracking wave after wave of attacks targeting flaws in Exchange that Microsoft addressed earlier this month in an emergency patch release. The group looks for attacks on Exchange systems using a combination of active Internet scans and "honeypots" — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how.

David Watson, a longtime member and director of the Shadowserver Foundation Europe, says his group has been keeping a close eye on hundreds of unique variants of backdoors (a.k.a. "web shells") that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. These backdoors give an attacker complete, remote control over the Exchange server (including any of the server's emails)... Shadowserver's honeypots saw multiple hosts with the Babydraco backdoor doing the same thing: Running a Microsoft Powershell script that fetches the file "krebsonsecurity.exe"... Oddly, none of the several dozen antivirus tools available to scan the file at Virustotal.com currently detect it as malicious. The Krebsonsecurity file also installs a root certificate, modifies the system registry, and tells Windows Defender not to scan the file. Watson said the Krebsonsecurity file will attempt to open up an encrypted connection between the Exchange server and the above-mentioned IP address, and send a small amount of traffic to it each minute.

Shadowserver found more than 21,000 Exchange Server systems that had the Babydraco backdoor installed. But Watson said they don't know how many of those systems also ran the secondary download from the rogue Krebsonsecurity domain. "Despite the abuse, this is potentially a good opportunity to highlight how vulnerable/compromised MS Exchange servers are being exploited in the wild right now, and hopefully help get the message out to victims that they need to sign up our free daily network reports," Watson said.

Forget email. The final frontier for Slack, as it tries to reimagine the way millions of people communicate at work, is the text message. From a report: Email is a useful tool but a blunt one. It mixes business communication with receipts and confirmation numbers, makes it easy to talk to anyone but also maybe makes it too easy to talk to anyone. But text messages? Not every professional relationship graduates to text-message levels of intimacy, but the ones that do are the ones that matter most. And you might have an assistant read and filter your email, but pretty much everybody checks their own texts. It's the highest, most elusive rung of the business communication ladder, and it's exactly what Slack wants to replace. Starting on Wednesday, any Slack user will be able to direct message any other Slack user. The new system is called Connect DMs, and works a bit like the messaging apps and buddy lists of old: Users send an invite to anyone via their work email address, and once the recipient accepts their new contact is added to their Slack sidebar. The conversations are tied to the users' organizations, but exist in a separate section of the Slack app itself.

Connect DMs turns Slack from an app for chatting with co-workers into an app for chatting with anyone. It puts Slack on par with both enterprise tools like Microsoft Teams and free consumer services like WhatsApp and Facebook Messenger. "When someone opens up their phone," said Ilan Frank, Slack's VP of product, "if they're connecting with their friends, they click on Facebook or WhatsApp. If they're connecting with someone they work with, regardless of where that person works, they should be clicking on Slack." That's a tricky thing to get right, both from a UI perspective and an IT one. But Slack is committed. This has been the plan since before Salesforce bought the company, and it feels even more urgent now. Slack needs this to work, in some ways, as Microsoft Teams and Zoom threaten to leave it behind. By expanding its purview, Slack gives users more reasons to try Slack, gives companies more reasons to adopt it, and makes Slack an even more central part of the modern workday.

Amazon has chosen Adam Selipsky to run its Amazon Web Services division. Currently, Selipsky is CEO of Salesforce-owned data-visualization software maker Tableau. Andy Jassy made the decision as the current head of AWS, after he was chosen to replace Jeff Bezos as CEO of Amazon. CNBC reports: Amazon rules the market for public cloud infrastructure that companies use to run internal and external applications, a modern alternative to relying on in-house servers, storage and networking equipment. In 2019 industry research company Gartner estimated that Amazon had 45% of the market, more than any other company, including Microsoft and Google. As such, Selipsky becomes the most visible person in the growing industry, perhaps second only to Jassy, who enters a bigger job when he becomes Amazon CEO in the third quarter.

Selipsky is one of the people several insiders had identified as a possible successor to Jassy. Selipsky had held a prominent position inside AWS, as vice president for sales, marketing and support, before leaving to run then-public Tableau in 2016. Salesforce bought Tableau for $15.7 billion in 2019.

phalse phace writes: During today's "Intel Unleashed: Engineering the Future" webcast, Intel CEO Pat Gelsinger gave an update on the company's future plans and developments, one of which includes a $20 billion investment to build two new chip fabs in Arizona.

