The Dev channel has been updated to 96.0.4664.18 for Windows, Mac and Linux.
A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Hi, everyone! We've released Chrome Beta 96 (96.0.4664.17) for iOS: it'll become available on App Store in next few days.
You can see a partial list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.
Harry Souders
Google Chrome
Posted by Erica Hanson, Global Program Manager for Google Developer Communities
DevFest season has officially started! From now through the end of the year, developers from all around the world are coming together for DevFest 2021, the biggest global event for developers, focusing on community-led learning on Google technologies. Hosted by Google Developer Groups (GDG) all across the globe, DevFest events are uniquely curated by their local GDG organizers to fit the needs and interests of the local community.
The mission
This year, DevFest 2021 inspires local developers to learn and connect as a community by exploring how to use Google technology to accelerate economic impact. In light of COVID-19, the global economy has shrunk and millions of jobs have been lost. Developers are the backbone of technology, and they play a pivotal role in the recovery of the global economy. In fact, expanding the impact of developers has never been more important!
Luckily, DevFest is the perfect opportunity for Google Developer Groups to show up for developers and their communities during such a challenging time. At DevFest 2021, GDGs and attendees will have the opportunity to explore how to use technology for good where it’s needed most.
Accelerating local economic recovery looks different across the globe, and GDGs hosting DevFest events are encouraged to consider the challenges their specific regions may be facing. For example, GDGs may choose to focus their DevFest events on building solutions that help local businesses grow, or they may prioritize upskilling their community by sharing technical content to help developers become industry ready. Whether it be through technical talks delivered in local languages or by simply meeting fellow local developers, DevFest 2021 will leave attendees feeling empowered to drive positive change in their communities.
What to expect
One of DevFest’s greatest strengths remains the passionate speakers who participate in DevFest events all across the globe. These speakers, often developers themselves, come from various backgrounds, perspectives, and skill levels to create a rich and rewarding experience for attendees. DevFest sessions are hosted in local languages in many different parts of the world.
This DevFest season, attendees will receive career support and mentorship opportunities from senior developers, including speakers from Google, Google Developer Group leaders, Google Developer Experts, and Women Techmakers.
Hands-on demos, workshops, and codelabs will cover a wide variety of technologies, including Android, Google Cloud Platform, Machine Learning with TensorFlow, Web.dev, Firebase, Google Assistant, and Flutter. Through these events, developers will learn how Google technologies help them build solutions that make a difference.
Google Developers is proud to support the community-led efforts of Google Developer Groups during this flagship annual event. DevFest is powered by a global network of passionate GDG community organizers who volunteer their time and efforts to help developers grow together, and this event wouldn’t be possible without them.
Coming together
During DevFest 2020, 125,000+ developers participated across 700+ DevFests in 100+ countries. DevFest 2021 is already in full swing, with thousands of attendees across the globe collaborating with like-minded developers, learning new technologies, and building solutions to uplift their communities. Whether you’re looking to explore the latest Google technologies, level up your career, or innovate for impact, there is a DevFest event for you.
Find a DevFest near you here, and use #DevFest to join the conversation on social media.
Editor’s note: Today’s guest post is from William Vincent, Financial Controller, S. Morris Ltd.
S. Morris Ltd. is a family-owned business that creates and delivers high-quality construction materials to customers throughout southwest England. With products like concrete blocks and bricks, ready-mix concrete and flooring materials, we provide our customers with many of their building project essentials.
Strong customer service and timely delivery are key to our success, and we’re always looking to refine our operations. In fact, we recently shifted our ordering and delivery confirmation processes from paper to digital. As part of this move, we wanted to provide mobile devices to our delivery drivers so they could easily confirm orders and accept digital signatures.
To protect company data, we needed to have the right device management. But we didn’t want an overly complex solution. My team has many responsibilities, so we needed a smooth and efficient way to manage these devices. Android Enterprise Essentials was just what we were looking for — an easy way to manage Android devices with the security controls we needed to ensure data security and privacy for our small business.
Simple, secure device management
Setting up devices and getting them into the hands of our delivery drivers was quick and easy. We selected Samsung Galaxy A02 devices from our service provider Tela, which arrived at our office ready to use, right out of the box.
