A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber attacks against APAC commerce sector surpass 1.1 billion
June 14, 2023
Over 1.15 billion cyber attacks were launched against retailers, hotels and travel-related organisations in Asia-Pacific (APAC) last year, underscoring the security risks that come with growing digitisation efforts in the commerce sector. According to Akamai’s Entering through the gift shop: attacks on commerce report, retailers in India and China were the most targeted due to the ...
- Cadet Blizzard emerges as a novel and distinct Russian threat actor
June 14, 2023
As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian state-sponsored threat actors. Throughout the conflict, Russian threat actors have deployed a variety of destructive capabilities ...
- CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit
June 14, 2023
Today, CISA, the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and international partners released Understanding Ransomware Threat Actors: LockBit, a joint Cybersecurity Advisory (CSA) to help organizations understand and defend against threat actors using LockBit, the most globally used and prolific Ransomware-as-a-Service (RaaS) in 2022 and 2023. This guide is ...
- Australia’s privacy monitor hit by cyber attack
June 14, 2023
Australia’s peak privacy body that monitors potential breaches has fallen victim to a cyber attack. The Office of the Australian Information Commissioner has confirmed data belonging to law firm HWL Ebsworth has been stolen by Russian criminal ransomware hackers. Read more… Source: MSN News
- “.Zip” top-level domains draw potential for information leaks
June 13, 2023
As a result of Google’s announced sale of new TLDs that are also popular file extension formats, there is an increased risk with the deployment of the “.zip” domain that threat actors will develop new vectors for compromising victims. In early May 2023, Google released eight new TLDs, marketing the “.zip” domain as a way ...
- VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors
June 13, 2023
As Endpoint Detection and Response (EDR) solutions improve malware detection efficacy on Windows and Linux systems, certain state-sponsored threat actors have shifted to developing and deploying malware on systems that do not generally support EDR such as network appliances, SAN arrays, and VMware ESXi hosts. In late 2022, Mandiant published details surrounding a novel malware system deployed ...