The new factories are expected to "become a major provider of foundry capacity in the U.S. and Europe" to serve the global demand for semiconductor manufacturing. "To deliver this vision, Intel is establishing a new standalone business unit, Intel Foundry Services (IFS), led by semiconductor industry veteran Dr. Randhir Thakur. IFS will be differentiated from other foundry offerings with a combination of leading-edge process technology and packaging, committed capacity in the U.S. and Europe, and a world-class IP portfolio for customers, including x86 cores as well as ARM and RISC-V ecosystem IPs." "Gelsinger said the foundry business will compete in a market potentially worth $100 billion by 2025," reports CNBC. "A slide displayed by Intel suggested that companies including Amazon, Google, Microsoft and Qualcomm could be customers for the business."

The company is also partnering with IBM to improve chip logic and packaging technologies, which will "enhance the competitiveness of the U.S. semiconductor industry and support key U.S. government initiatives."

Google, Microsoft and the broader web community are working together to make it easier for developers to build websites that work seamlessly across browsers. From a report: They've teamed up for a cross-browser effort called #Compat2021, which aims to eliminate the top five browser compatibility pain points on the web for developers. The group identified the issues they decided to focus on based on usage data, number of bugs reports, survey feedback and test results. One of the most problematic issue that they want to address is with CSS Flexbox, since images as flex items are often stretched incorrectly and differently between browsers. They also want to improve CSS Grid so that it can be used to create animated grid layouts on Chromium and WebKit -- at the moment, the ability is only supported in Gecko. The group wants to work on sticky positioning so that any content that's stickied looks consistent across browsers, as well. Similarly, they want to make sure web elements maintain a consistent width-to-height ratio and that animations and 3D effects look the same whatever browser a user is on.

Microsoft is rebranding Xbox Live to Xbox network. Instances of the new branding started appearing in the Xbox dashboard recently for beta testers, with clips being uploaded to "Xbox network" instead of Xbox Live. Microsoft has now confirmed the name change. From a report: "'Xbox network' refers to the underlying Xbox online service, which was updated in the Microsoft Services Agreement," says a Microsoft spokesperson in a statement to The Verge. "The update from 'Xbox Live' to 'Xbox network' is intended to distinguish the underlying service from Xbox Live Gold memberships." Microsoft has used Xbox Live to refer to its underlying Xbox service since its original launch 18 years ago. Larry Hryb, better known as Major Nelson, has been known as "Xbox Live's Major Nelson" for years, but Hryb now refers to himself as "Xbox's Major Nelson."

Microsoft is in talks to acquire Discord, a video-game chat community, for more than $10 billion, Bloomberg reports, citing people familiar with the matter. From the report: Discord has been talking to potential buyers and software giant Microsoft is in the running, but no deal is imminent, said the people, who asked not to be identified because the discussions are private. Discord is more likely to go public than sell itself, one person said. Representatives for Microsoft and Discord declined to comment. VentureBeat reported earlier on Monday that Discord was engaged in sales talks. San Francisco-based Discord is best known for its free service that lets gamers communicate by video, voice and text, and people stuck at home during the pandemic have increasingly used its technology for study groups, dance classes, book clubs and other virtual gatherings. It has more than 100 million monthly active users and has been elaborating its communication tools to turn it into a "place to talk" rather than merely a gamer-centric chat platform.

"A new study from Microsoft, released Monday, found that among the more than 31,000 workers it surveyed, 73% hoped remote work options would continue when the pandemic ends," reports CNET. "Even Gen Z applicants were slightly more likely to apply for a job with remote options than for one strictly in an office," even though they feel that they're losing out on the career growth that happens in the office. CNET reports: Gen Z workers, born roughly between the mid-1990s and mid-2010s, responded to Microsoft's surveys generally by saying they're more stressed and find they're struggling more than their peers. They tend to be single, since they're younger, leading them to feel isolated. And since they're early in their careers, they don't have financial means to create a good workspace at home if their employer won't pay for it. And they're not having those in-person meetings that sometimes help them land in career advancing projects, or even to get in good with the boss.

"Without hallway conversations, chance encounters, and small talk over coffee, it's hard to feel connected even to my immediate team, much less build meaningful connections across the company," wrote Hannah McConnaughey, a product marketing manager at Microsoft who's a Gen Z worker. "Networking as someone early in their career has gotten so much more daunting since the move to fully remote work -- especially since switching to a totally different team during the pandemic!"

