A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FBI issues warning against using Chinese manufactured drones
February 21, 2024
Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones, continue to pose a significant risk to critical infrastructure and U.S. national security, according to an FBI advisory. While any UAS could have vulnerabilities that enable data theft or facilitate network compromises, the People’s Republic of China (PRC) has enacted laws that provide the government with ...
- A first analysis of the i-Soon data leak
February 21, 2024
Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose. The vendor, i-Soon (aka Anxun) is believed to be a private contractor that ...
- re: Zyxel VPN Series Pre-auth Remote Command Execution
February 21, 2024
On January 25, 2024, SSD Secure Disclosure posted a disclosure titled Zyxel VPN Series Pre-auth Remote Command Execution. The writeup describes an unauthenticated remote command injection vulnerability affecting Zyxel VPN firewalls. That caught VulnCheck researchers attention. The Zyxel VPN series has appeared on the CISA KEV four times now, and the original disclosure didn’t mention a ...
- Australia: OAIC to investigate legal consultant’s data breach
February 21, 2024
The Australian Information Commissioner has launched an investigation into a law firm that provides legal and consulting services to the government, in relation to a data breach and the publication of some of that data on the dark web. At least 65 government entities were affected by the breach last year. The announcement on Wednesday follows ...
- Europol: Tips & advice to prevent ransomware from infecting your electronic devices
February 21, 2024
Ransomware is a type of malware that locks your computer and mobile devices or encrypts your electronic files, demanding a ransom payment through certain online payment methods (and by an established deadline) in order to regain control of your data. It can be downloaded through fake application updates or by visiting compromised websites. It can also ...
- Sharp rise in cyber attacks at UK law firms as hackers eye sensitive data
February 21, 2024
The number of reported cyber attacks on UK law firms has increased 36 per cent over the past year. According to data by speciality reinsurance group Chaucer, there were 166 reported cyber breaches in 2021/22, this number jumped to 226 for 2022/23 (as of 30 September). Chaucer says that the large number of attacks against law ...