With Essentials, we were able to enforce necessary security policies, like requiring a PIN code to unlock the device and ensuring that the malware protection provided by Google Play Protect is always in place. Our devices are regularly shared among different drivers we contract with, some of whom will also work for our competitors. So when a contractor has completed their assignment, I simply jump into the portal and assign a new PIN to a device.
Our delivery teams have a lot to keep track of. With Android devices, they now have access to business-critical apps that make the delivery process smoother for our team and customers. And Essentials ensures that this customer data is secure on the device. No more paper receipts, and our inventory is automatically up to date.
New digital efforts through Essentials
Our success with Essentials has inspired us to look at other areas of the business that would benefit from digitization through Android — like capturing, sharing and saving information more efficiently. With Essentials’ security features and simple management tools, we’ll have the ability to scale our efforts with ease.
Whether you’re a fashion influencer, aspiring photographer or travel blogger, Google is committed to helping all content creators connect with their audiences. We believe that getting discovered on Google and having a presence on the open web is an important part of a creator’s success. So today, we’re introducing Google for Creators, a new home base for creators to learn, grow and get inspired.
Google for Creators shows how the web can become part of your content mix. A quick quiz on the homepage provides personalized recommendations with topics most relevant to you. So if you’re just getting started, the quiz might recommend that you check out guides for finding a niche or creating a content strategy. Or if you’re a more seasoned creator, you might see recommendations for learning how to grow your audience and make more money.
Take the creator quiz to get personalized recommendations for content on our site.
Our new site reflects the guidance and inspiration we’ve been sharing on our blog and YouTube channel. This includes profiles of creators like Nakisha Wynn, who started a blog for moms and has become a full-time content creator, coach and speaker. And Nomadic Matt who, after starting his travel-focused website in 2008, has become a best-selling author and still engages with the community he built on his site.
Matt Kepnes started his travel blog in 2008 and has become a two-time best-selling author, and the founder of both FLYTE and TravelCon.
Google for Creators has a comprehensive list of products and tools relevant for all parts of your journey as a creator on the web. This includes formats like Web Stories, which brings visual and engaging web content to Google surfaces. So far, we’ve seen more than 20 million Web Stories published, giving creators full control to monetize, host and share their content.
Creators like Marie Denee, founder of The Curvy Fashionista, are using Web Stories to reach the web’s broad audience and share their content in a visual-first way. We want to help other creators do the same, and Google for Creators is a great place to get started.
As a creator, it’s important to know if your content is resonating. On our new website, you can learn about Google products that help you understand your audience and grow your presence online. For example, Search Console Insights provides helpful data and insights in a dashboard so you can easily see how your content is performing. Creators are already seeing its value — since launching earlier this year, millions of websites are using Search Console Insights.
Search Console Insights makes it easy to understand how your content resonates with readers.
In the coming months, we’ll release much more on the site, including new guides, community programming and creator spotlights.
Sign up for our Google for Creators newsletter to hear about new content, tips and the latest Google products designed especially for creators. You can also subscribe to our YouTube channel, or follow us on Instagram or Twitter. We can’t wait to see what you build, create and publish. Email us at [email protected] or reach out to us on social to let us know what you’re working on — and what you think of Google for Creators!
In 2020, as a result of the COVID-19 pandemic, people across the United States were losing their jobs or experiencing job insecurity. Over the course of the year, one in four people in the U.S. would apply for unemployment. People were looking for information on government assistance — in fact, searches for “unemployment benefits” increased by more than 5,000% in 2020.
While the pandemic caused a spike, people have long been searching for this kind of information. Back in 2019, a team at Google wanted to look into helping people navigate government services online. The team, led by User Experience Research (UXR) Manager John Webb, started looking into how Google could help. Initially, John explains, the team was seeking users’ input to build a Search feature that would explain civic services and government quickly and easily. “Obviously, things became more complex — and urgent — very quickly,” he says.
Sydney Hessel is also one of the leads on the project. She’s been a UX researcher for more than five years. As a result of COVID-19, she saw close friends lose their jobs suddenly. She knew how important this research could be. “We approached our work with empathy,” she says, “so we could deeply understand people’s experiences and how we could support them in the products we design.” The Google Experience Research Program recently relaunched its site, so more people can sign up to participate in future research like this to inform all kinds of products.
Being proactive and doing interviews in person before COVID became more serious is what allowed us to jump into building the product so quickly. It helped us create a more empathetic tool.