Employees also say they want flexibility rather than fully remote jobs. Of the workers Microsoft surveyed, 73% said they want remote work options to stay, with 46% saying they plan to move now that they can work remotely. Still, 67% said they want more in-person work or collaboration too. In short: We don't seem to know what we want yet. [...] In its conclusions, Microsoft suggests companies invest in technology that helps bridge the physical and digital worlds, so teams can work remotely and in the office. Additionally, it says Gen Z employees need more career support.

"If I worked in tech antitrust policy, I would really want to understand why all the cases against Microsoft 20 years ago were such an unqualified failure." That's what venture capitalist Benedict Evans (formerly an Andreessen Horowitz partner), is asking regulators on Twitter.

"You won, yet achieved nothing, and then Microsoft's dominance went away anyway. Why?"

Long-time Slashdot reader theodp notes the thread of reminiscent reactions from Microsoft employees prompted this response on the blog of software developer Dave Winer "to lament the collateral damage of a winner-take-all mentality." "Microsoft could've played a senior role, and helped the rest of us add all kinds of editors and databases to the web, and at least try to bring across some of the GUI innovations of the 1980s. Instead all that was lost. Today, decades later, because of the chaos Microsoft brought us then, the editors on the web still suck. They are really inferior. Far less useful than the editors we had before the web.

"What if Microsoft had chilled and brought together the best minds from the PC era and asked some basic questions like how are we going to make the web better for everyone, at least as good as what we had before. What a time that would have been to do just that. But they acted like spoiled children."
But are we facing the same issues today? In The End of Silicon Valley as We Know It?, geek publishing icon/seed investor Tim O'Reilly checks in on tech's latter-day missed opportunities: The extractive behavior the tech giants exhibit has been the norm for modern capitalism since Milton Friedman set its objective function in 1970: "The social responsibility of business is to increase its profits"...

It's a sad time for Silicon Valley, because we are seeing not only the death of its youthful idealism but a missed opportunity. Paul Cohen, the former DARPA program manager for AI, made a powerful statement a few years ago at a meeting of the National Academy of Sciences that we both attended: "The opportunity of AI is to help humans model and manage complex interacting systems." That statement sums up so much of the potential that is squandered when firms like Google, Amazon, and Facebook fall prey to the Friedman doctrine rather than setting more ambitious goals for their algorithms.

I'm not talking about future breakthroughs in AI so much as I'm talking about the fundamental advances in market coordination that the internet gatekeepers have demonstrated. These powers can be used to better model and manage complex interacting systems for the good of all. Too often, though, they have been made subservient to the old extractive paradigm."

The Biden administration "is preparing a series of aggressive cyber attacks on Russia in a major shift in tactics designed as a warning shot to rival powers," reports the Telegraph newspaper: The attack, which is expected in the next fortnight, is in retaliation for the SolarWinds hack, the large-scale infiltration of American government agencies and corporations discovered late last year that was traced back to the Kremlin... The U.S. will not target civilian structures or networks, but the hack is instead designed as a direct challenge to Mr Putin, Russia's President, and his cyber army, The Telegraph understands.

The White House confirmed it will take "a mix of actions" — both "seen and unseen" — although it did not provide specifics on when and how it would do so... "I actually believe that a set of measures that are understood by the Russians, but may not be visible to the broader world, are actually likely to be the most effective measures in terms of clarifying what the United States believes are in bounds and out of bounds, and what we are prepared to do in response," Jake Sullivan, U.S. National Security Adviser, told the New York Times last week.

Mr Sullivan stressed that traditional sanctions alone do not sufficiently raise the cost to force powers like Russia, or China.

"Microsoft has implemented an automatic mitigation tool within Defender Antivirus to tackle critical vulnerabilities in Exchange Server," reports ZDNet: On March 18, the Redmond giant said the software will automatically mitigate CVE-2021-26855, a severe vulnerability that is being actively exploited in the wild. This vulnerability is one of four that can be used in a wider attack chain to compromise on-premise Exchange servers.

Microsoft released emergency fixes for the security flaws on March 2 and warned that a state-sponsored threat group called Hafnium was actively exploiting the bugs, and since then, tens of thousands of organizations are suspected to have been attacked. At least 10 other advanced persistent threat (APT) groups have jumped on the opportunity slow or fragmented patching has provided.

The implementation of a recent security intelligence update for Microsoft Defender Antivirus and System Center Endpoint Protection means that mitigations will be applied on vulnerable Exchange servers when the software is deployed, without any further input from users. According to the firm, Microsoft Defender Antivirus will automatically identify if a server is vulnerable and apply the mitigation fix once per machine.
The article also points out Microsoft also released a one-click mitigation tool earlier this week, which is "still readily available as an alternative way to mitigate risk to vulnerable servers if IT admins do not have Defender Antivirus."

