Software sold by market leaders tend to be primary purchases for regular consumers. Brand comfort is important but so too is affordability, especially when pirate copies are available for free. Some find a middle ground with purchases of discounted activation keys but, as a new Microsoft lawsuit shows, that can amount to copyright infringement for buyers and sellers alike. From a report: In a complaint filed at a Washington court this week, Microsoft targets Canadian company The Search People Enterprises Ltd (TSPE), assumed director Mehtabjit Singh, and 'John Doe' defendants 1-10. The defendants are described as prolific distributors of "black market access devices," aka activation keys and tokens for Microsoft software. Those who bought keys and tokens may have been under the impression that they were purchasing official software but as Microsoft explains, that is not only misleading but a mischaracterization of the things they were sold.

Products including Microsoft Office, Project, Visio, Windows 10, and Windows 11 are all subject to licensing terms that restrict how the products can be used. Microsoft can also provide a product activation key to be entered as part of the installation process, with data about the activation sent to the company's servers. Like software tokens, which enable downloads and automatic software activation, activation keys are anti-piracy tools, and exchanging money for them is not the same as buying a license. Indeed, Microsoft makes itself very clear -- the activation of a piece of software means nothing in the absence of a license. Microsoft's problem is that product activation keys can be 'decoupled' from the software they were meant to authorize and then reused to activate more copies of the software, in some cases more copies than the attached Microsoft license permits.

Microsoft said Wednesday that it has released almost all of its emoji designs to GitHub and Figma, allowing anyone to tweak and design their own. From a report: Microsoft isn't saying that you'll be able to use your own emoji designs inside Windows, and the company isn't saying that absolutely all of the company's emoji are being released into open source, either. Specifically, Microsoft is excluding the Clippy emoji (boo!) and a few that includes the Microsoft logo. Naturally, Microsoft can't release its own copyrighted trademarks into the public domain, Jon Friedman, a corporate vice president of design and research at Microsoft, wrote in a blog post. It's no small task to open-source each of Microsoft's 1,538 emoji, Friedman wrote. "Similar to how typeface sets include bold, italic, and regular styles, emoji must exist as a SVG, PNG, and JPG file to allow for true versatility. And for each of those, a vector, flat, and monochrome version should be created for scale and flexibility."

An anonymous reader quotes a report from Ars Technica: Microsoft has published a knowledge base article acknowledging a problem with encryption acceleration in the newest versions of Windows that could result in data corruption. The company recommends installing the June 2022 security updates for Windows 11 and Windows Server 2022 "to prevent further damage," though there are no suggested solutions for anyone who has already lost data because of the bug.

The problems only affect relatively recent PCs and servers that support Vector Advanced Encryption Standard (VAES) instructions for accelerating cryptographic operations. Microsoft says affected systems use AES-XTS or AES-GCM instructions "on new hardware." Part of the AVX-512 instruction set, VAES instructions are supported by Intel's Ice Lake, Tiger Lake, Rocket Lake, and Alder Lake architectures -- these power some 10th-generation Core CPUs for laptops, as well as all 11th- and 12th-gen Core CPUs. AMD's upcoming Zen 4 architecture also supports VAES, though by the time these chips are released in the fall, the patches will have had plenty of time to proliferate. Microsoft says that the problem was caused when it added "new code paths" to support the updated encryption instructions in SymCrypt, Windows' cryptographic function library. These code paths were added in the initial release of Windows 11 and Windows Server 2022, so the problem shouldn't affect older versions like Windows 10 or Windows Server 2019.

The initial fix for the problem, provided in Windows' June 2022 security update package (Windows 11 build 22000.778), will prevent further damage at the cost of reduced performance, suggesting that the initial fix was to disable encryption acceleration on these processors entirely. Using Bitlocker-encrypted disks or the Transport Layer Security (TLS) protocol or accessing encrypted storage on servers will all be slower with the first patch installed, though installing the July 2022 security updates (Windows 11 build 22000.795) should restore performance to its previous level.