As 2019 became 2020, the User Research team began recruiting study participants from a diverse group of people from different backgrounds and industries who’d been laid off, furloughed or had their shifts cut during COVID’s early days. Then, they used Google Meet for in-depth, one-on-one interviews. “We asked about their job situation, what they saw as their next steps to make ends meet and how Search could be designed to better support them,” Sydney says. Everyone from product managers to engineers joined the sessions.
“Our team also conducted both in-person and remote studies with more than 100 people,” John says. “Before COVID-19, we had teams in many different places, working to understand what people in these places needed.” On-the-ground research was cut short and interviewing moved to Google Meet, which John says went pretty smoothly. Being able to continue interviews via video calls was essential, and meant that people could offer insight about employment conditions as they developed. Plus, the early, in-person research had its benefits, too. “Being proactive and doing interviews in person before COVID became more serious is what allowed us to jump into building the product so quickly,” John explains. “It helped us create a more empathetic tool — we were more aware of cultural nuances, and how people in different countries with different government benefits would need different kinds of help.”
Information about unemployment benefits eligibility and other government services can be hard to understand, making it difficult to navigate the process and make informed decisions. “We actually found that a lot of the people we talked to didn’t even know there were benefits they qualified for,” John says. So UXR took what they learned back to product teams at Google — which soon led to the launch of new, dedicated information panels in Search for Unemployment and other benefits. These information panels include robust local information about eligibility, as well as direct links and information about how to apply in each state.
Sydney says seeing the team’s research inform the design of the product — and such an important one — was incredibly encouraging. “It was a really moving and motivating experience for the whole team,” she says. “These interviews fired us up to build quickly and intentionally for the many people facing economic hardship during this time.”
We encourage everyone to help shape the future of Google and our products. Sign up to lend your insights to the Google Research team.
For many of the challenges our world faces — like access to healthcare and climate change — technology will be part of the solution. For those solutions to affect change, the technologists behind them should be reflective of everyone. However, in the U.S. today 26% of computing professionals are women, 8% are Hispanic and 9% are Black.
Access to education is at the root of this inequity. Girls, historically underrepresented groups and students from small and rural towns are less likely to have the opportunity to build interest and confidence in computer science and STEM (science, technology, engineering and mathematics) skills. To help make sure every student has the chance to build confidence and interest in computer science, 4-H, an organization working to give all youth equal access to opportunity, with Google.org support, created the Computer Science Pathway. This program teaches technical subjects — like data analytics and robotics — and equips students with essential life skills — like problem-solving and leadership.
In 2019, 4-H and Google.org set a goal that with Google.org’s support, 4-H would introduce one million students to computer science within three years. Members of our own Code with Google team assisted the National 4-H Council and local 4-H chapter leaders to pilot, train and iterate for several months to help establish the foundations of the Computer Science Pathway program. Fast forward to now, just two years later, and 4-H has already reached over 1.4 million students. Of those 1.4 million, 47% are from historically underrepresented groups in computer science, 65% live in rural areas and 56% of teen leaders for the program are girls.
These numbers represent real kids finding their voice, discovering a brighter future and realizing their dreams.
Throughout this journey, the 4-H team brought together nonprofits, businesses, community leaders and schools to create an inclusive and impactful computer science program for all ages across 50 states. For others looking to create computer science programs, here are a few things 4-H learned to help each and every student achieve their potential.
As a 4-H alum myself, I’m proud to celebrate this incredible milestone and achievement toward equitable education and opportunities. We believe that the Computer Science Pathway, and the 4-H team’s thoughtful evaluation and collected learnings, will help make the future brighter — not just for the students who participate, but for their communities and the world as a whole. As we face global challenges, we’ll need the best and brightest out there solving them.
 |
| Create a Focus time entry in Calendar |
 |
| Focus time appears with a headphones icon on your calendar |
Google’s Threat Analysis Group tracks actors involved in disinformation campaigns, government backed hacking, and financially motivated abuse. Since late 2019, our team has disrupted financially motivated phishing campaigns targeting YouTubers with Cookie Theft malware.
The actors behind this campaign, which we attribute to a group of hackers recruited in a Russian-speaking forum, lure their target with fake collaboration opportunities (typically a demo for anti-virus software, VPN, music players, photo editing or online games), hijack their channel, then either sell it to the highest bidder or use it to broadcast cryptocurrency scams.