Computer maker Acer has been hit by a ransomware attack "where the threat actors are demanding the largest known ransom to date, $50,000,000," writes Bleeping Computer: Yesterday, the ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof...

In response to BleepingComputer's inquiries, Acer did not provide a clear answer regarding whether they suffered a REvil ransomware attack, saying instead that they "reported recent abnormal situations" to relevant law enforcement and data protection authorities... In requests for further details, Acer said "there is an ongoing investigation and for the sake of security, we are unable to comment on details."
PC Magazine reports that data from Advanced Intel's Andariel cyberintelligence platform "was able to link the possible breach to the Microsoft Exchange issue."

Following reports that a recent update to Windows 10 was causing blue screens as well as problems with printing, Microsoft issued a new series of updates to address the issues. But it seems that the problems caused by this month's Patch Tuesday updates are actually worse than first thought. BetaNews reports: Users with certain brands of printer experienced APC_INDEX_MISMATCH errors and blue screens, but now Microsoft has issued a warning that there may be additional problems with elements missing from print outs, or even entirely blank pages being output. The problematic updates are KB5000802, KB5000808, KB5000809 and KB5000822. In the support documentation for these four updates, Microsoft acknowledges the APC_INDEX_MISMATCH error problems and BSoDs, and directs people to install the relevant patches for their system. But the company now also acknowledges that there are more problems with the original updates than first appeared to be the case.

For each of these four updates Microsoft issues the same warning: "After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps..." There is currently no fix, and Microsoft is not even able to offer a workaround right now. Instead, the company simply says: "We are working on a resolution and estimate a solution will be available in the coming days."

Microsoft unveiled new technology to boost government and health care organizations' vaccine management systems, including scheduling shot appointments and monitoring results, to fix shortcomings weeks after the company's initial custom-built programs ran aground in a few states. From a report: The Microsoft Vaccine Management product released Friday is made up of features and new apps that the software company said will improve upon and fix the glitches that occurred when its previous effort, the Vaccination Registration and Application System, failed to work properly in New Jersey and Washington D.C. The new software "incorporates lessons learned from VRAS regarding scalable architecture, improved user experiences for residents and health care workers," the company said in an email. It also uses health care standards for information transfer so data can be exported more quickly to other record systems, such as electronic medical records. The software also addresses other issues that hampered the previous option, including requiring users to pre-register before seeking a Covid-19 vaccine appointment and providing a way to proactively handle spikes in demand.

Sony is revealing its new VR controllers for the PS5 today. The Verge reports: The orb-shaped controllers look more like typical VR controllers than existing PlayStation Move motion controllers, and they also include the same adaptive trigger technology found on the DualSense PS5 controller. Each controller has tensions in the triggers, and Sony is aiming to use this tech in future VR games. The controllers also have haptic feedback, and finger touch detection that will let them detect fingers without having to press areas where you rest your thumb, index, or middle fingers.

Naturally, these controllers will also include tracking to Sony's new VR headset via a ring at the bottom of the controller. These certainly look far improved over what's currently available on the PS Move controllers, with better ergonomics, too. Sony hasn't shown off the design of its next-gen VR headset for the PS5 just yet, but the company did reveal it has an improved field of view, resolution, and even a single cord to make it easier to use. Sony isn't planning to launch its VR headset for the PS5 in 2021, but it's clear the company is getting ready to test it with game developers soon. Don't expect an Xbox virtual-reality headset anytime soon. Yesterday, a Microsoft representative reiterated that "VR for console is not a focus for us at this time."

Microsoft has once again reiterated that VR support for Xbox was not a focus for the company, following reports earlier today that hinted it was working on a VR headset compatible with the Xbox Series X/S. The Verge reports: The rumor first surfaced after IGN Italy reported that some Italian Xbox users received messages, which translated to "[a]n update for the VR headset is available" and "[u]pdate VR headset," when connecting the recently released Xbox Wireless Headset to their Xbox Series X or Series S consoles. A Microsoft representative told The Verge that "the copy in this error message is inaccurate due to a localization bug," while again reiterating that "VR for console is not a focus for us at this time."

