Hack Breaks PDF Encryption, Opens Content to Attackers

Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content  — or even forge signed PDF files under certain circumstances.

A team from Ruhr University BochumFH Münster University of Applied Sciences and Hackmanit GmbH developed the attack, called PDFex, that can allow an attacker to view the content of a PDF file without the public key or password encrypting it.

The team published a report online detailing the attack, which encompasses two main techniques — one that can break PDF encryption and one that can break PDF signatures. They evaluated the hacks against two types of applications — commonly used desktop applications and online validation services that are more often used by businesses.

Read more…
Source: ThreatPost