R S S : Google Blog

PageRank : 3 %

VoteRank :
(0 - 0 vote)

tagsTags: , , , , , , , , , , , , , , ,



Helping public health officials combat COVID-19

3 avril[ —]

As global communities respond to the COVID-19 pandemic, there has been an increasing emphasis on public health strategies, like social distancing measures, to slow the rate of transmission. In Google Maps, we use aggregated, anonymized data showing how busy certain types of places are—helping identify when a local business tends to be the most crowded. We have heard from public health officials that this same type of aggregated, anonymized data could be helpful as they make critical decisions to combat COVID-19. 

Starting today we’re publishing an early release of our COVID-19 Community Mobility Reports to provide insights into what has changed in response to work from home, shelter in place, and other policies aimed at flattening the curve of this pandemic. These reports have been developed to be helpful while adhering to our stringent privacy protocols and policies

The reports use aggregated, anonymized data to chart movement trends over time by geography, across different high-level categories of places such as retail and recreation, groceries and pharmacies, parks, transit stations, workplaces, and residential. We’ll show trends over several weeks, with the most recent information representing 48-to-72 hours prior. While we display a percentage point increase or decrease in visits, we do not share the absolute number of visits. To protect people’s privacy, no personally identifiable information, like an individual’s location, contacts or movement, is made available at any point. 

We will release these reports globally, initially covering 131 countries. Given the urgent need for this information, where possible we will also provide insights at the regional level. In the coming weeks, we will work to add additional countries and regions to ensure these reports remain helpful to public health officials across the globe looking to protect people from the spread of COVID-19.


Navigate and download a report for your region of interest

In addition to other resources public health officials might have, we hope these reports will help support decisions about how to manage the COVID-19 pandemic. For example, this information could help officials understand changes in essential trips that can shape recommendations on business hours or inform delivery service offerings. Similarly, persistent visits to transportation hubs might indicate the need to add additional buses or trains in order to allow people who need to travel room to spread out for social distancing. Ultimately, understanding not only whether people are traveling, but also trends in destinations, can help officials design guidance to protect public health and essential needs of communities.


A Community Mobility Report example for State of Louisiana, United States

In addition to the Community Mobility Reports, we are collaborating with select epidemiologists working on COVID-19 with updates to an existing aggregate, anonymized dataset that can be used to better understand and forecast the pandemic. Data of this type has helped researchers look into predicting epidemics, plan urban and transit infrastructure, and understand people’s mobility and responses to conflict and natural disasters.

Privacy protections

The Community Mobility Reports are powered by the same world-class anonymization technology that we use in our products every day. For these reports, we use differential privacy, which adds artificial noise to our datasets enabling high quality results without identifying any individual person. 

The insights are created with aggregated, anonymized sets of data from users who have turned on the Location History setting, which is off by default. Users who have Location History turned on can choose to turn the setting off at any time from their Google Account, and can always delete Location History data directly from their Timeline

These are unprecedented times and we will continue to evaluate these reports as we get feedback from public health officials, civil society groups, local governments and the community at large. We hope these insights will add to other public health information that will help people and communities stay healthy and safe.

Chromebook accessibility tools for distance learning

2 avril[ —]

Around the world, 1.5 billion students are now adjusting to learning from home. For students with disabilities, this adjustment is even more difficult without hands-on classroom instruction and support from teachers and learning specialists.

For educators and families using Chromebooks, there are a variety of built-in accessibility features to customize students’ learning experience and make them even more helpful. We’ve put together a list of some of these tools to explore as you navigate at-home learning for students with disabilities.

Supporting students who are low vision

To help students see screens more easily, you can find instructions for locating and turning on several Chromebook accessibility features in this Chromebook Help article. Here are a few examples of things you can try, based on students’ needs:

  • Increase the size of the cursor, or increase text size for better visibility. 

  • Add ahighlighted circle around the cursor when moving the mouse, text caret when typing, or keyboard-focused item when tabbing. These colorful rings appear when the items are in motion to draw greater visual focus, and then fade away.

  • For students with light sensitivity or eye strain, you can turn on high-contrast mode to invert colors across the Chromebook (or add this Chrome extension for web browsing in high contrast).

  • Increase the size of browser or app content, or make everything on the screen—including app icons and Chrome tabs—larger for greater visibility. 

