From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings

6. September 2024
News | usd HeroLab

In the dynamic field of cybersecurity, it is often the obscure and long-forgotten vulnerabilities that pose a hidden threat to otherwise hardened systems. One such vulnerability lies in invalid character encodings that violate the UTF-8 standard. While overlong UTF-8 encodings may seem like an esoteric topic reserved for those deep in the trenches of encoding standards, the security implications can be profound and are worth considering. Therefore, our colleague Dominique Dittert at usd HeroLab thought it was time to revisit this issue now to bring back some memories.

Read her full article here:
From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings.

ENCODING | EXPLOITS | SECURITY RESEARCH | usd HeroLab | UTF-8 | VULNERABILITIES

Also interesting:

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

Dec 11, 2025

Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated accordingly and now covers the current requirements. The Digital Operational Resilience Act (DORA) came into force on...

Red Teaming: 5 Questions Every IT Leader Wants Answered

Red Teaming: 5 Questions Every IT Leader Wants Answered

Dec 3, 2025

Many companies invest in firewalls, endpoint protection, and awareness training, assuming that this puts them in a strong position. But the reality is different: attackers do not think in terms of tools, but in terms of targets. They combine technical vulnerabilities...

Categories

Categories

#BeAware Cloud Security Customer Stories  | Cyber Defence  |  Cybersecurity Tips  |  Events & Community Financial Sector & Compliance  |  Life@usd  |  News  |  PCI -Tipps  |  PCI News Pentest Insights  |  Security Audits  |  Security Research  |  usd Updates