A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CloudSorcerer – A new APT targeting Russian government entities
July 8, 2024
In May 2024, Kaspersky researchers discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them ...
- ‘RockYou2024’: Nearly 10 billion passwords leaked online
July 8, 2024
On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value ...
- Exploring Compiled V8 Javascript Usage In Malware
July 8, 2024
In recent months, CPR has been investigating the usage of compiled V8 JavaScript by malware authors. Compiled V8 JavaScript is a lesser-known feature in V8, Google’s JavaScript engine, that enables the compilation of JavaScript into low-level bytecode. This technique assists attackers in evading static detections and hiding their original source code, rendering it almost impossible to ...
- How to Prevent Email Spoofing with DMARC
July 8, 2024
Email-based attacks are the number one attack vector for cybercriminals. These attacks do not always require a high level of technical sophistication to carry out. And because the human factor is involved, there is almost no doubt they will endure as a favored tactic. One way bad actors can greatly increase their chances of a successful ...
- NHS remains vulnerable to further cyber-attacks
July 8, 2024
A leading cybersecurity expert has warned that the NHS remains vulnerable to further cyber-attacks unless it updates its computer systems. This stark assessment comes in the wake of a major ransomware attack that has severely disrupted healthcare services across London. Prof Ciaran Martin, the founding CEO of the UK’s National Cyber Security Centre (NCSC), told the ...
- New cyberattack targets iPhone Apple IDs
July 6, 2024
A new cyberattack is targeting iPhone users, with criminals attempting to obtain individuals’ Apple IDs in a “phishing” campaign, security software company Symantec said in an alert Monday. Cyber criminals are sending text messages to iPhone users in the U.S. that appear to be from Apple, but are in fact an attempt at stealing victims’ personal ...