Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs

0 Comment

Source: The Hacking News
Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs
Researchers have demonstrated a novel class of attacks that could allow a bad actor to potentially circumvent existing countermeasures and break the integrity protection of digitally signed PDF documents.
Called “Shadow attacks” by academics from Ruhr-University Bochum, the technique uses the “enormous flexibility provided by the PDF specification so that shadow documents remain

Leave a Reply

%d bloggers like this: