A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- RansomHub: New Ransomware has Origins in Older Knight
June 5, 2024
RansomHub, a new Ransomware-as-a-Service (RaaS) that has rapidly become one of the largest ransomware groups currently operating, is very likely an updated and rebranded version of the older Knight ransomware. Analysis of the RansomHub payload by Symantec, revealed a high degree of similarity between the two threats, suggesting that Knight was the starting point for RansomHub. ...
- Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies
June 5, 2024
Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried out using Amethyst, an offshoot of the popular open‑source SapphireStealer. The attackers disguise the malware as an enforcement ...
- Chinese Nationals Plead Guilty To Cyber Crimes In Zambia
June 5, 2024
Twenty-two Chinese nationals have pleaded guilty to committing cyber-related crimes in Zambia. They are among 77 suspects arrested in April in connection with a “sophisticated internet fraud syndicate,” according to authorities. The operation targeted a Chinese-run company in Lusaka following a surge in internet fraud cases affecting people globally. The Chinese nationals are scheduled for sentencing ...
- Critical Path Traversal Vulnerability in Check Point Security Gateways (CVE-2024-24919)
June 5, 2024
The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Check Point Security Gateways. Identified as CVE-2024-24919 and given a CVSSv3 score of 8.6, the vulnerability is more severe than it initially appears. While labeled as a sensitive information disclosure vulnerability, it is actually a path traversal attack leading ...
- Cyber Attacks and the Risk of Real War: A NATO Perspective
June 5, 2024
The possibility of a cyber-attack on any NATO member country escalating into a real war is a pressing concern. This question is particularly relevant as the US-led North Atlantic Treaty Organization (NATO) has started establishing ‘cyber labs’ in countries bordering Russia, signalling an increased focus on cyber defence. At the recent Shangri-La Dialogue (31 May-2 June) ...
- Big name TikTok accounts hijacked after opening DM
June 5, 2024
High profile TikTok accounts, including CNN, Sony, and—er—Paris Hilton have been targeted in a recent attack. CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident. According to Forbes, the attack happens without the account owner needing to click on or open ...