  • For higher levels of zoom, try thefullscreen or docked magnifiers in Chromebook accessibility settings. The fullscreen magnifier zooms the entire screen, whereas the docked magnifier makes the top one-third of the screen a magnified area. Learn more in this Chromebook magnification tutorial.


Helping students read and understand text

Features that read text out loud can be useful for students with visual impairments, learning and processing challenges, or even students learning a new language.

  • Select-to-speak lets students hear the text they choose on-screen spoken out loud, with word-by-word visual highlighting for better audio and visual connection.

  • With Chromevox, the built-in screen reader for Chromebooks, students can navigate around the Chromebook interface using audio spoken feedback or braille. To hear whatever text is under the cursor, turn on Speak text under the mouse in ChromeVox options. This is most beneficial for students who have significant vision loss. 

  • Add the Read&Write Chrome extension from Texthelp for spelling and grammar checks,  talking and picture dictionaries, text-to-speech and additional reading and writing supports- all in one easy to use toolbar. 

  • For students with dyslexia, try the OpenDyslexic Font Chrome extension to replace web page fonts with a more readable font. Or use the BeeLine Reader Chrome extension to color-code text to reduce eye strain and help students better track from one line of text to the next. You can also use the Thomas Jockin font in Google Docs, Sheets and Slides.

Guiding students with writing challenges or mobility impairments

Students can continue to develop writing skills while they’re learning from home.

  • Students can use their voice to enter text by enabling dictation in Chromebook accessibility settings, which works in edit fields across the device. If dictating longer assignments, students can also use voice typing in Google Docs to access a rich set of editing and formatting voice commands. Dictating writing assignments can also be very helpful for students who get a little stuck and want to get thoughts flowing by speaking instead of typing. 

  • Students with mobility impairments can use features like the on-screen keyboard to type using a mouse or pointer device, or automatic clicks to hover over items to click or scroll.

  • Try the Co:Writer Chrome extension for word prediction and completion, as well as excellent grammar help. Don Johnston is offering free access to this and other eLearning tools. Districts, schools, and education practitioners can submit a request for access.

How to get started with Chromebook accessibility tools

We just shared a 12-part video series with training for G Suite and Chromebook Accessibility features made by teachers for teachers. These videos highlight teachers’ experience using these features in the classroom, as well as what type of diverse learner specific features benefit. For more, you can watch these videos from the Google team, read our G Suite accessibility user guide, or join a Google Group to ask questions and get real time answers. To find great accessibility apps and ideas on how to use them, check out the Chromebook App Hub, and for training, head to the Teacher Center.

We’re also eager to hear your ideas—leave your thoughts in this Google Form and help educators benefit from your experience.

The teen fact-checkers fighting misinformation

2 avril[ —]

Editor's note: It’s International Fact-Checking Day today and teenager Lyndsay Valadez from Indianapolis, Indiana tells us why fact-checking matters. She’s a member of the Teen Fact-Checking Network at MediaWise—part of the Google News Initiative and a Google.orgfunded partnership with The Poynter Institute for Media Studies

Being a freshman in college and living in a dorm away from my mom and sister means we usually stay in touch by text. In between “What’s up?” and “Miss you!” I occasionally get a different kind of message from home: “Is this real?” But now that my school has switched to digital teaching because of the coronavirus, there’s no escape from my family who constantly bombard me in person about claims surrounding COVID-19. 

Scrolling through social media, it can be tough to know the difference—especially if you haven’t been trained to look for it. Just like my mom taught me to say “Please” and “Thank you,” I’m now teaching her how to tell the difference between fact from fiction online. And learning those skills is really crucial at this time with people’s health on the line. 

As a journalism major at Indiana University, I understand the need for truth-telling and how important facts are in this digitized age. That’s why I became an intern with the Teen Fact-Checking Network—part of the MediaWise Project—where I research, write and put together videos debunking false claims, half-truths and fantasy. 

During my time, some of the debunked posts I’ve done include the ones about Joe Biden and Bernie Sanders and Hurricane Dorian. Of course, lately I am super busy covering the coronavirus.

One fact check that’s particularly special to me is one I did alongside my younger sister, Elizabeth Valadez, who recently joined MediaWise’s Teen Fact-Checking Network. It has been so neat to watch her fact-check while helping her along the way. Together, we worked on this fact-check about how long the coronavirus can live on different surfaces. 

