[Tech Talk] Yikes! Shadow Attack Allows Editing of the 15 Most Popular PDF Viewers

ZDNET reported that 15 of the most popular PDF viewers were vulnerable to what security researchers called a “Shadow Attack”. This attack even allowed the attackers to EDIT and alter digitally signed PDF files by overlaying content in layers. According to the ZDNET, researchers at Ruhr-University Bochum in Germany identify the vulnerability in PDF detailing how it is done. The affected publishers were notified but you need to update to the patched versions or you could be susceptible to having a digitally signed PDF altered. The tampered document would be ideal for BEC social engineering attacks.

The Shadow Attack was assigned CVE-2020-9592 and CVE-2020-9596 identifiers.

The researchers point out, “because the layer was included in the original document that the victim signed, changing the layer’s visibility doesn’t break the cryptographic signature and allows the attacker to use the legally-binding document for nefarious actions – such as replacing the payment recipient or sum in a PDF payment order or altering contract clauses.”

Read full article here


Featured Webinars


Advanced Phishing and
Training

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More
Gold/Platinum/Diamond
Features

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service