A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FBI: Threats Associated with the Israel-HAMAS Conflict
October 26, 2023
The Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) are issuing this Public Service Announcement to highlight potential threats in the United States from a variety of actors in response to the HAMAS attacks on Israel on 7 October and subsequent activities in the region, including additional calls by foreign terrorist organizations ...
- StripedFly: Perennially flying under the radar
October 26, 2023
It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. It comes equipped with a built-in TOR network tunnel for communication with command servers, along with update and delivery functionality through trusted services such as GitLab, GitHub, ...
- Responding and Defending Against IdP Vendor Compromise
October 25, 2023
Based on Okta’s statement on October 20 regarding a recent security breach, it has been determined that the threat actor successfully gained access to Okta’s customer support system. Once inside the system, the threat actor was able to view files uploaded by Okta customers in relation to recent support cases with valid session tokens. By ...
- Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
October 25, 2023
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for organizations across multiple industries. Octo Tempest leverages broad social engineering campaigns to compromise organizations across the globe with the goal of financial extortion. With their extensive range of tactics, techniques, and procedures (TTPs), ...
- Mystic Stealer Revisited
October 25, 2023
Mystic Stealer is a relatively new downloader and information stealer that emerged in early 2023. The malware harvests data from a large number of web browsers and cryptocurrency wallet applications. Mystic can also be used to steal Steam game credentials and arbitrary files from an infected system. Mystic stands out for the level of obfuscation ...
- 2023 Zscaler ThreatLabz Report Indicates 400% Growth in IoT Malware Attacks
October 24, 2023
This Zscaler ThreatLabz blog serves as a brief synopsis of the key points revealed in their 2023 Enterprise IoT and OT Threat Report. The report explores the growth of Internet of Things (IoT) device traffic and IoT malware attacks, in addition to how legacy vulnerabilities, targeted devices, and specific industries have become central players in the ...