Cybersecurity researchers Zoziel Pinto Freire analyzed the use of weaponized PDFs in phishing attacks Every day everybody receives many phishing attacks with malicious docs or PDFs. I decided to take a look at one of these files. I did a static analysis and I went straight to the point to make this reading simple and […]
Boffins from the Ruhr University Bochum (Germany) have disclosed a series of new attack methods, dubbed Shadow attacks, against signed PDF files. Security researchers from the Ruhr University Bochum (Germany) have devised a series of new attack techniques, dubbed Shadow attacks, against signed PDF files. In February 2019, the same team of experts found several […]
Experts at Exploit detection service EdgeSpot detected several PDF documents that exploit a zero-day flaw in Chrome to harvest user data. Exploit detection service EdgeSpot spotted several PDF documents that exploit a zero-day vulnerability in Chrome to harvest data on users who open the files through the popular web browser. The experts initially detected the […]
Experts found several flaws in popular PDF viewers and online validation services that allow to deceive the digital signature validation process. Several PDF viewers and online validation services contain vulnerabilities that can be exploited to make unauthorized changes to signed PDF documents without invalidating their digital signature. A group of academics from the German Ruhr-University […]
In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the […]
Weaponized documents are the main ingredient for almost any spam and spear-phishing campaign, let’s see how to steal windows credentials with specially crafted PDF files. Weaponized documents are the main ingredient for almost any spam and spear-phishing campaign. Weaponized PDF files can be used by threat actors to steal Windows credentials, precisely the associated NTLM […]
The McAfee security firm found an Adobe Reader vulnerability that reveals where a PDF document is opened. The McAfee security firm found an Adobe Reader vulnerability that reveals where a PDF document is opened, once again Adobe products are the center of attention of security experts after the numerous attacks that have exploited flaws in its products for cyber espionage campaigns. […]