A new report is alleging LinkedIn uses hidden JavaScript to scan its visitors’ browsers for installed extensions, looks for those that compete with its own sales tools, and then twists its users’ arms until they stop using those and pick LinkedIn’s products, instead.
However the social network says this is a smear campaign run by a disgruntled extensions developer who lost a court battle in Germany. An “association of commercial LinkedIn users” called Fairlinked e.V published a report detailing “BrowserGate” – claiming LinkedIn scans for thousands of browser extensions and ties the results to identifiable user profiles – and by scanning, LinkedIn harvests personal and corporate information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Rheinmetall suffers cyber attack, military business unaffected, spokesperson says
April 14, 2023
Rheinmetall (RHMG.DE), suffered a cyber attack to the division of its business dealing with industrial customers, mostly in the automotive sector, the company said on Friday, adding its military division was unaffected. “Rheinmetall is currently investigating the extent of the damages and is in close contact with the relevant authorities,” a spokesperson said. Read more… Source: Reuters
- Linux kernel logic allowed Spectre attack on ‘major cloud provider’
April 13, 2023
The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it. On Thursday, Eduardo (sirdarckcat) Vela Nava, from Google’s product security response team, disclosed a Spectre-related flaw in version 6.2 of the Linux kernel. Read more… Source: The Register
- CISA Releases Sixteen Industrial Control Systems Advisories
April 13, 2023
CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSMA-23-103-01 B. Braun Battery Pack SP with Wi-Fi ICSA-23-103-01 Siemens Adaptec maxView Application ICSA-23-103-02 Siemens JT Open and JT Utilities ICSA-23-103-03 Siemens in OPC Foundation Local Discovery Server Read more… Source: U.S. Cybersecurity and Infrastructure ...
- Uncommon infection methods – part 2
April 13, 2023
Although ransomware is still a hot topic on which Kaspersky will keep on publishing, they also investigate and publish about other threats. Recently we explored the topic of infection methods, including malvertising and malicious downloads. In this blog post, Kaspersky researchers provide excerpts from the recent reports that focus on uncommon infection methods and describe ...
- Supply chain security for Go, Part 1: Vulnerability management
April 13, 2023
High profile open source vulnerabilities have made it clear that securing the supply chains underpinning modern software is an urgent, yet enormous, undertaking. As supply chains get more complicated, enterprise developers need to manage the tidal wave of vulnerabilities that propagate up through dependency trees. Open source maintainers need streamlined ways to vet proposed dependencies ...
- Vice Society: A tale of victim data exfiltration via PowerShell, aka stealing off the land
April 13, 2023
Threat actors (TAs) using built-in data exfiltration methods like LOLBAS negate the need to bring in external tools that might be flagged by security software and/or human-based security detection mechanisms. These methods can also hide within the general operating environment, providing subversion to the threat actor. For example, PS scripting is often used within a typical ...