Video showing sisters Lyndsay and her sister Elizabeth talking about fact-checking coronavirus myths.

During the time working with my sister, I realized how our own media experiences affect the way we approach fact-checking. We have different tastes—she’s into the social aspect while I like the more informational side. But this variety of media viewpoints and understanding helped us present a fuller, more comprehensive fact-check. Together, we’re teaching people to ask three key questions created by MediaWise partner, the Stanford History Education Group: Who is behind the information? What is the evidence? And what do other sources say?

Teen fact-checking siblings

Surprisingly enough, we aren’t the only siblings fact-checking together at MediaWise. 

Fact-checking brothers Kush Patel, 16, and his little brother Parth, 13, from North Carolina debunked a Twitter claim about a book predicting the 2019 coronavirus. Brother-sister duo Jahin Rahman, 16, and Fahmin Rahman, 14, teamed up to fact-check a claim aboutCO2 emissions dropping 25 percent in China because of the virus. You might be surprised by the answer!

fact check.jpg

Left: Brother-sister duo Jahin and Fahmin Rahman. Right: Kush Patel and his little brother Parth.

Today the Teen Fact-Checking Network has 35 teenagers on staff from a dozen states. Through social media storytelling, we’ve debunked more than 300 claims—and that’s only the beginning. The staff is now solely fact-checking claims about COVID-19, and has debunked more than 20 social media posts. Who knows, in 10 years the TFCN could be fact-checking at a level similar to organizations like Politifact or Snopes. 

Video showing teens talking about the Teen Fact-Checking Network.

And as we mark this fourth year of International Fact-Checking Day, we recognize the need for this kind of media literacy and teaching others how to fact-check. So far MediaWise has helped more than 5 million people learn how to be media savvy about what they see online. And through in-person training, the MediaWise team has taught more than 18,000 students at 70 different schools across the country.

MediaWise has taught me that no matter how old you are, we can all stand to be better. And we all need to work together to do our part in combating the spread of misinformation. Now more than ever. 

This International Fact-Checking Day, check out Civic Online Reasoning, a free curriculum developed by the Stanford History Education Group as part of MediaWise on how to evaluate online information. 

COVID-19: $6.5 million to help fight coronavirus misinformation

2 avril[ —]

Health authorities have warned that an overabundance of information can make it harder for people to obtain reliable guidance about the coronavirus pandemic.

Helping the world make sense of this information requires a broad response, involving scientists, journalists, public figures, technology platforms and many others. Here are some ways we plan to help.

Supporting coronavirus fact-checking and verification efforts

We’re providing $6.5 million in funding to fact-checkers and nonprofits fighting misinformation around the world, with an immediate focus on coronavirus.

Collaboration is a crucial component of journalism’s response to a story as complicated and all-encompassing as COVID-19. For this reason, the Google News Initiative (GNI) is stepping up its support for First Draft. The nonprofit is providing an online resource hub, dedicated training and crisis simulations for reporters covering COVID-19 all over the globe. First Draft is also using its extensive CrossCheck network to help newsrooms respond quickly and address escalating content that is causing confusion and harm. We’re also renewing our support for the collaborative verification project Comprova in Brazil.

As fact-checkers address heightened demand for their work, we are providing immediate support to several organizations. Full Fact will coordinate efforts in Europe focused on countries with the most cases (Italy, Spain, Germany, France and the United Kingdom) to amplify experts, share trends, and help reduce the spread of harmful false information. In Germany, CORRECTIV will step up its efforts to engage citizens in the fight against misinformation.

LatamChequea, coordinated by Chequeado, is providing a single hub to highlight the work of 21 fact-checking organizations across 15 countries in the Spanish-speaking world and Latin America. With our support, PolitiFact and Kaiser Health News will expand their health fact-checking partnership to focus on COVID-19 misinformation. 

Increasing access to data, scientific expertise and fact checks

Access to primary expert sources during an evolving public health crisis is both challenging and fundamental for journalists covering the story. To make this easier, we’re providing funding to SciLine, based at theAmerican Association for the Advancement of Science, and the Australian Science Media Centre, creators of We’re supporting the creation of a database for reporters developed by the journalism technology nonprofit Meedan in partnership with public health experts.

