Hello and welcome to the Tuesday, November 5, 2024 edition of the Sands and at Storm Center's Stormcast.

My name is Johannes Ulrich and the time recording from Riyadh, Saudi Arabia.

The DA today published another diary-related PDF analysis and how to use QPDF with the DAE's own tool, PDF ID, as well as PDF parser.

The issue that the DA is discussing here is encrypted PDFs.

If you do have an encrypted PDF, the structure of the encrypted PDF is still visible. However, the details, of course, are not visible because they are encrypted. So, for example, you'll be able to see what kind of streams are available, also if there are any your eyes in the PDF,

but beyond that, in order to learn more about the PDF, you first need to decrypt it.

That's where QPDF comes in.

It allows you to decrypt the PDF if you provide the password.

Once decrypted, then of course, it's pretty straightforward to read the PDF if you provide the password. Once decrypted, then of course, it's pretty straightforward

to read the PDF into PDF parser to learn more details. There's also an option to have a PDF

that's marked as encrypted, but is encrypted with an empty password. In that case, QPDF will just

simply decrypted for you.

An Octa released an update for Octa Verify, fixing a vulnerability that may allow an attacker to retrieve passwords from a compromise system.

So, first of all, in order to exploit the vulnerability,

the attacker has to have already access to a system with the Octa Verify agent for Windows

installed, and you must have the desktop multi-factor authentication passwordless logins enabled. In this case, there is the

Octa device access pipe that is being accessible and that's how an attacker may be able to

obtain the passwords used by Octa Verify.

Updates are available.

And QNAP released another patch today.

This patch for a change does not affect their network storage device.

Instead, it affects their perimeter security device, Q router.

...