惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threat Research - Cisco Blogs
博客园 - 聂微东
小众软件
小众软件
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
TaoSecurity Blog
TaoSecurity Blog
博客园 - 司徒正美
罗磊的独立博客
N
News and Events Feed by Topic
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Security Affairs
S
Security @ Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The GitHub Blog
The GitHub Blog
月光博客
月光博客
S
Secure Thoughts
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Forbes - Security
Forbes - Security
H
Heimdal Security Blog
W
WeLiveSecurity
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
L
LangChain Blog
T
The Blog of Author Tim Ferriss
NISL@THU
NISL@THU
Google DeepMind News
Google DeepMind News
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Schneier on Security
Project Zero
Project Zero
SecWiki News
SecWiki News
爱范儿
爱范儿
The Register - Security
The Register - Security
AI
AI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Y
Y Combinator Blog
L
Lohrmann on Cybersecurity
Application and Cybersecurity Blog
Application and Cybersecurity Blog
P
Privacy International News Feed
J
Java Code Geeks
S
Securelist
C
Cyber Attacks, Cyber Crime and Cyber Security
V
Visual Studio Blog

TechCrunch

Robots beat human records at Beijing half-marathon Palantir posts mini-manifesto denouncing inclusivity and ‘regressive’ cultures TechCrunch Mobility: Uber enters its assetmaxxing era Cracks are starting to form on fusion energy’s funding boom Blue Origin successfully re-uses a New Glenn rocket for the first time ever Tesla brings its robotaxi service to Dallas and Houston VC Ron Conway says he has a ‘rare form of cancer’ AI chip startup Cerebras files for IPO Anthropic’s relationship with the Trump administration seems to be thawing The App Store is booming again, and AI may be why “Tokenmaxxing” is making developers less productive than they think Hackers are abusing unpatched Windows security flaws to hack into organizations Zoom teams up with World to verify humans in meetings Gigs turns your concert history into a personal live music archive Chef Robotics escaped the robot cooking graveyard and says it’s thriving — here’s why Uber will now pick up your returns from your doorstep Anthropic launches Claude Design, a new product for creating quick visuals Google’s AI Mode can now help you find products in stock nearby Bluesky confirms DDoS attack is cause of continued app outages Bluesky confirms DDoS attack is cause of continued app outages Netflix plans to add a vertical video feed, use AI for recommendations SaySo is a new short-form video app that aims to restore users’ trust in news Loop raises $95M to build supply chain AI that predicts disruptions Are we tokenmaxxing our way to nowhere? New leaders, new fund: Sequoia has raised $7B to expand its AI bets Netflix co-founder and chair Reed Hastings to leave board Upscale AI in talks to raise at $2B valuation, says report Physical Intelligence, a hot robotics startup, says its new robot brain can figure out tasks it was never taught From the Startup Battlefield stage to the International Space Station: geCKo Materials built a sticky product Slash, a Ramp competitor founded by teenagers, raises $100M at $1.4B valuation OpenAI takes aim at Anthropic with beefed-up Codex that gives it more power over your desktop European police email 75,000 people asking them to stop DDoS attacks Anthropic CPO leaves Figma’s board after reports he will offer a competing product Google now lets you explore the web side-by-side with AI Mode Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme InsightFinder raises $15M to help companies figure out where AI agents go wrong AI traffic to US retailers rose 393% in Q1, and it’s boosting their revenue too Roblox’s AI assistant gets new agentic tools to plan, build, and test games Google adds Nano Banana-powered image generation to Gemini’s Personal Intelligence Google is now targeting bad ads over bad actors You’ve heard of hybrid cars. Now meet a hybrid cement plant. Runway CEO says AI could help Hollywood make 50 films instead of one $100M blockbuster Meta raises Quest 3 and Quest 3S prices due to RAM shortage Canva’s AI assistant can now call various tools to make designs for you Fashion retailer Express left customers’ personal data and order details exposed to