The GNI is also supporting the JSK Journalism Fellowships at Stanford University and Stanford's Big Local News group to create a global data resource for reporters working on  COVID-19. The new project will collate data from around the world and help journalists tell data-driven stories that have impact in their communities.

The International Fact-Checking Network (IFCN) continues to advocate for fact-checkers worldwide; our renewed support will boost their efforts to uphold best practices in the fact-checking field and showcase the work of the CoronaVirusFacts alliance. In addition, Science Feedback will conduct a network analysis using the hundreds of COVID-19 fact checks published globally to track the spread of related misinformation.

We also want to do more to highlight fact-check articles that address potentially harmful health misinformation more prominently to our users and we’re experimenting with how to best include a dedicated fact check section in the COVID-19 Google News experience.

Providing insights to fact-checkers, reporters and health authorities

So that reporters can understand and explain how the world is searching for the virus, we’ve made Google Trends data readily available in localized pages with embeddable visualizations. 

We’re also making more local Google Trends data available for journalists, health organizations and local authorities to help them understand people's information needs around the world.

Questions in search on Coronavirus in cities around the world

Questions in Search on coronavirus in cities around the world

Fact-checkers and health authorities need help to identify topics that people are searching for and where there might be a gap in the availability of good information online. Unanswered user questions—such as “what temperature kills coronavirus?”—can provide useful insights to fact-checkers and health authorities about content they may want to produce. 

To help, we’re supporting Data Leads in partnership with BOOM Live in India and Africa Check in Nigeria to leverage data from Question Hub. This will be complemented by an effort to train 1,000 journalists across India and Nigeria to spot health misinformation.

Our online resources are being updated to support the vital work journalists are doing. The GNI Training Center has tools for data journalism and verification in 16 languages, and our global team of Teaching Fellows is delivering workshops entirely online in 10 languages.

Today's announcement is one of several efforts we’re working on to support those covering this pandemic. We look forward to sharing more soon. 

Transform your photo in the style of an iconic artist

2 avril[ —]

From the bold, swirling movement in Vincent van Gogh's paintings, to the surreal, confident brushstrokes of Frida Kahlo, many famous artists have instantly recognizable styles. Now you can use these styles to transform your own photos. With Art Transfer, a new feature in the Google Arts & Culture app, you can apply the characteristics of well-known paintings to your own images.

To try it, open the Camera menu in the bottom bar of the Google Arts & Culture app and select “Art Transfer.” After taking or uploading a photo, choose from dozens of masterpieces to transfer that style onto your image. (And while you wait, we’ll share a fun fact about the artwork, in case you’re curious to know a bit more about its history.) For more customization, you can use the scissors icon to select which part of the image you want the style applied to. 

Thanks to cultural institutions from around the world, such as the UK’s National Gallery and Japan’s MOA Museum of Art, we’re able to feature artists like van Gogh, Frida Kahlo, Edvard Munch or Leonardo da Vinci.

Art Transfer animation of coffee cup - Cutting Tool.gif

Many Google Arts & Culture experiments show what’s possible when you combine art and technology. Artificial intelligence in particular can be a powerful tool not just in the hands of artists, but also as a way for people to experience and learn about art in new ways.  

In this case, Art Transfer is powered by an algorithmic model created by Google AI. Once you snap your photo and select a style, Art Transfer doesn’t just blend the two things or simply overlay your image. Instead, it kicks off a unique algorithmic recreation of your photo inspired by the specific art style you have chosen. 

And all of it happens right on your device without the help of the cloud or your image being processed online.

We are curious to see what you will create with a little help of AI and hope it will bring a small piece of joy to you in this challenging time. Once you are happy with your Art Transfer, tap share to share the results as a still image or as a GIF - #ArtTransfer.

Discover more on Google Arts & Culture—or download our free app for iOS or Android.

Improve Android deployments with new employee adoption kit

1er avril[ —]

Bringing Android Enterprise to your organization opens up new possibilities for your business, and a well-structured communication plan can help employees understand all the capabilities.

We’ve created the Android Enterprise Employee Adoption Kit to help IT teams communicate the features and benefits to their employees.

Resources include helpful videos, flyers, email templates, and slide decks that walk through how to get started with Android device features and management tools. We’ve designed these assets to be useful for preparing your users, assisting them in getting started, and sharing out tips, especially for those switching to Android.

