Microsoft made the announcement at the annual Build Developer Conference 2015. Edge will replace Internet Explorer as the default browser of Windows 10 PCs, smartphones and tablets. It's not surprising that the nickname "Edge" is based on the new rendering engine that Microsoft is using for its Windows 10 browser which is called EdgeHTML.
Joe Belfiore, the Corporate Vice President, Operating Systems Group at Microsoft also said that the name was referred to the idea of Microsoft being on the edge of consuming and creating.
Microsoft Edge is designed to be a lightweight web browser with a layout engine built around web standards that is created for interoperability with the contemporary web.
The browser's new logo appears to be similar to the Internet Explorer's logo. However, the directions of the swirls have been changed and the color is a bit darker.
Microsoft Edge consists of unique features such as the ability to annotate on web pages, modern and futuristic design for new tabs which appear to have a flat design concept, jotting down notes or draw on top of web pages for a great way of reading and consuming content, favorites folder built into the browser, thumbnails of frequently visited websites, web applications and further integration with digital assistant Cortana to offer more personalized results and actions.
Developers will be able to carry their Chrome extensions or Firefox add-ons with just a couple of changes to Microsoft Edge.
Microsoft Edge also enables users to engage with sites and provide them a chance at starting to write some web code, which they may put into an application through web extensions built into the web browser.
Stay tuned on The Corliss Tech Review Group blog for more updates.
According to a Corliss Tech Review Group report, Google has used its gigantic power as a search engine to redirect internet users from rivals to its own services, which include YouTube and its own social network Google+.
Expedia, Microsoft, and TripAdvisor, which are Google’s competitors, declare that its way of promoting its own companies above rivals on its search engine stops them from contending on a level playing field.
Insiders claim the case could prove just as costly as the EU's decade-long battle with Microsoft, which ultimately cost the company £1.6 billion in fines.
If Google fails to rebut any formal charges imposed by Brussels, the commission could impose a huge fine which could exceed £4 billion which is about 10% of Google's most recent annual revenue.
More than twenty four European organizations have filed antitrust complaints against Google. Many are from powerful publishing groups and online firms in Germany.
They have previously requested to force Google to stop blocking competition in sections like online maps, travel and shopping services.
Moreover, lawyers from France also requested for Google to reveal its secret formula for ranking websites but Google argues such transparency would expose its business secrets to rivals and leave the search engine vulnerable to spam.
In accusing Google of anti-competitive practices against rival shopping sites, the EU competition authority said it is continuing to investigate other areas, including alleged "web scraping" to copy content off of rival travel and local business review sites, and Google's restrictive practices on advertising.
EU will be likely to probe Google’s operating mobile operating system Android.
The investigation will center on whether Google has entered into anti-competitive agreements or abused a possible dominant position in the field of operating systems, applications and services for smart mobile devices.
Google has given 10 weeks to reply and they will also get the chance to argue their case in a formal hearing. But if it finds the company in the wrong then it would face the legal consequences and must change the way it does business in Europe.
The competition commissioner also claims that Smartphones, tablets and similar devices play an increasing role in many people's daily lives, and she wants to make sure the markets in the area can flourish without anti-competitive restrictions inflicted by some company.
The banking sector has been a frequent target for hackers nowadays. As much as US$1 billion were stolen from banks and other financial companies worldwide in about two years, wherein it is considered as one of the biggest banking breaches known, by a multinational gang of cybercriminals dubbed as the "Carbanak gang" originating from Russia, Ukraine, and other parts of Europe as well as from China.
The gang targeted banks, electronic payment systems, and other financial institutions worldwide with the majority of the targets in Russia, USA, Germany, China and Ukraine. They already infiltrated more than 100 banks in 30 countries, stealing as much as $10 million in each raid.
Kaspersky Lab and authorities from different countries had combine efforts to uncover how the criminals act. On average, each bank cyber robbery took between two and four months from infecting the first computer at the bank's corporate network to cashing the money out.
The cybercriminals used Carbanak malware to infect the bank's network giving them access to the employees' computers, and letting them see and record everything that happened on the screens of staff who service the cash transfer systems. This way the fraudsters got to know every last detail of the bankers work that show them how to mimic the staff to transfer the money and cash out.
