Researchers from the Ruhr University Bochum, Germany, have devised a new strategy that allows meddling with PDFs. Dubbed Shadow attacks, the researchers have come up with multiple attack techniques that allow changing the content of digitally signed PDFs. Specifically, these attacks exploit the legitimate features that keep the target documents compliant with the standards.
Thus, shadow attacks bypass all existing strategies that detect any malicious editing attempts on PDFs. In brief, these attacks work on the idea of how people use PDF documents and digital signatures today.
Read the full article at Latest Hacking News