the internet This simulation startup wants to be the Cursor for physical AI DeepL, known for text translation, now wants to translate your voice Amazon-backed X-energy files to raise up to $800M in IPO Ford EV and tech chief leaving automaker Wait, could they still actually break up Live Nation? Monarch Tractor’s collapse ends with an acquisition by Caterpillar OpenAI updates its Agents SDK to help enterprises build safer, more capable agents Hightouch reaches $100M ARR fueled by marketing tools powered by AI LinkedIn data shows AI isn’t to blame for hiring decline… yet Feds will require data centers to show their power bills AI learning app Gizmo levels up with 13M users and a $22M investment Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Google rolls out a native Gemini app for Mac This Khosla-backed autonomous pod startup just raised $170M — now it’s aiming for more Accel raises $5B to back late-stage bets India’s vibe-coding startup Emergent enters OpenClaw-like AI agent space Anthropic shrugs off VC funding offers valuing it at $800B+, for now Motorola sues social platforms and creators over posts, raising speech concerns in India Airwallex is about to take on Stripe and the rest of the payments industry — in the physical world After sale of its shoe business, Allbirds pivots to AI Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant Vercel CEO Guillermo Rauch signals IPO readiness as AI agents fuel revenue surge Hack at Anodot leaves over a dozen breached companies facing extortion The largest orbital compute cluster is open for business Trump officials may be encouraging banks to test Anthropic’s Mythos model Apple reportedly testing four designs for upcoming smart glasses X says it’s reducing payments to clickbait accounts TechCrunch Mobility: Who is poaching all the self-driving vehicle talent? From LLMs to hallucinations, here’s a simple guide to common AI terms At the HumanX conference, everyone was talking about Claude Slate Auto: Everything you need to know about the Bezos-backed EV startup Walmart-owned Flipkart, Amazon are squeezing India’s quick-commerce startups Kalshi wins temporary pause in Arizona criminal case AMC will stream ‘The Audacity’ premiere in 21 parts on TikTok Sam Altman responds to ‘incendiary’ New Yorker article after attack on his home Nvidia-backed SiFive hits $3.65B valuation for open AI chips NASA Artemis II splashes down in Pacific Ocean in ‘perfect’ landing for moon mission How to watch NASA’s Artemis II splash back down to Earth TechCrunch is heading to Tokyo — and bringing the Startup Battlefield with it France to ditch Windows for Linux to reduce reliance on US tech YouTube Premium and YouTube Music are getting more expensive Every fusion startup that has raised over $100M Last 24 hours: Save up to $500 on your TechCrunch Disrupt 2026 pass PSA: If you use the Meta AI app, your friends will find out and it will be embarrassing Anthropic temporarily banned OpenClaw’s creator from accessing Claude Snap gets closer to releasing new AI glasses after years-long hiatus Stalking victim sues OpenAI, claims ChatGPT fueled her abuser’s delusions and ignored her warnings Florida AG to probe OpenAI, alleging possible connection to FSU shooting ChatGPT finally offers $100/month Pro plan EFF is the latest organization to leave X What founders can learn from Anjuna’s layoffs and recovery Volkswagen drops all-electric ID.4 in the US in pivot back to gas SUVs Florida AG announces investigation into OpenAI over shooting that allegedly involved ChatGPT StubHub to pay $10M to settle FTC allegations over ‘deceptive’ ticket pricing After data breach, $10B-valued startup Mercor is having a month
Google launches new Android security feature to help uncover spyware attacks
Lorenzo Franceschi-Bicchierai · 2026-05-13 · via TechCrunch

Google is rolling out a new opt-in feature in Android that aims to help security researchers investigate spyware attacks.

The feature is called “Intrusion Logging” and is part of Android’s Advanced Protection Mode, which Google launched last year, an opt-in special security mode that enables certain features with the goal of making the device harder to hack. Advanced Protection Mode is designed to counter government spyware attacks and police forensic devices that try to extract data from a person’s phone.

