Well, you may be used to getting invoices and payments in PDF files, secure in the knowledge that they are digitally signed and therefore safe.
Well, not exactly.
(If you read the details of the attack, you can see that they aren't exactly changing the signed content, but you'd have to be really familiar with (and check) the internal format of the PDF file in order to determine that a visible change has been made.)
Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413
This message may or may not be governed by the terms of