An anonymous reader quotes a report from Ars Technica: If you watched ESPN2 during its stint last weekend as "ESPN8: The Ocho," you may have seen some odd, meme-friendly competitions, including corgi racing, precision paper airplane tossing, and slippery stair climbing. Or you might have seen "Excel Esports: All-Star Battle," a tournament in which an unexpected full-column Flash Fill is announced like a 50-yard Hail Mary. It's just the latest mainstream acknowledgment of Excel as a viable, if quirky, esport, complete with down-to-the-wire tension and surprising comebacks. [...]

Featured in this all-star battle was 2021 FMWC World Cup winner Diarmuid Early, an FMWC grandmaster from Ireland who claims 10,000 hours in Excel. (He would be Lambda if he were a function, he said.) The winner of the first championship in 2020, Joseph Lau (28,600 hours, Isological), also competed, along with six other highly ranked function warriors. Diarmuid took a commanding lead in the first slot-like task, racking up more points more quickly in a first round than anyone has in an FMWC competition. Others faced the kinds of challenges that regular users see in less combative Excel work. Polish competitor Gabriela Stroj told the hosts that "one stupid error" -- leaving a formula linked to the wrong sheet -- likely cost her hundreds of points. David Brown from the US said that his major problem was pasting from his 32-bit Windows-based Excel to the official online Excel answer sheets, which left his formulas treated as text.

The top four of the eight competitors moved on to round 2, simulating a yacht regatta in Excel. Diarmuid and third-ranked Andrew Ngai made it through. The two competed on creating a score-tracking mechanic for an entirely Excel-based retro-style 2D platformer, "Modelario." Ngai eked out the win, although with only 411 of a total 1,000 possible points. Ngai's reward for a more than two-hour cell-based marathon: a trip to Tucson, Arizona, for the FMWC finals. You can watch the full two-hour-and-48-minute all-star battle, which ESPN edited down to 30 minutes, here. You can also try the Excel tasks used in last weekend's battle yourself, as the organizers (the Financial Modeling World Cup) made all three of them available to download.

An anonymous reader shares this report on The Switchblade, "an aircraft that doubles as a car."

It could be "just weeks away from getting its wheels off the ground after an inspection by America's Federal Aviation Administration determined that the vehicle is safe to fly: The project has been 14 years in the making, and Sam Bousfield, CEO of Samson Sky and inventor of the Switchblade, said he's "stoked" to reach this milestone. After passing the FAA inspection, his team wasted no time in beginning the high-speed taxi test. They were out on the taxiway the next day. "[The crew] took off their 'I'm doing R&D' and they put on their 'I am flight test' crew hat, and I think that really set the tone for everything after," Bousfield said. "So, we're in a different game now...."

Just like a pocket knife, the Switchblade's wings slip smoothly into the body of the vehicle with the touch of a button, allowing it to seamlessly transition from sky to air. Its tail also unfurls or retracts, depending on if it's being used to fly or drive. The idea is that the vehicle could be parked in a garage, driven to an airport, flown to a new destination, and then driven anywhere on the ground after it lands. When a trip is over, the user can fly it home or fly it elsewhere.
"The side windows (in the doors) will be power windows," noted a tweet Thursday on the car manufacturer's official Twitter feed @FlyingSportsCar.

And Maxim points out that The Switchblade can be flown at up to 200 mph and as high as 13,000 feet, "for up to 450 miles, with the 190-hp liquid-cooled three-cylinder powering the single propeller." On the ground, the Switchblade can achieve a brisk 125 mph, making it similar to "a little flying sports car," Bousfield added.

Before production begins, the Switchblade has more regulatory hurdles that flying cars will need to overcome. Owners will need a pilot's license and either a motorcycle or driver's license to operate it in both flight and ground modes, plus car/motorcycle and aircraft insurance. But for now, the FAA flight approval has inspired Bousfield to keep charging ahead....

It will be at least a few more years before civilians are flying their own Switchblades, which are expected to cost around $170,000. But anyone can join the 1,670 people who have reserved one free of charge.

Long-time Slashdot reader chicksdaddy writes: Printer maker Epson has programmed some models of its inkjet printers to "stop operating" at a pre-determined time, citing the risk of property damage linked to "ink spills," the Fight to Repair newsletter reports.