Getting teams ready for Android Enterprise

To generate buzz before introducing Android Enterprise to your organization, you can use and customize our email scripts to share details about the new mobile experience for your team. Some companies may wish to create a demo desk to give new users a guided tour of Android Enterprise features. We’ve included suggested scripts to help walk employees through what’s to come.

Our user adoption slides detail the benefits, features, and scope of different device management modes. New YouTube videos offer a helpful overview of using the work profile, managed Google Play, and zero-touch enrollment. These videos can be embedded into internal sites or shared out directly.

Also, customizable slide decks walk through initial steps with a new Android device, provide detailed instructions for key tasks like downloading an app, or highlight the many benefits to using the work profile.

Learning Android features

Giving your team regular tips and tricks helps them take advantage of Android features and gain confidence in their device. We’ve prepared assets that offer suggestions for using helpful productivity tools in Android and embracing the privacy and work-life balance the work profile offers.

This kit is available for all those who wish to help their teams find success with Android. Learn more about Android Enterprise and how it can transform your business.

Stadia Savepoint: March updates

30 mars[ —]

We're back with another update in our Stadia Savepoint series, providing a summary of recent news on Stadia.

This month we added seven new games to the Stadia store including DOOM Eternal and Lost Words: Beyond the Page, a First on Stadia title. With Serious Sam Collection, Spitlings and Stacks On Stacks (On Stacks) being added to Stadia Pro on April 1, subscribers can claim and build their library of games, playing for free as part of their subscription. (2) (1).png

Stadia Capture Library on Web

Web Capture Library

Access captured gameplay screenshots and clips on your laptop or desktop and download them from your library.

4K on Web

Players with an active Stadia Pro subscription plus the necessary hardware and network speeds can now play Stadia at up to 4K resolution on the web in their Chrome browser.

Recent content launches on Stadia

  • Borderlands 3: Guns, Love, and Tentacles: The Marriage of Wainwright & Hammerlock Expansion

  • DOOM Eternal

  • Lost Words: Beyond the Page

  • Serious Sam Collection

  • SteamWorld Quest

  • SteamWorld Dig

  • SteamWorld Dig 2

  • SteamWorld Heist

  • The Crew 2

  • Tom Clancy’s The Division 2

  • Tom Clancy’s The Division 2: Warlords of New York Expansion

New games announced for Stadia

  • Monopoly

  • Monster Jam Steel Titans

  • MotoGP20

  • Relicta

  • The Turing Test

Stadia Pro updates

  • New games that are free to claim for Stadia Pro subscribers in April: Serious Sam Collection, Spitlings, Stacks On Stacks (On Stacks).

  • Existing games still available to add to your collection: Destiny 2, GRID, GYLT, Metro Exodus, SteamWorld Dig 2, SteamWorld Quest: Hand of Gilgamech and Thumper.

  • Act quickly: Metro Exodus and Thumper leave Stadia Pro on March 31.

  • Ongoing discounts for Stadia Pro subscribers: Check out the web or mobile Stadia store for the latest.

That’s it for March—we’ll be back soon to share more updates. As always, stay tuned to the Stadia Community Blog, Facebook and Twitter for the latest news. 

COVID-19: $800+ million to support small businesses and crisis response

27 mars[ —]

As the coronavirus outbreak continues to worsen around the world, it’s taking a devastating toll on lives and communities. To help address some of these challenges, today we’re announcing a new $800+ million commitment to support small- and medium-sized businesses (SMBs), health organizations and governments, and health workers on the frontline of this global pandemic. 

Our commitment includes:

  • $250 million in ad grants to help the World Health Organization (WHO) and more than 100 government agencies globally provide critical information on how to prevent the spread of COVID-19 and other measures to help local communities. This is an increase from our initial $25 million announced last month. In addition, we’re providing $20 million in ad grants to community financial institutions and NGOs specifically to run public service announcements on relief funds and other resources for SMBs.

  • A $200 million investment fund that will support NGOs and financial institutions around the world to help provide small businesses with access to capital. As one example, we’re working with the Opportunity Finance Network in the U.S. to help fill gaps in financing for people and communities underserved by mainstream financial institutions. This is in addition to the $15 million in cash grants is already providing to nonprofits to help bridge these gaps for SMBs.

  • $340 million in Google Ads credits available to all SMBs with active accounts over the past year. Credit notifications will appear in their Google Ads accounts and can be used at any point until the end of 2020 across our advertising platforms. We hope it will help to alleviate some of the cost of staying in touch with their customers.

