The previously unreported news is a serious abuse of NSO’s products, which are typically used by governments and authoritarian regimes.

An employee of controversial surveillance vendor NSO Group abused access to the company’s powerful hacking technology to target a love interest, Motherboard has learned.

Sen. Edward Markey says COVID-19 contact tracing can’t be “used as cover by companies like Clearview to build shadowy surveillance networks.”

“(Having a camera outside your door is) an incredible erosion of privacy,” said Lahiffe. “It just seems to be a massive data grab. And I don’t know how much of it is actually legal.”

Although there is no official announcement stating that cameras must be fixed outside the homes of people under quarantine, it has been happening in some cities across China since at least February

White House says foreign-made equipment “augments the ability of foreign adversaries to create and exploit vulnerabilities” in the US power grid.

President Donald Trump signed today an executive order barring US power grid entities from buying and installing electrical equipment that has been manufactured outside the US.

Trump said that “foreign adversaries are increasingly creating and exploiting vulnerabilities in the United States bulk-power system.”

“It’s a backdoor with phone functionality,” quips Gabi Cirlig about his new Xiaomi phone. He’s only half-joking.

Cirlig is speaking with Forbes after discovering that his Redmi Note 8 smartphone was watching much of what he was doing on the phone. That data was then being sent to remote servers hosted by another Chinese tech giant, Alibaba, which were ostensibly rented by Xiaomi. 

The seasoned cybersecurity researcher found a worrying amount of his behavior was being tracked, whilst various kinds of device data were also being harvested, leaving Cirlig spooked that his identity and his private life was being exposed to the Chinese company.

Meanwhile, at Forbes’ request, cybersecurity researcher Andrew Tierney investigated further. He also found browsers shipped by Xiaomi on Google Play—Mi Browser Pro and the Mint Browser—were collecting the same data. Together, they have more than 15 million downloads, according to Google Play statistics.
In response to the findings, Xiaomi said, “The research claims are untrue,” and “Privacy and security is of top concern,” adding that it “strictly follows and is fully compliant with local laws and regulations on user data privacy matters.” But a spokesperson confirmed it was collecting browsing data, claiming the information was anonymized so wasn’t tied to any identity. They said that users had consented to such tracking. 

It’s the second time in two months that a huge Chinese tech company has been seen watching over users’ phone habits. A security app with a “private” browser made by Cheetah Mobile, a public company listed on the New York Stock Exchange, was seen collecting information on Web use, Wi-Fi access point names and more granular data like how a user scrolled on visited Web pages. Cheetah argued it needed to collect the information to protect users and improve their experience.

Android smartphone manufacturers have significantly improved their patching hygiene over the past couple of years, a new report from Security Research Labs reveals.

“We found that on average, for official firmwares released in 2019 missed only about half as many patches as comparable firmwares released in 2018,” the security firm says.

Monthly security updates are being integrated into firmware builds 15% faster than in 2018. Last year, 90% of unique firmware builds for major Android vendors arrived within 38 days of Google’s security patches.