In collaboration with YouTube, Gmail, Trust & Safety, CyberCrime Investigation Group and Safe Browsing teams, our protections have decreased the volume of related phishing emails on Gmail by 99.6% since May 2021. We blocked 1.6M messages to targets, displayed ~62K Safe Browsing phishing page warnings, blocked 2.4K files, and successfully restored ~4K accounts. With increased detection efforts, we’ve observed attackers shifting away from Gmail to other email providers (mostly email.cz, seznam.cz, post.cz and aol.com). Moreover, to protect our users, we have referred the below activity to the FBI for further investigation.
In this blog, we share examples of the specific tactics, techniques and procedures (TTPs) used to lure victims, as well as some guidance on how users can further protect themselves.
Cookie Theft, also known as “pass-the-cookie attack,” is a session hijacking technique that enables access to user accounts with session cookies stored in the browser. While the technique has been around for decades, its resurgence as a top security risk could be due to a wider adoption of multi-factor authentication (MFA) making it difficult to conduct abuse, and shifting attacker focus to social engineering tactics.
Many YouTube creators provide an email address on their channel for business opportunities. In this case, the attackers sent forged business emails impersonating an existing company requesting a video advertisement collaboration.
Example phishing email message
The phishing typically started with a customized email introducing the company and its products. Once the target agreed to the deal, a malware landing page disguised as a software download URL was sent via email or a PDF on Google Drive, and in a few cases, Google documents containing the phishing links. Around 15,000 actor accounts were identified, most of which were created for this campaign specifically.
The attackers registered various domains associated with forged companies and built multiple websites for malware delivery. To date, we’ve identified at least 1,011 domains created solely for this purpose. Some of the websites impersonated legitimate software sites, such as Luminar, Cisco VPN, games on Steam, and some were generated using online templates. During the pandemic, we also uncovered attackers posing as news providers with a “Covid19 news software.”
Lure message and landing pages for the forged covid news software.
In one case, we observed a fake social media page copying content from an existing software company. The following screenshot is an example of a fake page where the original URL is replaced with one leading to a cookie theft malware download.
Original (left) and fake (right) instagram accounts
Because Google actively detects and disrupts phishing links sent via Gmail, the actors were observed driving targets to messaging apps like WhatsApp, Telegram or Discord.
Once the target runs the fake software, a cookie stealing malware executes, taking browser cookies from the victim’s machine and uploading them to the actor's command & control servers. Although this type of malware can be configured to be persistent on the victim's machine, these actors are running all malware in non-persistent mode as a smash-and-grab technique. This is because if the malicious file is not detected when executed, there are less artifacts on an infected host and therefore security products fail to notify the user of a past compromise.
We have observed that actors use various types of malware based on personal preference, most of which are easily available on Github. Some commodity malware used included RedLine, Vidar, Predator The Thief, Nexus stealer, Azorult, Raccoon, Grand Stealer, Vikro Stealer, Masad (Google’s naming), and Kantal (Google’s naming) which shares code similarity with Vidar. Open source malware like Sorano and AdamantiumThief were also observed.Related hashes are listed in the Technical Details section, at the end of this report.
Most of the observed malware was capable of stealing both user passwords and cookies. Some of the samples employed several anti-sandboxing techniques including enlarged files, encrypted archive and download IP cloaking. A few were observed displaying a fake error message requiring user click-through to continue execution.
Fake error window require user click through
A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. The channel name, profile picture and content were all replaced with cryptocurrency branding to impersonate large tech or cryptocurrency exchange firms. The attacker live-streamed videos promising cryptocurrency giveaways in exchange for an initial contribution.
On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers.
These campaigns were carried out by a number of hack-for-hire actors recruited on Russian-speaking forums via the following job description, offering two types of work:
This recruitment model explains the highly customized social engineering, as well as the varied malware types given each actor's choice of preferred malware.
We are continuously improving our detection methods and investing in new tools and features that automatically identify and stop threats like this one. Some of these improvements include:
Sensitive action blocked in account
It is also important that users remain aware of these types of threats and take appropriate action to further protect themselves. Our recommendations:
Additional resources: Avoid & Report Phishing Emails.
Related Malware hashes:
Top Phishing Domains:
