A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Polish minister says government used spyware against hundreds of people
April 25, 2024
The use of spyware in Poland under the previous government resulted in accusations that the authorities were abusing power and eroding democratic guardrails. Poland’s prosecutor general said on Wednesday that Pegasus spyware was used against hundreds of people during the former Polish government. Adam Bodnar told lawmakers that he found the scale of the surveillance to ...
- UK: Personal details of 200,000 people at risk after neighbourhood watch system data breach
April 24, 2024
The names, email addresses and telephone numbers of up to 200,000 people could have been obtained by hackers following a major data breach at a police-backed alert system. Bosses at the company which manages the ‘In The Know’ alert system, which is used by Lancashire Police and Lancashire Fire and Rescue Service, have apologised. Read more… Source: MSN ...
- United Nations investigating potential ransomware attack after data ripped from IT systems
April 23, 2024
Hackers managed to break into the United Nations Development Programme (UNDP) IT systems in Copenhagen, stealing a wide range of sensitive data. Ransomware gang 8Base has claimed responsibility, posting on its own website that the group had managed to get its hands on employment contracts, personal data, invoices and much more Read more… Source: MSN News Sign up for ...
- Are We Ready for a Cyber Attack on Food and Farming?
April 23, 2024
Federal officials and lawmakers are preparing to defend against cyber attacks that would leave residents without reliable access to food by targeting the food and agriculture sectors. The latest preparation effort is Cyber Storm — a massive, multiday tabletop exercise involving state, local, tribal, territorial, federal and private-sector organizations — and it probed how well participants ...
- Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
April 22, 2024
Microsoft Threat Intelligence is publishing results of our longstanding investigation into activity by the Russian-based threat actor Forest Blizzard (STRONTIUM) using a custom tool to elevate privileges and steal credentials in compromised networks. Since at least June 2020 and possibly as early as April 2019, Forest Blizzard has used the tool, which we refer to as ...
- Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400
April 22, 2024
This threat brief is frequently updated as new threat intelligence is available for us to share. The full update log is at the end of this post and offers the fullest account of all changes made. Updated April 19 to include information on observed levels of attempted exploitation and relative prevalence of those levels, with unsuccessful ...