Once the time came to exploit on their activities, the fraudsters used online banking or international e-payment systems to transfer money to their accounts. In the second case, the stolen money was transferred to banks in China and the US.
In other cases, cybercriminals penetrated right into the very center of the accounting systems, inflating account balances before getting the extra money through a counterfeit transaction. For instance, the account has $1,000 and the criminals can change its value to $10,000 and then transfer $9,000 to themselves. The account holder doesn't suspect a problem because the original $1,000 dollars is still there.
In addition, the cybercriminals can also take control of banks' ATMs and order them to dispense cash at a specific time. When the payment was due, one of the gang's underlings was waiting next to the machine to collect the 'voluntary' payment.
Kaspersky did not identify the banks affected by the attacks because of a confidentiality agreement. They are still working with law-enforcement organizations to investigate the attacks.
Research says that the first malicious samples were compiled in August 2013 when the cybercriminals began to test the Carbanak malware and the first infections were detected in December 2013. The gang was believed to successfully steal from their first victims during the period of February to April 2014. The peak of infections was recorded in June 2014.
However the campaign is still currently active. Kaspersky urge all financial organizations to carefully scan the network for presence of Carbanak malware and if detected, report the intrusion to law enforcement.
Android has long been seen as vulnerable to malware because it is an open platform and several devices run older versions of the mobile operating system. Android is also one of the world’s most popular mobile platform where it powers hundreds of millions of mobile devices in more than 190 countries worldwide, but its popularity has also made it a magnet for malwares based on Corliss Tech Review Group.
In the past year, Google claims that malware infections on Android devices have been reduced in half after notable developments and security upgrades for mobile phones such as improved encryption and better detection tools for malware.
According to a blog post of Google’s chief security engineer, Adrian Ludwig, the overall worldwide percentage of possibly harmful applications installed are decreased by almost fifty percent during the first and the fourth quarter of the year. Android devices in use worldwide which are over 1 billion have their devices protected by security through Google Play wherein it conducts two hundred million security scans every day and less than 1% of the devices had potentially harmful applications installed in 2014.
Google also states that the rate of possibly malicious applications installed on devices which only use Google Play apps was less than 0.15%.
Ludwig also ensured that Android is a safe place and they are still making improvements to enhance protections for Android devices wherein they are being more hands-on in reviewing applications for all types of policy violations within Google Play and they have also increased their efforts to increase security for specific higher-risk devices and regions outside of Google Play.
“Many of these evolutionary or revolutionary changes have been driven by convenience and ease of use, and often accepting a certain amount of risk,” says Amit Mital, chief technology officer of security firm Symantec.
Making the purchase of goods more secure is a priority for retailers, banks and payment companies. In the US, where payment card technology is less sophisticated than in
Europe, retailers have recently been hit by massive data breaches, in which hackers have been able to steal tens of millions of customers’ card and personal data.
The highest-profile technology to hit the market is Apple Pay, which works with the iPhone 6s. It lets shoppers store their credit card information on their iPhone and pay for goods by tapping the phone on an in-store receiver.
Because of a technology called “tokenisation” experts say it is more secure than current card systems.
With tokenisation, merchants receive data that obscures the shopper’s actual credit card number, reducing the chance that hackers can steal usable data from merchants’
internal systems. Because iPhones use fingerprint recognition to verify shoppers’ identity, it is also nearly impossible for a thief to steal an iPhone and make a purchase.
“We do not see any concern on our side in terms of security,” says Thierry Denis, president in North America for Ingenico, a manufacturer of credit card readers.
But there is a catch. In the first few months after Apple Pay’s launch last year, thieves have been able to take stolen credit cards, load them on to iPhones, and go shopping. They have not compromised the technology, but
have got through the banks’ processes for checking — during the Apple Pay set-up — that the customer adding the card to his or her phone is the card’s real owner.
That fraud started showing up within a month of Apple Pay’s launch last year, with the level of fraud seen through the set-up far higher than that seen typically seen in credit cards, according to Cherian Abraham, a payments
analyst who wrote one of the first blog posts to call attention to the issue. Given Apple’s sophisticated technology, the fraud was a “surprise to all”, he wrote.