  • A pool of $20 million in Google Cloud credits for academic institutions and researchers to leverage our computing capabilities and infrastructure as they study potential therapies and vaccines, track critical data, and identify new ways to combat COVID-19. Learn how to apply for credits on the Google for Education site.

  • Direct financial support and expertise to help increase the production capacity for personal protective equipment (PPE) and lifesaving medical devices. We’re working with our longtime supplier and partner Magid Glove & Safety, with the goal of ramping up production of 2-3 million face masks in the coming weeks that will be provided to the CDC Foundation. Additionally, employees from across Alphabet, including Google, Verily and X, are bringing engineering, supply chain and healthcare expertise to facilitate increased production of ventilators, working with equipment manufacturers, distributors and the government in this effort.

In addition to these commitments, we also increased the gift match Google offers every employee annually to $10,000 from $7,500. That means our employees can now give $20,000 to organizations in their communities, in addition to the $50 has already donated. Together, we’ll continue to help our communities—including our businesses, educators, researchers and nonprofits—to navigate the challenges ahead.

More from this Collection

Google's response to COVID-19

Updates about actions we're taking to keep employees safe, help people stay informed and connected, support small businesses and other organizations, and more. 

View all 23 articles

Keeping our network infrastructure strong amid COVID-19

26 mars[ —]

Google's network supports products that people around the world rely on every day, like YouTube, Search, Maps and Gmail. It also connects Google Cloud customers to their employees and users. As the coronavirus pandemic spreads and more people move to working or learning from home, it’s natural to wonder whether the Google network can handle the load. The short answer is yes. 

We’ve designed our network to perform during times of high demand. The same systems we built to handle peaks like the Cyber Monday online shopping surge, or to stream the World Cup finals, support increased traffic as people turn to Google to find news, connect with others, and get work done during this pandemic. And while we’re seeing more usage for products like Hangouts Meet, and different usage patterns in products like YouTube, peak traffic levels are well within our ability to handle the load. 

Google’s network consists of a system of high-capacity fiber optic cables that encircle the globe, under both land and sea, connecting our data centers to each other, and to you. Traffic flows over our dedicated network, optimized for speed and reliability until we hand it off to more than 3,000 internet service providers (ISPs) in 200+ countries and territories for local delivery—the “last mile”—using hundreds of points of presence and thousands of edge locations around the world.

Handling traffic on Google’s infrastructure and bringing it close to people helps limit the burden on operators—whose networks have different levels of reserve capacity—to allow them to focus on delivering that last mile. Together, we work to provide the best possible experience for browsing, video-conferencing, streaming, making purchases online, and more to people around the world. We’re continuing to work with governments and network operators around the globe as we do our part to minimize stress on the system. As part of this, we recently announced that we are temporarily defaulting all videos on YouTube to standard definition.  

We also recognize the importance of Google services at a time like this and continue to add capacity to stay ahead of demand. Our dedicated global network deployment and operations team is increasing capacity wherever needed, and, in the event of a disruption, recovers service as quickly as possible. 

This may be a time of global uncertainty, but we're working hard to ensure the Google network is there for everyone, business or consumer, day and night.

Identifying vulnerabilities and protecting you from phishing

26 mars[ —]

Google’s Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and the people who use our products. Following our November update, today we’re sharing the latest insights to fight phishing, and for security teams, providing more details about our work identifying attacks against zero-day vulnerabilities. 

Protecting you from phishing

We have a long-standing policy to send you a warning if we detect that your account is a target of government-backed phishing or malware attempts. In 2019, we sent almost 40,000 warnings, a nearly 25 percent drop from 2018. One reason for this decline is that our new protections are working—attackers' efforts have been slowed down and they’re more deliberate in their attempts, meaning attempts are happening less frequently as attackers adapt.

Distribution of the targets of government-backed phishing in 2019

Distribution of the targets of government-backed phishing in 2019.

We’ve detected a few emerging trends in recent months.

Impersonating news outlets and journalists is on the rise

Upon reviewing phishing attempts since the beginning of this year, we’ve seen a rising number of attackers, including those from Iran and North Korea, impersonating news outlets or journalists. For example, attackers impersonate a journalist to seed false stories with other reporters to spread disinformation. In other cases, attackers will send several benign emails to build a rapport with a journalist or foreign policy expert before sending a malicious attachment in a follow up email. Government-backed attackers regularly target foreign policy experts for their research, access to the organizations they work with, and connection to fellow researchers or policymakers for subsequent attacks. 