Epson printer owners have complained that their functioning printers have suddenly stopped working, displaying an error message declaring that a component of the printer has "reached the end of its service life" and that the device needs to be serviced. According to Epson's website, the message is linked to ink pads, which Epson describes as "porous pads in the printer that collect, distribute, and very importantly contain the ink that is not used on printed pages." Over time, these pads become saturated with ink though generally not "before the printer is replaced for other reasons" (??!)

"Like so many other products, all Epson consumer ink jet products have a finite life span due to component wear during normal use... The printers are designed to stop operating at the point where further use without replacing the ink pads could create risks of property damage from ink spills or safety issues related to excess ink contacting an electrical component," the company said on its website.

Rather than measure the saturation of the ink pads to determine when that point is reached, however, Epson appears to have programmed a counter on its printers that disables the device when a threshold has been reached. For printer owners who use Windows, Epson makes a reset utility that can reset the counter though it can "only be used once and will allow printing for a short period of time." For Mac users, or Windows users who have already run the reset utility once, Epson urges them to have the printer serviced by an Epson authorized service shop or — preferably — to replace the printer with a new printer. "Repair may not be a cost-effective option for lower-cost printers because other components may also be near the end of their usable life," the company said. Despite the company's claims about the unfixability of the ink pad issue, YouTube videos suggest that the ink pads are, in fact, simple to replace, as this video illustrates.

Some legal experts say that Epson's hard coding an end of life for its printers may be illegal — an example of "Deceptive trade practices," unless it is clearly disclosing the existence of the programmed end of life to consumers prior to purchase.
Here's how the Fight to Repair newsletter sees the situation. Epson "pushes its customers to throw away the entire, working printer unit simply because some sponges are saturated with ink.

"In doing so, the company amplifies our epidemic of e-waste and forces customers into an expensive and (as it turns out) unneeded upgrade."

Winamp, the premiere music player of the late 1990s and early 2000s that was acquired by Radionomy from AOL in 2014, has received a major new update for the first time in four years. An anonymous reader shares an excerpt from a report via Ars Technica: The release notes for Winamp 5.9 RC1 Build 1999 say that the update represents four years of work across two separate development teams, delayed in between by the COVID-19 pandemic. Most of the work done in this build focuses on behind-the-scenes work that modernizes the codebase, which means it still looks and acts like a turn-of-the-millennium Windows app. The entire project has been migrated from Microsoft Visual Studio 2008 to Visual Studio 2019, a wide range of audio codecs have been updated to more modern versions, and support for Windows 11 and https streams have both been improved.

The final release will be version 5.9, with some features targeted for release in version 5.9.1 "and beyond" (version 6.0 goes unmentioned). It requires Windows 7 SP1 or newer, dropping support for Windows XP. That said, in our limited testing the "new" Winamp is still in many ways an ancient app, one not made for the age of high-resolution, high-density displays. This may cause usability problems, depending on what you're trying to run it on. But hey, for all you people out there still trying to keep hope alive, it's nice to see something on Winamp.com that isn't a weird NFT project and a promise of updates yet to come.

Microsoft software engineer Stephen Hemminger has proposed removing the DECnet protocol handling code from the Linux kernel. The Register reports: The timing is ironic, as this comes just two weeks after VMS Software Inc announced that OpenVMS 9.2 was really ready this time... That announcement, of course, came some months after the first time it announced [PDF] version 9.2 [...]. The last maintainer of the DECnet code was Red Hat's Christine Caulfield, who flagged the code as orphaned in 2010. The change is unlikely to vastly inconvenience many people: VMS is the last even slightly mainstream OS that used DECnet, and VMS has supported TCP/IP for a long time. Indeed, for decades, the oldest email in this reporter's "sent" folder was a 1993 enquiry about the freeware CMUIP stack for VMS.

One of the easier ways to bootstrap VMS on an elderly VAX these days is to install it on the SimH VAX hardware simulator, and then net-boot the real VAX from the simulated one. Anyone keen enough to do that will be competent to run an older version of Linux just for the purpose. Although their existence is rapidly being forgotten today, TCP/IP is not the only network protocol around, and as late as the mid-1990s it wasn't even the dominant one. The Linux kernel used to support multiple network protocols, but they are disappearing fast. [...] For a long time, DECnet was a significant network protocol. DEC supplied a client stack called PathWorks to let DOS, Windows and Mac clients connect to VAX servers, not only for file and print, but also terminal connections and X.11. Whole worldwide WANs ran over DECnet, and as a teenage student, your correspondent enjoyed exploring them.