Mr Mital of Symantec said the recent incidents of fraud on Apple Pay were “more of a failure in process than in technology”.
Joe Majka, chief security officer of Verifone, a manufacturer of point of sale terminals where shoppers swipe their cards, says that better encryption on such devices could be a security “game changer”, if widely adopted.
Like tokenisation, encryption means that hackers cannot make as much use of data they might steal if they are able to get into a retailer’s network.
Retailers have been slow to adopt such encrypted systems for various reasons. Regulations in the US are changing later this year and retailers will soon be responsible for the cost of fraud if they do not accept chip-and-pin
cards, which make transactions more secure than when users just swipe their card.
But small retailers do not often see fraudulent purchases and so may be reluctant to spend on upgrading, without realising that their older systems mean they could be giving hackers a way to steal their customers’ data, says Mr Majka.
For larger retailers, making the shift takes work.
“When you talk to merchants and [payment] processors,” says Mr Majka, “there are so many changes in their systems, in their coding, that have to be made to accommodate an encrypted transaction.”
Other innovations featuring purely digital mobile payments via apps also face risks.
Cash-transfer app Venmo, which is owned by PayPal, recently faced media reports highlighting how hackers could access the app to transfer money to themselves.
Venmo has since added better email notifications and is adding multi-factor authentication to make logging in more secure. But the fact that this was already standard on services such as Gmail underlines how companies do
not always use the most secure solutions available on the market.
Similarly, while US banks have been rolling out the more secure chip-and-pin cards for many months in anticipation of the regulatory changes this year, they are not yet available to all consumers.
Mr Majka of Verifone replaced his card recently and wanted a chip card. His bank, however, said he would have to wait. “It’s a little disappointing,” he says.
Online theft is huge, and it only seems to be getting worse. Hardly a week goes by without some story about hackers penetrating a computer system somewhere. Corporations, individuals, even White House servers were hacked last week. I sometimes wonder just how difficult it is for a determined bad guy to access grandma’s checking account or your neighbor’s IRA and grab those assets.
I am not the only one thinking about this. New York State Department of Financial Services issued a report on cybersecurity in the banking sector, where more than 150 organizations rely on third-party service providers for critical banking functions. The regulators want the banks to tighten security.
So should you.
We spend most of our time in financial markets looking at ways to deploy our capital: What assets to buy or sell, how much we should save for retirement, whether we should own more of these stocks and less of those bonds.
We don’t spend so much time thinking about the ways we can lose that money — to fraud and to common theft. We should be more vigilant, especially as we move our lives online, with digital access to our checking and savings accounts, our online portfolios, even our taxes.
It is impossible to make yourself hack-proof, but you can make yourself less vulnerable.
It all starts with some common-sense security steps. Three ways you probably can improve your existing practices: Develop better e-mail habits, beef up password security and (as always) remember that your behavior is the root of most of your problems.
Get your e-mail act together
Every day, your inbox fills with all manner of junk. Some of it is merely time-wasting nonsense, but let’s not forget about the really dangerous stuff: phishing schemes, malicious viruses and malware. It seems the only reprieve we get are those rare occasions when the main servers in Russia — a.k.a. Spambot Central — gets temporarily knocked off-line.
It’s more than a huge productivity killer, it’s a financial hazard. That $100 billion a year we mentioned above comes out of everyone’s pockets. Even if you have not been hacked, you are paying for it in some way. Banking costs are higher as financial firms spend hundreds of millions of dollars a year on security.
People have tried a variety of ways to tackle this: Filters, whitelists, e-mail verifiers and trusted ID services; disposable e-mail addresses from sites such as Mailinator; “junk” e-mail addresses from Hotmail, Yahoo or Google. And still the danger keeps coming.
I have a few tricks I use to keep the really nasty stuff under control, such as:
●View e-mail as plain text.
All of the bad links, embedded viruses and other malware go away when you select “view as plain text.” Sure, you lose all of the graphics and links, but you lose the threats as well.
●Create a primary e-mail address.