Heavily targeted sectors are (mostly) not surprising

Government-backed attackers continue to consistently target geopolitical rivals, government officials, journalists, dissidents and activists. The chart below details the Russian threat actor group SANDWORM’s targeting efforts (by sector) over the last three years.

Distribution of targets by sector by the Russian threat actor known as SANDWORM

Government-backed attackers repeatedly go after their targets

In 2019, one in five accounts that received a warning was targeted multiple times by attackers. If at first the attacker does not succeed, they’ll try again using a different lure, different account, or trying to compromise an associate of their target.

We’ve yet to see people successfully phished if they participate in Google’s Advanced Protection Program (APP), even if they are repeatedly targeted. APP provides the strongest protections available against phishing and account hijacking and is specifically designed for the highest-risk accounts. 

Finding attacks that leverage zero-day vulnerabilities

Zero-day vulnerabilities are unknown software flaws. Until they’re identified and fixed, they can be exploited by attackers. TAG actively hunts for these types of attacks because they are particularly dangerous and have a high rate of success, although they account for a small number of the overall total. When we find an attack that takes advantage of  a zero-day vulnerability, we report the vulnerability to the vendor and give them seven days to patch or produce an advisory or we release an advisory ourselves

We work across all platforms, and in 2019 TAG discovered zero-day vulnerabilities affecting Android, Chrome, iOS, Internet Explorer and Windows. Most recently, TAG was acknowledged in January 2020 for our contribution in identifying CVE-2020-0674, a remote code execution vulnerability in Internet Explorer. 

Last year, TAG discovered that a single threat actor was capitalizing on five zero-day vulnerabilities. Finding this many zero-day exploits from the same actor in a relatively short time frame is rare. The exploits were delivered via compromised legitimate websites (e.g. watering hole attacks), links to malicious websites, and email attachments in limited spear phishing campaigns. The majority of targets we observed were from North Korea or individuals who worked on North Korea-related issues.

For security teams interested in learning more, here are additional details about the exploits and our work in 2019:

The vulnerabilities underlying these exploits included:

The following technical details are associated with the exploits and can be used for teams interested in conducting further research on these attacks:

  • CVE-2018-8653, CVE-2019-1367 and CVE-2020-0674 are vulnerabilities inside jscript.dll, therefore all exploits enabled IE8 rendering and used JScript.Compact as JS engine.

  • In most Internet Explorer exploits, attackers abused the Enumerator object in order to gain remote code execution. 

  • To escape from the Internet Explorer EPM sandbox, exploits used a technique consisting of replaying the same vulnerability inside svchost by abusing Web Proxy Auto-Discovery (WPad) Service. Attackers abused this technique with CVE-2020-0674 on Firefox to escape the sandbox after exploiting CVE-2019-17026.

  • CVE-2019-0676 is a variant of CVE-2017-0022, CVE-2016-3298, CVE-2016-0162 and CVE-2016-3351 where the vulnerability resided inside the handling of “res://” URI scheme. Exploiting CVE-2019-0676 enabled attackers to reveal presence or non-presence of files on the victim’s computer; this information was later used to decide whether or not a second stage exploit should be delivered.

  • The attack vector for CVE-2019-1367 was rather atypical as the exploit was delivered from an Office document abusing the online video embedding feature to load an external URL conducting the exploitation.

Our Threat Analyst Group will continue to identify bad actors and share relevant information with others in the industry. Our goal is to bring awareness to these issues to protect you and fight bad actors to prevent future attacks. In a future update, we’ll provide details on attackers using lures related to COVID-19 and expected behavior we’re observing (all within the normal range of attacker activity). 

0 | 10
 is the best way to tune in to the Web.

Chercher, découvrir, news, podcast francais, radios, webtv, videos. Vous trouverez du contenu du Monde entier et de la France. Vous pourrez créer votre propre contenu et le partager avec vos amis.

ACCEUIL add podcastAjouter votre Podcast FORUM By Jordi Mir & mirPod since April 2005....
A PROPOS Supporter lequipe mirPod Terms of Use BLOG OnlyFamousPeople MIRTWITTER