A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Unpatchable vulnerability in Apple chip leaks secret encryption keys
March 21, 2024
A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday. The flaw—a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols—can’t be patched directly because ...
- Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect
March 21, 2024
During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, Mandiant researchers observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same actor. This mix of custom tooling and the SUPERSHELL framework leveraged in these incidents is assessed ...
- Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now
March 21, 2024
Ivanti has issued patches for two vulnerabilities. One was discovered in the Ivanti Standalone Sentry, which impacts all supported versions 9.17.0, 9.18.0, and 9.19.0. Older versions are also at risk. The other vulnerability impacts all supported versions of Ivanti Neurons for ITSM—2023.3, 2023.2 and 2023.1, as well as unsupported versions which will need an upgrade before ...
- Ring doorbell owners warned of bank raiding attack as thieves target Brits
March 21, 2024
Home security gadgets like Ring doorbells are increasingly being targeted by cyber crooks and their nasty phishing campaigns. Cybersecurity experts at Trustwave have warned Ring customers – and owners of similar gadgets from other brands – that home security tech is being used against the people its supposed to protect. Read more… Source: The Sun
- China’s MSS publicizes typical case to remind public of overseas cyber ransom attacks
March 21, 2024
China’s national security authorities publicized on Thursday a typical case of cyber ransom attacks to help raise public awareness over online blackmail and attacks from overseas, which not only affects social stability and economic development but also threatens China’s national security and interests. A Chinese high-tech company recently filed a report through the hotline 12339 about ...
- Android malware, Android malware and more Android malware
March 20, 2024
Among the mobile platforms, Android remains the most popular target operating system for cybercriminals. Last month, Kaspersky wrote a total of four private crimeware reports on Android malware, three of which are summarized below. Tambir Tambir is an Android backdoor that targets users in Turkey. It disguises itself as an IPTV app, but does not manifest any ...