This is your main address — for colleagues, clients and peers. Never share this e-mail address. Don’t subscribe to anything using this address — no Internet mailing lists, no subscriptions, nada. Use this address alone for your finance- and business-related e-mails. Anything unrelated is junk; treat it that way. Block the domains of senders. Mark junk mail as junk.
●Use an e-mail forwarder.
I have been a big fan of Leemail.me. Instead of giving out my e-mail address, I use Leemail to auto-generate an address whenever I want to share my e-mail with an unfamiliar company. It forwards my e-mail from the company to me. When I want to shut that sender off, I flick a button.
Tracking the companies that share or sell your e-mail address is invaluable. The basic version of Leemail is, astonishingly, free, and the upgrade is only a few bucks a year.
●Don’t hit “unsubscribe”; get blacklisted instead.
There are a number of companies that provide e-mail services to third parties, shops such as Constant Contact, Vertical Response and iContact. They are the middlemen between businesses and consumers. And while they claim to be “opt-in only” and not spammers, in truth, they are subject to whatever bad behaviors their clients engage in. They all have become legal quasi-spammers.
On every e-mail these companies send, there is an unsubscribe button. NEVER CLICK THAT. When you do, you are not unsubscribing. Rather, you are verifying that your e-mail address is legitimate.
Instead, go to the company Web site and track down the customer service number. Call customer service and insist on having your e-mail or domain “blacklisted.” Thats the only way to ensure you will truly be unsubscribed. If the company refuses, file a Federal Trade Commission complaint.
If you were like I was five years ago, you had one simple password that you used for everything — Amazon, Facebook, Wall Street Journal — everywhere. This could’ve been disastrous. Now all passwords are different. Avoid the common errors, such as using birthdays or your kids’ names. Never use sequential numbers. And for goodness sake, don’t use “password” as your actual password.
Put all of your passwords on a document named something other than “My passwords.” I find burying passwords somewhere in a spreadsheet to be useful. Print out a copy and place it in your safety deposit box with other important papers.
Your biggest risk? You.
I have said all too often that when it comes to investing, people are their own worst enemy. Behavioral problems are rife in security as well. Get into the practice of thinking about security, and soon it becomes second nature.
The Securities and Exchange Commission has gotten much more serious about personal financial data security. They have informed advisers and brokers that there is a duty to protect client data. When we set up our wealth-management practice, we put into place specific policies and procedures to protect clients:
● All sensitive information is sent by secure e-mail using a third party for encryption.
● We never e-mail Social Security numbers or account numbers or other private data via regular email.
● We went totally paperless. Our file cabinets are empty, everything is cloud based.
● Any documents that arrive are shredded, so even our outgoing garbage is secure with nothing usable to a thief.
Most of this is common sense. However, many people are still vulnerable. With smarts and a bit of awareness, you can make your financial assets much more secure.
Financial services and technology law expert Angus McFadyen of Pinsent Masons, the law firm behind Out-Law.com, said that regulators in both the US and Europe are increasingly interested in what financial services companies are doing to address cyber security threats.
McFadyen was commenting after the New York State Department of Financial Services (NYDFS) announced its intention to introduce new regulations "strengthening cyber security standards for banks' third-party vendors" in the "coming weeks".
The announcement was made as it revealed that fewer than half of the banks it surveyed said they do not "conduct any on-site assessments" of "high-risk" suppliers, such as data processing companies and other suppliers that typically have access to "sensitive bank or customer data".
The NYDFS report (7-page / 313KB PDF) also said that only about 30% of the banks surveyed "require their third-party vendors to notify them in the event of an information security breach or other cyber security breach".
A fifth of the banks do not require suppliers to set "minimum information security requirements", whilst of those that do only a third "require those information security requirements to be extended to subcontractors of the third-party vendors", it said.
"A bank's cyber security is often only as good as the cyber security of its vendors," Benjamin Lawsky, superintendent of financial services at the NYDFS, said. "Unfortunately, those third-party firms can provide a backdoor entrance to hackers who are seeking to steal sensitive bank customer data. We will move forward quickly, together with the banks we regulate, to address this urgent matter."
McFadyen said that although "security is a growing concern on both sides of the Atlantic" the action proposed by the NYDFS is "the most forthright we’ve seen".