Spain has announced new energy-saving measures, including limits on air conditioning and heating temperatures in public and large commercial buildings, as it becomes the latest European country to seek to reduce its energy consumption and its dependence on Russian oil and gas. From a report: Under a decree that comes into effect in seven days' time and applies to public buildings, shopping centres, cinemas, theatres, rail stations and airports, heating should not be set above 19C (66.2F) and air conditioning should not be set below 27C (80.6F). Doors will need to be closed so as not to waste energy, and lights in shop windows must be switched off after 10pm. The premises in question will be required to display signs or screens that explain the energy-saving initiatives. Although Spain is not as dependent on Russian energy supplies as many other EU countries, it has agreed to a 7-8% reduction in gas use. The measures, which were published in Tuesday's edition of the official state gazette, will remain in force until November 2023. "[This] lays out a series of measures to save energy and use it more efficiently, which are urgent and necessary when it comes to reducing energy consumption in general, and reducing our dependence on energy outside the Spanish economy," the decree said.

Long-time Slashdot reader tsu doh nimh writes: 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations, KrebsOnSecurity reports.
From the article: "On July 28th, a large number of users reported that they could not log in the system," the statement continues. "We found that the data on the server was maliciously damaged by the hacker, resulting in the loss of data and backups. Its [sic] confirmed that the recharge system was also hacked the same way. We were forced to make this difficult decision due to the loss of important data that made the service unrecoverable."

Operated largely out of China, 911 was an enormously popular service across many cybercrime forums, and it became something akin to critical infrastructure for this community after two of 911's longtime competitors — malware-based proxy services VIP72 and LuxSock — closed their doors in the past year...

911 wasn't the only major proxy provider disclosing a breach this week tied to unauthenticated APIs: On July 28, KrebsOnSecurity reported that internal APIs exposed to the web had leaked the customer database for Microleaves, a proxy service that rotates its customers' IP addresses every five to ten minutes. That investigation showed Microleaves — like 911 — had a long history of using pay-per-install schemes to spread its proxy software.

Longtime Slashdot reader HnT shares a report from Ars Technica: Microsoft said on Wednesday that an Austria-based company named DSIRF used multiple Windows and Adobe Reader zero-days to hack organizations located in Europe and Central America. Members of the Microsoft Threat Intelligence Center, or MSTIC, said they have found Subzero malware infections spread through a variety of methods, including the exploitation of what at the time were Windows and Adobe Reader zero-days, meaning the attackers knew of the vulnerabilities before Microsoft and Adobe did. Targets of the attacks observed to date include law firms, banks, and strategic consultancies in countries such as Austria, the UK, and Panama, although those aren't necessarily the countries in which the DSIRF customers who paid for the attack resided.

"MSTIC has found multiple links between DSIRF and the exploits and malware used in these attacks," Microsoft researchers wrote. "These include command-and-control infrastructure used by the malware directly linking to DSIRF, a DSIRF-associated GitHub account being used in one attack, a code signing certificate issued to DSIRF being used to sign an exploit, and other open source news reports attributing Subzero to DSIRF." Referring to DSIRF using the work KNOTWEED, Microsoft researchers wrote: In May 2022, MSTIC found an Adobe Reader remote code execution (RCE) and a 0-day Windows privilege escalation exploit chain being used in an attack that led to the deployment of Subzero. The exploits were packaged into a PDF document that was sent to the victim via email. Microsoft was not able to acquire the PDF or Adobe Reader RCE portion of the exploit chain, but the victim's Adobe Reader version was released in January 2022, meaning that the exploit used was either a 1-day exploit developed between January and May, or a 0-day exploit. Based on KNOTWEED's extensive use of other 0-days, we assess with medium confidence that the Adobe Reader RCE is a 0-day exploit. The Windows exploit was analyzed by MSRC, found to be a 0-day exploit, and then patched in July 2022 as CVE-2022-22047. Interestingly, there were indications in the Windows exploit code that it was also designed to be used from Chromium-based browsers, although we've seen no evidence of browser-based attacks.

