-
Fun fact about
#PDFex: The known plaintext for the CBC gadget attacks results from the permission management (e.g. write protection) defined in the PDF standard. The encryption dictionary contains the permissions both in plain and in encrypted form. 1/2Prikaži ovu nit -
Btw. You can test your PDF application of choice using the exploits we have uploaded (Password: pass): https://www.pdf-insecurity.org/download/exploits-encryption/exploits.tgz …
#PDFex -
New vulnerability #PDFex found in 100% (27/27 tested) of PDF readers, where an attacker can intercept and modify an encrypted PDF so it leaks its contents when opened. Full details and paper http://www.pdf-insecurity.org pic.twitter.com/MjNyDYc8Ix
-
Anyone out there using PDF encryption? We found two major weaknesses in the standard which both lead to full plaintext exfiltration in an active-attacker scenario
#PDFex -
On my way to
#36c3, catch our talk about PDF security today at 16:10 in room Borg!@v_mladenov will be talking about signatures and I will talk about encryption.#pdfex -
Slides of the
#BHEU talk with@jensvoid on#PDFex are available at http://i.blackhat.com/eu-19/Thursday/eu-19-Muller-How-To-Break-PDF-Encryption-2.pdf …! -
-
"How to Break PDF Encryption" --
@Murgi and me will present#PDFex at#BHEU: https://www.blackhat.com/eu-19/briefings/schedule/#how-to-break-pdf-encryption-17540 … -
Check out our new paper on PDF encryption.
#PDFex https://twitter.com/seecurity/status/1178599911903956992 …
-
Looking for ways to unlock and read the content of a password-protected or encrypted PDF file without knowing the password? Well, that's now possible. Read Full Post On >> https://towardscybersecurity.blogspot.com/2019/10/pdf-password-encryption-hacking.html … Follow For More >>
@TowardsCyberse1#PDFex -
-
Google finds Android zero-day impacting Pixel, Samsung, Huawei, Xiaomi devices, Zendesk security breach may impact orgs like Uber, Slack, FCC, and more.. To read our newsletter: https://ledgerops.com/blog/2019/10/8/last-week-in-blockchain-and-cybersecurity-news-october-8th-2019 …
#AndroidBug#CyberSecurity#DataBreach#Google#Hack#PDFex#Security#Signalpic.twitter.com/7b34BKn09uPrikaži ovu nit -
As a result, 27/27 PDF viewers were vulnerable (14 without user interaction, 13 with user interaction).
#PDFex 7/n pic.twitter.com/520wQ4bRt5
Prikaži ovu nit -
With PDFs used in many cases for invoices, this potential new attack presents yet more danger for email invoice redirection.
#CyberSecurity#PDFex https://gdpr.report/news/2019/10/01/privacy-encrypted-pdf-files-can-be-cracked/ … -
Popular PDF viewer
#software (for Windows, Mac & Linux) have been found vulnerable to the new#PDFex attacks, including:
Adobe Acrobat
Foxit
Okular
Nitro Reader and more
...as well as those come built-into web #Chrome,#Firefox and Safari browsers.pic.twitter.com/uLOJzgx6C6
Prikaži ovu nit -
Prikaži ovu nit
-
New PDFex attack can exfiltrate data from encrypted PDF files | ZDNet https://www.zdnet.com/article/new-pdfex-attack-can-exfiltrate-data-from-encrypted-pdf-files/ …
#pdfex -
A new
#PDFex attack can extract and steal data from encrypted PDF files, sometimes even without user interaction. Read more at@ZDNet https://www.zdnet.com/article/new-pdfex-attack-can-exfiltrate-data-from-encrypted-pdf-files/ … -
Main mitigations on PDF standard level are: a) remove partial encryption and b) define and enforce authenticated encryption.
#PDFex 8/nPrikaži ovu nit
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.