"European regulators are also actively looking at security," McFadyen said. "We’ve seen new rules around payment security come out of Europe and the Financial Conduct Authority’s (FCA's) own guidance on bank outsourcing touches on its importance. Security measures are rarely perfect, as we’ve seen with the takedown of the French TV channel TV5Monde, but the risks presented by a compromise in the sector are growing as we are increasingly digitising financial services."
McFadyen pointed to a recent announcement by the FCA on the implementation of new internet payments security guidelines in the UK as highlighting the regulatory focus there is on cyber security.
The FCA has said it will incorporate the new guidelines into its "supervisory framework" at the same time as the new EU Payment Services Directive (PSD2), which is still being negotiated, is transposed into UK law. The internet payment security guidelines were finalised late last year by the European Banking Authority (EBA).
"We are fully supportive of the objectives behind the guidelines and agree with the importance of consumers being protected against fraud when making payments online," the FCA said. "Ensuring the security of payments and the protection of sensitive customer data is a critical part of the infrastructure of robust payment systems."
"Many firms already have in place measures for strong customer authentication, and we would remind payment service providers of their responsibility to ensure consumers’ payments are safe and secure. We will be incorporating the detail of the requirements of the guidelines into our supervisory framework in line with the revised Payment Services Directive (PSD2) transposition timeline," it said.
Facebook is launching a social network for cyber security professionals to share information about threats that could lead to cyber attacks, as the US government and companies search for new ways to co-ordinate their defences.
The world’s largest social network is stepping up its work in cyber security by teaming with other technology companies including Yahoo and online scrapbooking site Pinterest. The platform will enable companies to share clues about how hackers are behaving in the hope of preventing security breaches.
As cyber attacks hit companies from Sony Pictures to health insurer Anthem, the private and public sector are under pressure to work together to understand their adversaries. Hackers join forces and share tips to break into networks but so far, communication about cyber defence has often been haphazard.
Mark Hammel, Facebook’s manager of threat infrastructure, said ThreatExchange had been developed from a system that Facebook was already using internally to make it easier to catalogue threats to the site in real time.
Facebook’s decision to share the tool comes at a time when the company is trying to broaden its appeal beyond social interactions with friends and family and make the product a tool that is useful in the workplace. The company is also trying out a site and app called Facebook at Work, designed to facilitate internal collaboration between colleagues.
Mr Hammel said Facebook would give the cyber security service away for free, unlike some other threat detection systems.
“We feel that as our product’s footprint has grown, with the number of people using it to communicate, we have the ability to spend more time on broader security issues that affect the internet,” he said. He added Facebook was “really well positioned” with its “social sharing model” to direct a threat project such as this.
He added that Yahoo and Pinterest were good initial partners because they faced similar threats and had sizeable user bases. “Together, we’re protecting a pretty sizeable percentage of the internet,” he said.
The ThreatExchange comes after Barack Obama, US president, put information sharing at the heart of his cyber security proposals announced ahead of the State of the Union speech last month. He proposed legislation that would make it easier for companies to share information about cyber threats with the government.
The US government announced this week that it would be establishing a new agency, modelled on the National Counterterrorism Center with the aim of bringing together information from all arms of government during a cyber incident.
Mr Obama is expected to flesh out those proposals at a White House summit held at Stanford University on Friday, while appealing to the technology industry to do more to help.
The financial industry already leads the way in sharing information. The Financial Services Information Sharing and Analysis Center — known as FS-ISAC — joined the Depository Trust and Clearing Corporation, the post-trade services provider, last September to launch the first widespread not-for-profit intelligence service. The project is funded by 12 large companies from sectors including finance, energy and healthcare.
But many analysts say information sharing is a key challenge for cyber defences. Last year saw a steep acceleration in attacks on businesses. These included the largest ever breach of personal data at a retailer at Home Depot, as well as the attack on Sony Pictures that the FBI has said was orchestrated by North Korea.
President Barack Obama will convene top executives from Silicon Valley, Wall Street, and a number of other industries on Friday in a first-of-its kind cybersecurity “summit” taking place as the government and corporate executives each struggle to adjust to persistent and sophisticated breaches.