The CVE-2022-22047 vulnerability is related to an issue with activation context caching in the Client Server Run-Time Subsystem (CSRSS) on Windows. At a high level, the vulnerability could enable an attacker to provide a crafted assembly manifest, which would create a malicious activation context in the activation context cache, for an arbitrary process. This cached context is used the next time the process spawned.

CVE-2022-22047 was used in KNOTWEED related attacks for privilege escalation. The vulnerability also provided the ability to escape sandboxes (with some caveats, as discussed below) and achieve system-level code execution. The exploit chain starts with writing a malicious DLL to disk from the sandboxed Adobe Reader renderer process. The CVE-2022-22047 exploit was then used to target a system process by providing an application manifest with an undocumented attribute that specified the path of the malicious DLL. Then, when the system process next spawned, the attribute in the malicious activation context was used, the malicious DLL was loaded from the given path, and system-level code execution was achieved. Microsoft recommends a number of security considerations to help mitigate this attack, including patching CVE-2022-22047, updating Microsoft Defender Antivirus to update 1.371.503.0 or later, and enabling multifactor authentication (MFA).

Google was originally planning to get rid of third-party cookies in its browser by 2022, but that was later pushed back to 2023. That cookies deadline for Chrome is now being delayed to 2024. From a report: The Privacy Sandbox is Google's initiative to replace third-party cookies -- as well as cross-site tracking identifiers, fingerprinting, and other covert techniques -- once privacy-conscious alternatives are in place. Since then, Google has been working on new technologies for the past few years and more recently released trials in Chrome for developers to test. Citing "consistent feedback" from partners, Google is "expanding the testing windows for the Privacy Sandbox APIs before we disable third-party cookies in Chrome," with that phase out now set to begin in the second half of 2024.

The source code for an information-stealing malware coded in Rust has been released for free on hacking forums, with security analysts already reporting that the malware is actively used in attacks. BleepingComputer reports: The malware, which the author claims to have developed in just six hours, is quite stealthy, with VirusTotal returning a detection rate of around 22%. As the info-stealer is written in Rust, a cross-platform language, it allows threat actors to target multiple operating systems. However, in its current form, the new info-stealer only targets Windows operating systems.

Analysts at cybersecurity firm Cyble, who sampled the new info-stealer and named it "Luca Stealer," report that the malware comes with standard capabilities for this type of malware. When executed, the malware attempts to steal data from thirty Chromium-based web browsers, where it will steal stored credit cards, login credentials, and cookies. The stealer also targets a range of "cold" cryptocurrency and "hot" wallet browser addons, Steam accounts, Discord tokens, Ubisoft Play, and more. Where Luca Stealer stands out against other info-stealers is the focus on password manager browser addons, stealing the locally stored data for 17 applications of this kind. In addition to targeting applications, Luca also captures screenshots and saves them as a .png file, and performs a "whoami" to profile the host system and send the details to its operators.

The New York Times' product-recommendation service "Wirecutter" has sparked widening criticism about how laptops are reviewed. The technology/Apple blog Daring Fireball first complained that they "institutionally fetishize price over quality". That makes it all the more baffling that their recommended "Best Laptop" — not best Windows laptop, but best laptop, full stop — is a Dell XPS 13 that costs $1,340 but is slower and gets worse battery life (and has a lower-resolution display) than their "best Mac laptop", the $1,000 M1 MacBook Air.
Technically Dell's product won in a category titled "For most people: The best ultrabook" (and Wikipedia points out that ultrabook is, after all, "a marketing term, originated and trademarked by Intel.") But this leads blogger Jack Wellborn to an even larger question: why exactly do reviewers refuse to do a comparison between Wintel laptops and Apple's MacBooks? Is it that reviewers don't think they could fairly compare x86 and ARM laptops? It seems easy enough to me. Are they afraid that constantly showing MacBooks outperforming Wintel laptops will give the impression that they are in the bag for Apple? I don't see why. Facts are facts, and a lot of people need or want to buy a Windows laptop regardless. I can't help but wonder if, in the minds of many reviewers, MacBooks were PCs so long as they used Intel, and therefore they stopped being PCs once Apple switched to using their own silicon.
Saturday Daring Fireball responded with their own assessment. "Reviewers at ostensibly neutral publications are afraid that reiterating the plain truth about x86 vs. Apple silicon — that Apple silicon wins handily in both performance and efficiency — is not going to be popular with a large segment of their audience. Apple silicon is a profoundly inconvenient truth for many computer enthusiasts who do not like Macs, so they've gone into denial..."

