Security News

Most security agencies fail to properly sanitize Portable Document Format files before publishing them, thus exposing potentially sensitive information and opening the door for attacks, researchers have discovered. An analysis of roughly 40,000 PDFs published by 75 security agencies in 47 countries has revealed that these files can be used to identify employees who use outdated software, according to Supriya Adhatarao and Cédric Lauradoux, two researchers with the University Grenoble Alpes and France's National Institute for Research in Computer Science and Automation.

Abstract: Organizations publish and share more and more electronic documents like PDF files. We gathered a corpus of 39664 PDF files published by 75 security agencies from 47 countries.

Interesting paper: "Shadow Attacks: Hiding and Replacing Content in Signed PDFs":. Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content. A user opening a signed PDF expects to see a warning in case of any modification.

Researchers have demonstrated a novel class of attacks that could allow a bad actor to potentially circumvent existing countermeasures and break the integrity protection of digitally signed PDF documents. To carry out the attack, a malicious actor creates a PDF document with two different contents: one which is the content that's expected by the party signing the document, and the other, a piece of hidden content that gets displayed once the PDF is signed.

The 14GB leaked database contains 77,159,696 records with users' email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information. Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that Nitro Software claims to have over 10,000 business customers and roughly 1.8 million licensed users.

Security researchers on Thursday documented and described a new injection technique capable of extracting sensitive data from PDF files. The new code-injection technique essentially allows hackers to inject code to launch dangerous XSS attacks within the bounds of a PDF document.

Hidden behind a flag is a much-anticipated PDF reader that users can enable right now. The PDF reader or viewer within Google Chrome has always been relatively simple, especially compared to other browsers, like Microsoft Edge.

PDF software developer Foxit has released patches to address several high-risk vulnerabilities affecting both Windows and macOS applications. Last week, the company released security updates for both Foxit PhantomPDF Mac and Foxit Reader Mac, to address a vulnerability that could result in code injection or information disclosure.

A team of researchers from the Ruhr University Bochum in Germany has disclosed a series of new attack methods against signed PDF files. Dubbed Shadow Attacks, the new techniques allow a hacker to hide and replace content in a signed PDF document without invalidating its signature.

Foxit Software has released patches for dozens of high-severity flaws impacting its PDF reader and editor platforms. Overall, Foxit Software patched flaws tied to 20 CVEs in Foxit Reader and Foxit PhantomPDF for Windows.