Blog

Hackers Now Can Access Data In Secure PDF Files

Oct 10, 2019 | Blog

A team of six researchers from Ruhr-University Bouchum and Munster University, in Germany have discovered a critical flaw in the way that popular PDF viewers display data.

This makes it possible for an attacker to exfiltrate data from encrypted PDF files.

 

The researchers tested twenty-seven different desktop and web-based PDF viewer apps ranging from the ubiquitous Adobe Reader, to Foxit, and even the viewers built into both Chrome and Firefox. They found that every single one of them were vulnerable to the new attacks they engineered. The researchers developed two major lines of attacks with a few variants based on each type.

They had this to say about their findings:

“Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels, which are based on standard-compliant PDF properties…our evaluation shows that among 27 widely used PDF viewers, all of them are vulnerable to at least one of these attacks. These alarming results naturally raise the question of the root causes for practical decryption exfiltration attacks.  We identified two of them.

First, many data formats allow to encrypt only parts of the content.  This encryption flexibility is difficult to handle and allows an attacker to include their own content, which can lead to exfiltration channels.

Second, when it comes to encryption, AES-CBC–or encryption without integrity protection in general–is still widely supported.  Even the latest PDF 2.0 specification released in 2017 still relies on it.  This must be fixed in future PDF specifications.”

This is an alarming discovery although these attacks have not yet been seen in the wild. Now that the word is out, it’s just a matter of time.  Worse, there’s no fix on the horizon, which means that the PDFs you may be relying on to help keep your data secure, simply aren’t.

 

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech