https://www.schneier.com/blog/archives/2021/08/zoom-lied-about-end-to-end-encryption.html
Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent.
The proposed settlement would generally give Zoom users $15 or $25 each.
Amnesty International’s Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders (HRDs) and journalists around the world. This research has uncovered widespread, persistent and ongoing unlawful surveillance and human rights abuses perpetrated using NSO Group’s Pegasus spyware.
Most recently, a successful “zero-click” attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021.
Data leak and forensics suggest NSO’s surveillance tool used against journalists at some of world’s top media companies
A successful Pegasus infection gives NSO customers access to all data stored on the device. An attack on a journalist could expose a reporter’s confidential sources as well as allowing NSO’s government client to read their chat messages, harvest their address book, listen to their calls, track their precise movements and even record their conversations by activating the device’s microphone.
https://www.theguardian.com/news/2021/jul/19/how-does-apple-technology-hold-up-against-nso-spyware
The iPhone maker says it is keeping pace with malware, but the Pegasus project paints a worrying picture
Our investigation shows how repressive regimes can buy and use the kind of spying tools Edward Snowden warned us about
Law-abiding people – including citizens and residents of democracies such as the UK, such as editors-in-chief of leading newspapers – are not immune from unwarranted surveillance. And western countries do not have a monopoly on the most invasive surveillance technologies. We’re entering a new surveillance era, and unless protections are put in place, none of us are safe.
Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.
Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
https://www.axios.com/china-cyberattacks-nato-181e71d2-7414-45f3-9463-c8b1d46392c1.html
The U.S., NATO, European Union, U.K., Australia, Canada, New Zealand and Japan say they can now, “with high confidence,” attribute the March attack using the Exchange flaw to cyberattackers affiliated with China’s state security ministry. That attack crippled thousands of computers around the world.
https://www.cnbc.com/2021/06/25/tiktok-insiders-say-chinese-parent-bytedance-in-control.html
Former TikTok employees say there is cause for concern when it comes to the popular social media app’s Chinese parent company.
They say ByteDance has access to TikTok’s American user data and is closely involved in the Los Angeles company’s decision-making and product development.
Some cybersecurity experts worry that the Chinese government could use TikTok to spread propaganda or censorship to American audience, or to exercise influence over users who may come to regret what they posted on the service.
https://underjord.io/trust-in-software-an-all-time-low.html
I don’t think I’ve ever had more distrust and as a consequence distate for software than in recent years
So while the big actors are slightly less likely to completely screw you on security, software quality or straight money. They are pretty much guaranteed to screw you on privacy.
Your privacy is very important to us. We would like to know what you are doing at all times. Accept / Ask me again later.
https://www.nrk.no/norge/stort-dataangrep-mot-norsk-ingeniorselskap-1.15568171
Hackargruppa hevdar dei har 2000 gigabyte med sensitiv informasjon som dei vil publisere viss selskapet ikkje innfrir kravet