These two types of attacks can also be combined. In at least one documented case in Serbia, authorities used a law enforcement forensic tool made by Cellebrite to unlock a device, and then installed spyware as a further step to continue monitoring the target. 

The rollout of Intrusion Logging is the first time a phone maker has launched a feature with the goal of helping security researchers investigate spyware attacks. To achieve that, Android’s Intrusion Logging creates a new type of log, which records errors and collects evidence when something goes wrong with the software, to provide visibility into suspected spyware attacks. 

Amnesty International, which worked with Google to develop the feature, called Intrusion Logging “a fundamental shift in the amount and quality of forensic data available on Android devices.”

“Until now, forensic analysis has relied on logs that were never designed for intrusion detection,” Amnesty wrote in a blog post that explains in detail how Intrusion Logging works. That meant earlier logs were not that useful for researchers, as they did not remain on the device for long and were often overwritten, effectively erasing potential evidence of attacks.

Donncha Ó Cearbhaill, the head of Amnesty’s Security Lab, told TechCrunch that Android’s technical limits “have made it difficult to deeply analyze system logs and files for signs of compromise, unlike with iOS.”

“These limits have meant we’ve been unable to reliably detect known attacks against Android,” said Ó Cearbhaill, who has for years investigated dozens of cases of spyware abuse around the world. 

The ability to better detect spyware attacks should improve with Intrusion Logging. Google announced the feature a year ago, but the company is deploying it only now. In a Tuesday blog post, Google said that Intrusion Logging “is currently rolling out to all devices running the Android 16 December update and newer.”

How Intrusion Logging works

Intrusion Logging captures events related to security and potential intrusions. For starters, the feature creates and collects logs once a day and stores them encrypted in a users’ Google account in the cloud. Uploading logs to the cloud potentially prevents spyware from deleting evidence of a device compromise. The logs are also encrypted so that only the user can access and share the logs with investigators, and Google cannot access them.

Among the events that Intrusion Logging keeps track of includes when the phone was unlocked; when applications have been installed and uninstalled; what websites and servers the phone connected to; whether someone connected to Android Debug Bridge, a tool that allows a computer or a device such as a forensic tool like Cellebrite to connect to an Android device; and whether someone tried to delete the logs related to these events, which could indicate an attempt to hide evidence of an attack. 

In the event of a spyware attack, these logs can help investigators understand when and how authorities may have hacked or forcibly unlocked someone’s device and connected it to a forensics tool, or used to install spyware or stalkerware. The logs can also determine if a phone at some point connected to a malicious website that tries to hack the visiting device, or accessed servers designed to extract data from the phone. 

Contact Us

Do you have more information about spyware attacks, or spyware makers? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.

While it is a step forward, Intrusion Logging has some limits. For now, along with having to enable Advanced Protection Mode, the feature requires Android’s latest software version, it is only available for Google-made Pixel devices, and the device has to be linked with a Google account. Intrusion Logging keeps records of browser navigation history and connections, which people may be wary of sharing with investigators. 

Google says Advanced Protection Mode and Intrusion Logging are for people who think they may be at risk of attacks done with spyware and forensic devices, such as human rights defenders, activists, journalists, and dissidents. Advanced Protection Mode is similar to Lockdown Mode for Apple devices, which was also meant for at-risk users and is seen as an effective way to protect against spyware. 

As recently as March, Apple said it has never detected a successful attack against users who have Lockdown Mode enabled. In 2023, security researchers at Citizen Lab said Lockdown Mode actively blocked an attempt to infect a target with NSO’s spyware. 

In its blog post, Amnesty has included step-by-step instructions on how to download the logs if a user suspects or has been notified that they have been targeted with spyware. Apple, Google, and Meta have sent threat notifications to users for years, which researchers say have been crucial to finding and exposing cases of abuse.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.

You can contact or verify outreach from Lorenzo by emailing lorenzo@techcrunch.com, via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.

View Bio