Both bloggers cite as an example this review of Microsoft's Surface Laptop Go 2, which does begin by criticizing the device's old processor, its un-backlit keyboard, its small selection of ports, and its low-resolution touchscreen. But it ultimately concludes "Microsoft gets most of the important things right here, and there's no laptop in this price range that doesn't come with some kind of trade-off...." A crime of omission — or is the key phrase "in this price range"? (Which gets back to Daring Fireball's original complaint about "fetishizing price over quality.") Are Apple's new Silicon-powered laptops sometimes being left out of comparisons because they're more expensive?

In an update, Wellborn acknowledges that this alleged refusal-to-compare apparently actually precedes Apple's launch of its M1 chip. But he argues that now it's more important than ever to begin making those comparisons: It's a choice between a hot and noisy and/or slow PC laptop running Windows and a cool, silent, and fast MacBook. Most buyers don't know that choice now exists, and it's the reviewer's job to educate them. Excluding MacBooks from consideration does those buyers a considerable disservice.

"Google has released security updates for Google Chrome browser for Windows, Mac and Linux, addressing vulnerabilities that could allow a remote attacker to take control of systems," reports ZDNet: There are 11 fixes in total, including five that are classed as high-severity. As a result, CISA has issued an alert encouraging IT administrators and regular users to install the updates as soon as possible to ensure their systems are not vulnerable to the flaws.

Among the most severe vulnerabilities that are patched by the Google Chrome update is CVE-2022-2477, a vulnerability caused by a use-after-free flaw in Guest View, which could allow a remote attacker to execute arbitrary code on systems or crash them... Another of the vulnerabilities, CVE-2022-2480, relates to a use-after-free flaw in the Service Worker API, which which acts as a proxy server that sit between web applications, the browser and the network in order to improve offline experiences, among other things.

ZDNet reports: Microsoft is rolling out a new security default for Windows 11 that will go a long way to preventing ransomware attacks that begin with password-guessing attacks and compromised credentials. The new account security default on account credentials should help thwart ransomware attacks that are initiated after using compromised credentials or brute-force password attacks to access remote desktop protocol (RDP) endpoints, which are often exposed on the internet.

RDP remains the top method for initial access in ransomware deployments, with groups specializing in compromising RDP endpoints and selling them to others for access.

The new feature is rolling out to Windows 11 in a recent Insider test build, but the feature is also being backported to Windows 10 desktop and server, according to Dave Weston, vice president of OS Security and Enterprise at Microsoft. "Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder which is awesome!," Weston tweeted.

Weston emphasized "default" because the policy is already an option in Windows 10 but isn't enabled by default. That's big news and is a parallel to Microsoft's default block on internet macros in Office on Windows devices, which is also a major avenue for malware attacks on Windows systems through email attachments and links.... The defaults will be visible in the Windows Local Computer Policy directory "Account Lockout Policy".

The default "account lockout duration" is 10 minutes; the "account lockout threshold" is set to a maximum of 10 invalid logon attempts; a setting to "allow administrator account lockout" is enabled; and the "reset account lockout counter after" setting is set to 10 minutes.

The Canadian town of St. Marys, Ontario, has been hit by a ransomware attack that has locked staff out of internal systems and encrypted data. The Verge reports: The small town of around 7,500 residents seems to be the latest target of the notorious LockBit ransomware group. On July 22nd, a post on LockBit's dark web site listed townofstmarys.com as a victim of the ransomware and previewed files that had been stolen and encrypted. In a phone call, St. Marys Mayor Al Strathdee told The Verge that the town was responding to the attack with the help of a team of experts. "To be honest, we're in somewhat of a state of shock," Strathdee said. "It's not a good feeling to be targeted, but the experts we've hired have identified what the threat is and are walking us through how to respond. Police are interested and have dedicated resources to the case ... there are people here working on it 24/7."