Microsoft has yet to explore the VR space for its Xbox consoles. In 2018, the company pulled back on plans to support virtual reality headsets for Xbox in 2018, explaining that it wanted to focus "primarily on experiences you would play on your TV." In late 2019, Xbox boss Phil Spencer tweeted out that although he played "some great VR games" such as Half-Life: Alyx, console VR was not Xbox's focus ahead of the Xbox Series X / S release.

The new generation of Intel Core CPUs is here. Intel is using a new architecture on its ancient 14nm process to power the 11th-generation Rocket Lake-S processors. From a report: That results in some significant power improvements, but it also means that Intel can only fit 8 cores on its flagship Core i9-11900K. That sacrifice to the number of cores looks bad compared to the 12-core AMD Ryzen 9 5900X or even the last-gen 10-core i9-10900K. But Intel is also promising massive improvements to efficiency that should keep the Rocket Lake-S parts competitive -- especially in gaming. Rocket Lake-S CPUs launch March 30. The $539 Core i9-11900K has 8 cores and 16 threads with a single-core Thermal Velocity boost of 5.3GHz and 4.8GHz all-core boost. The slightly more affordable $399 i7-11700K boosts up to 5GHz, and the i5-11600K is $262 with 6 cores at a 4.9GHz boost.

While the lack of cores is going to hurt Rocket Lake-S CPUs in multi-threaded applications, Intel claims that its 19% improvement to instructions per clock (IPC) will make up much of the difference. The UHD graphics processor in the CPUs also deliver 50% better performance than last generation. Of course, Intel is focusing on games because that is where its processors remain the most competitive versus AMD. And that should continue with its Rocket Lake-S chips. These high-clocked parts with improved performance should keep up and even exceed AMD's Zen 3 chips in certain games, like Microsoft's Flight Simulator (according to Intel).

Thelasko writes: Microsoft is reporting an outage of Office 365, including Microsoft Teams. On its status page, Microsoft adds: Users may be unable to access multiple Microsoft services. User impact: Users may be unable to access multiple Microsoft 365, Azure, and Dynamics 365 services, including the Service Health Dashboard. More info: Any service that leverages Azure Active Directory (AAD) may be affected. This includes but is not limited to Microsoft Teams, Forms, Exchange Online, Intune and Yammer. Current status: We've identified the underlying cause of the problem and are taking steps to mitigate impact. We'll provide an updated ETA on resolution as soon as one is available. Scope of impact: This issue could affect any user.

America is contemplating how to respond to breaches "pulled off by Russia and China against a broad array of government and industrial targets," reports the New York Times: Both hacks exploited the same gaping vulnerability in the existing system: They were launched from inside the United States — on servers run by Amazon, GoDaddy and smaller domestic providers — putting them out of reach of the early warning system run by the National Security Agency. The agency, like the C.I.A. and other American intelligence agencies, is prohibited by law from conducting surveillance inside the United States, to protect the privacy of American citizens. But the F.B.I. and Department of Homeland Security — the two agencies that can legally operate inside the United States — were also blind to what happened, raising additional concerns about the nation's capacity to defend itself from both rival governments and nonstate attackers like criminal and terrorist groups. In the end, the hacks were detected long after they had begun not by any government agency but by private computer security firms...

Biden administration officials said they would seek a deeper partnership with the private sector, tapping the knowledge of emerging hacking threats gathered by technology companies and cybersecurity firms. The hope, current and former officials say, is to set up a real-time threat sharing arrangement, whereby private companies would send threat data to a central repository where the government could pair it with intelligence from the National Security Agency, the C.I.A. and other spy shops, to provide a far earlier warning than is possible today.
A U.S. representative who co-chairs a cyberspace commission colorfully characterized both breaches to the TImes. "When not one but two cyberhacks have gone undetected by the federal government in such a short period of time, it's hard to say that we don't have a problem. The system is blinking red."

But then there's this: Last month, in the days before Microsoft released an emergency patch for vulnerable Exchange Servers, multiple state-backed Chinese groups were apparently tipped off that the company was testing a patch. They began gorging on vulnerable systems with a speed and aggression that some security experts said they had never seen before.

It is unclear how exactly these Chinese groups learned of Microsoft's patch, but the timing suggests they caught wind of the moves when Microsoft rolled out a test version of its patch to its security partners at cybersecurity firms in late February. Eighty companies participate in a longstanding partnership with Microsoft, known as the Microsoft Active Protections Program, including 10 Chinese firms. Microsoft confidentially alerts these companies to emerging cyberthreats and vulnerabilities ahead of its official patch cycle. The company is investigating whether one of its partners may have leaked to Chinese hackers or was itself hacked.