A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cambridge faces cyber attack
February 19, 2024
The University faced a cyberattack yesterday (20/02), which is affected internet and services across multiple UK higher education institutions. Students at various colleges were notified of the attack, which affected access to IT services such as CamSIS and Moodle. An internal email revealed that the incident was a Distributed Denial of Service (DDoS) attack, described as ...
- UK: Council worker took tens of thousands of email addresses in massive data breach
February 19, 2024
A massive data breach by a worker at Stratford-on-Avon District Council saw tens of thousands of email addresses taken. The breach, which happened in November last year, was over a database of email addresses given by residents, the authority said. The probe found that around 79,000 email addresses from the garden waste collection database were affected. ...
- SolarWinds Releases Critical Security Updates for Access Rights Manager
February 19, 2024
SolarWinds has released security updates addressing five remote code execution (RCE) vulnerabilities in Access Rights Manager (ARM). Path traversal vulnerabilities, CVE-2024-23476 and CVE-2024-23479, are both rated as critical with a CVSSv3 score of 9.6. An unauthenticated attacker could exploit these vulnerabilities, which could lead to RCE. Read more… Source: NHS Digital
- ALPHV ransomware says it was behind attacks on loanDepot, Prudential Financial
February 19, 2024
The infamous ALPHV ransomware operator (also known as BlackCat) has added two companies to its data leak site – Prudential Financial, and loanDepot, in a seeming admission it was behind the attacks on both companies. So far, the group has only added the names to its site, with the actual data not yet available. Apparently, the ...
- UK: Water group made loss in wake of cyber attack
February 19, 2024
The Walsall-headquartered integrated serviced group, which operates South Staffordshire Water and Cambridge Water, posted a pre-tax loss of £23.1 million for the year to the end of March from a £7.6m profit a year earlier. The losses was put down to the impact of rising costs including on energy and chemicals, higher than expected water production ...
- Why are ransomware gangs making so much money?
February 17, 2024
For many organizations and startups, 2023 was a rough year financially, with companies struggling to raise money and others making cuts to survive. Ransomware and extortion gangs, on the other hand, had a record-breaking year in earnings, if recent reports are anything to go by. It’s hardly surprising when you look at the state of the ...