Mr. Obama will be joined at the Stanford University event by top officials at the Department of Homeland Security, U.S. Secret Service, and Federal Bureau of Investigation. The officials will call on companies to share more information with the government in an effort to combat future cyberattacks, a plea officials have made for months with limited success.
Mr. Obama’s presence at the event has drawn what has emerged as a Who’s Who of corporate leaders, reflecting a growing acknowledgment that many companies need to rethink their cyberdefenses.
Apple Inc. Chief Executive Tim Cook will deliver remarks about his company’s push toward a more secure payment system, a theme the White House is expected to try to reinforce for other companies throughout the event.
An Apple spokeswoman confirmed that Mr. Cook will be speaking at the summit. He is expected to focus on Apple’s experience with mobile payments. Apple introduced Apple Pay in October, touting a security feature aimed at reducing the chances of credit-card theft.
Mr. Cook will be joined at Stanford on Friday by the CEOs of Bank of America Corp., U.S. Bancorp, American Express, Kaiser Permanente, Visa Inc., MasterCard Inc., and PayPal who also will speak on panels at the daylong event, along with representatives from Facebook Inc., Google, Intel Corp., and a numerous other companies.
Input from these executives is notable, as they collectively hold health, financial, search-engine, and social-media records on tens of millions of Americans. A number of the firms, particularly the technology companies, have sparred with the federal government over privacy concerns in recent years.
To acknowledge those concerns, the White House is expected to make privacy a central theme at the summit, in addition to consumer protection and cybersecurity techniques.
In addition to remarks from Messrs. Obama and Cook, the seven-hour event will include multiple panel sessions, including separate discussions of public-private collaboration, consumer protection, and payment technologies.
The entire event will be live-streamed on the White House’s website.
Senior administration officials see the event as a continuation of two years’ worth of cybersecurity initiatives, but the issue has taken on more urgency in recent months as the number of cyberattacks has increased dramatically. And recent large-scale breaches at Sony Pictures Entertainment Inc. and Anthem Inc. have led to an internal debate among government officials over whether the government should heighten its response to cyberattacks carried out by foreign countries.
Also notably, the White House’s list of panelists and speakers at the summit doesn't include representatives from many of the large companies that have suffered major breaches in recent years, such as Home Depot Inc., J.P. Morgan Chase & Co., Target Corp., Sony, or Anthem. A senior administration official said these companies weren't excluded from panels at the event.
Also missing from the list of panelists and speakers are officials from the U.S. intelligence community, such as the National Security Agency and Central Intelligence Agency. Intelligence officials often collect information about cyberthreats, and the White House on Tuesday announced a new office that is meant to collect and analyze their data.
But many technology companies remain skeptical about the operations of these agencies, particularly the NSA. A senior administration official said officials from the intelligence agencies would be at the event but officials from the agencies like the FBI and DHS were tapped to speak because they interact directly with the public to discuss cyber issues.
Fortunately for us, manufacturers are now moving towards extended battery life and excellent processing power even in thin handsets. Case in point: ARM's next generation A72 processors.
ARM Holdings, a microchip designer based in Britain, has announced a new processor for tablets and smartphones that boasts improved graphics and processing capability. Their new Cortex-A72 chip design and other improvements in related technology came just in time to help the handheld device industry which struggles with cooling demand.
Corliss Tech Review Group noted that much of the advancement could be credited to big improvements made in manufacturing technology, particularly from the Asian contractors.
An event in San Francisco was held where ARM announced that the new chips pack thrice as much computing power when compared with those in use today. It is now totally possible for manufacturers to use these new processors from ARM to get superb performance minus the strain in the device's battery. In fact, the company claims that in thin profile designs, the new chip could allow for as much as 75% reduction in power consumption.
The company's vice president of marketing also mentioned that the device has "more than enough" computing power to support complex processes on tablets and smartphones even without an Internet connection. Most of the smartphone processes today that are data-heavy are usually being handled by remote servers and not the device's processor itself.
Devices with this new processor technology are expected to be available by early next year. But according to Corliss Tech Review Group, 10 companies, including MediaTek of Taiwan and Rockchip of China, have already licensed ARM's new technology.