Strathdee said that after systems were locked, the town had received a ransom demand from the LockBit ransomware gang but had not paid anything to date. In general, the Canadian government's cybersecurity guidance discouraged the paying of ransoms, Strathdee said, but the town would follow the incident team's advice on how to engage further. Screenshots shared on the LockBit site show the file structure of a Windows operating system, containing directories corresponding to municipal operations like finance, health and safety, sewage treatment, property files, and public works. Per LockBit's standard operating methods, the town was given a deadline by which to pay to have their systems unlocked or else see the data published online. The LockBit group has been responsible for 50 ransomware incidents in June 2022, "making it the most prolific global ransomware group," notes The Verge.

"In fact, St. Marys is the second small town to be targeted by LockBit in the space of just over a week: on July 14th, LockBit listed data from the town of Frederick, Colorado (population 15,000) as having been hacked, a claim that is currently under investigation by town officials."

We appear to be entering a period of Windows' development where we can expect new features and tweaks to come to the operating system several times a year. To that end, Microsoft continues to add, remove, and generally experiment with Windows 11's features and user interface via its Insider Preview channels. From a report: The most interesting addition we've seen in a while is rolling out to users on the experimental Dev Channel now: a modified version of the taskbar with much-improved handling of app icon overflow when users have too many apps open at once. Click an ellipsis button on your taskbar, and a new icon overflow menu opens up, allowing you to interact with any of those extra icons the same way you would if they were sitting on the taskbar. This would be a big improvement over the current overflow behavior, which devotes one icon's worth of space to show the icon for the app you last interacted with, leaving the rest inaccessible. That icon will continue to appear on the taskbar alongside the new ellipsis icon. Microsoft says that app icons in the overflow area will be able to show jump lists and other customizable shortcuts the same as any other app icon in the taskbar.

Microsoft is eliminating many open jobs, including in its Azure cloud business and its security software unit, as the economy continues to weaken. From a report: These hiring cuts will continue for the foreseeable future, Microsoft said, while declining to comment on which departments and businesses are affected. The company said it is honoring job offers that have already been made for open roles and will make some exceptions for critical jobs.

It's an expansion of a hiring slowdown disclosed in May, which mostly affected its Windows, Office and Teams groups. In June, Insider also reported cuts to new headcount in the security business. The latest slowdown, which was communicated by executives in the groups to their teams, impacts the company's cloud crown jewels -- a key source of growth and investor scrutiny -- as well as a newer priority area in security.

Microsoft is shifting to a new engineering schedule for Windows which will see the company return to a more traditional three-year release cycle for major versions of the Windows client, while simultaneously increasing the output of new features shipping to the current version of Windows on the market. Zac Bowden writes via Windows Central: The news comes just a year after the company announced it was moving to a yearly release cadence for new versions of Windows. According to my sources, Microsoft now intends to ship "major" versions of the Windows client every three years, with the next release currently scheduled for 2024, three years after Windows 11 shipped in 2021. This means that the originally planned 2023 client release of Windows (codenamed Sun Valley 3) has been scrapped, but that's not the end of the story. I'm told that with the move to this new development schedule, Microsoft is also planning to increase the output of new features rolling out to users on the latest version of Windows.

Starting with Windows 11 version 22H2 (Sun Valley 2), Microsoft is kicking off a new "Moments" engineering effort which is designed to allow the company to rollout new features and experiences at key points throughout the year, outside of major OS releases. I hear the company intends to ship new features to the in-market version of Windows every few months, up to four times a year, starting in 2023. Microsoft has already tested this system with the rollout of the Taskbar weather button on Windows 11 earlier this year. That same approach will be used for these Moments, where the company will group together a handful of new features that have been in testing with Insiders and roll them out to everyone on top the latest shipping release of Windows. Many of the features that were planned for the now-scrapped Sun Valley 3 client release will ship as part of one of these Moments on top of Sun Valley 2, instead of in a dedicated new release of the Windows client in the fall of 2023.