Cybersecurity researchers have disclosed two new attack techniques on certified PDF documents that could potentially enable an attacker to alter a document’s visible content by displaying malicious content over the certified content without invalidating its signature. « The attack idea exploits the flexibility of PDF certification, which allows signing or adding annotations to certified documents
Source de l’article sur The Hacker News