Modern Australian
Men's Weekly

.

Trend Micro ZDI Surpasses 1000 Published Advisories in 1H 2023 In Continued Commitment to Coordinated Disclosure

Security leader to announce critical Microsoft zero-days at Black Hat USA 2023

HONG KONG SAR - Media OutReach - 18 August 2023 - Trend Micro (TYO: 4704; TSE: 4704), a global cybersecurity leader, announced at Black Hat USA 2023 that its Zero Day Initiative program has published advisories addressing over 1000 unique vulnerabilities in 2023.

The real-world impact if these vulnerabilities were to be weaponized would amount to time and financial losses of over 10 times the cost of prevention.

"Our proactive investment of millions each year into vulnerability research and purchases saves billions in recovery for both our customers and the industry as a whole," said Kevin Simzer, COO at Trend. "A concerning trend is being documented of companies lacking transparency around vulnerability disclosure vendor patching, which pose a threat to the security of the digital world."

Today, Trend is calling for an end to silent patching – the practice of slowing or diluting public disclosure and documentation of vulnerabilities and patches. It is a major roadblock to fighting cybercrime but is all too common among major vendors and cloud providers.

During a session at Black Hat USA 2023, Trend Research representatives revealed that silent patching has become particularly common among cloud providers. Companies are more frequently refraining from assigning a Common Vulnerabilities and Exposures (CVE) ID for public documentation and are instead privately issuing patches.

The lack of transparency or version numbers for cloud services hinders risk assessment and deprives the wider security community of valuable information for enhancing overall ecosystem security.

At last year's Black Hat event, Trend warned of a growing number of incomplete or faulty patches and an increasing reluctance among vendors to deliver authoritative information on patches in plain language. The gap has since worsened, with some companies deprioritizing patching altogether, leaving their customers and industries exposed to unnecessary and increasing risk.

Urgent action is needed to prioritize patching, address vulnerabilities and foster collaboration among researchers, cybersecurity vendors and cloud service providers to fortify cloud-based services and protect users from potential risks.

Trend is committed to transparent vulnerability patching and aims to enhance security postures industry-wide through its Zero Day Initiative program. Through its commitment to transparent disclosure, Trend's ZDI issued today advisories on several zero-day vulnerabilities including:

ZDI-CAN-20784 Github (CVSS 9.9)

  • This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft GitHub. Authentication is required to exploit this vulnerability
  • The flaw exists within the configuration of Dev-Containers. The application does not enforce the privileged flag within a dev container configuration. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor

ZDI-CAN-20771 Microsoft Azure (CVSS 4.4)

  • This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. An attacker must first obtain the ability to execute high-privileged code on the target environment in order to exploit this vulnerability
  • The flaw exists within the handling of certificates. The issue results from the exposure of a resource to the wrong control sphere. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.

For a full list of advisories published by Trend Micro's ZDI, visit: https://www.zerodayinitiative.com/advisories/published/

Trend Micro's ZDI pioneered the vulnerability marketplace with a focus on disrupting attackers by legitimately purchasing vulnerability research that can then be disclosed to affected vendors to address before the information is made public.

Hashtag: #trendmicro #ZDI #cybersecurity #cloudsecurity



The issuer is solely responsible for the content of this announcement.

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,500+ employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world.

Social Media: Is It Increasing Rates of Anxiety and Depression?

In today’s connected world, social media has become an integral part of daily life. Platforms like Instagram, TikTok, and Facebook offer opportuni...

Preventive Maintenance Tips for Hydraulic Equipment

Hydraulic equipment plays a crucial role in industries ranging from construction and mining to agriculture and manufacturing. Whether it’s powerin...

Choosing the Right LiDAR System for Your Project

When planning a project that relies on accurate spatial data, selecting the right LiDAR system is one of the most critical decisions you’ll make. ...

The History of Craft Beer: From Monasteries to Modern Breweries

Craft beer has a rich and fascinating history that stretches back centuries. What we enjoy today in trendy taprooms and bustling breweries is the re...

How Natural Pearls Shaped Trade Routes and Global Economies

Throughout history, natural pearls—those rare, untamed treasures formed by nature itself—have exerted a powerful influence on trade networks, po...

How To Choose The Right Insulation For Your Space

Selecting the appropriate insulation for your home or building is a critical decision that affects comfort, energy efficiency, and present and future ...

7 Best Things to Do in Beaufort, Victoria

Beaufort is a charming small town in Victoria’s Goldfields, full of history, natural beauty, and warm, welcoming locals. Whether you’re passing th...

What to Expect During Divorce Mediation & Settlement

Divorce can be a difficult and emotionally draining process, but mediation and settlement often provide a constructive path forward. Instead of goin...

Navigating Disability Services in Perth: Your Questions Answered

Understanding the landscape of disability support can feel overwhelming, especially when you're just starting out. If you’re looking for support a...

How Veneers and Dental Implants Work Together for Full Smile Restoration

Modern dentistry has strong instruments that can produce life-changing outcomes when it comes to repairing a smile that has been impacted by tooth los...

Gen Z’s Are Going off Grid – But Is It Sustainable?

Australia’s cost of living crisis is causing Gen Z to get creative with frugal living options. Earlier this year, young couple Koby and Amelie wan...

The Risks of DIY Air Conditioning Installation and How to Avoid Them

Air conditioning is essential in Australia, especially during the scorching summer months, when homes and workplaces can become unbearable without rel...

How to Find Reliable Air Conditioning Services Near You in Brisbane Northside

Introduction In Brisbane’s hot and humid climate, air conditioning has become more of a necessity than a luxury. Whether it's keeping your home coo...

Enhance Outdoor Living with Lifestyle Awnings

Creating the perfect balance between indoor comfort and outdoor living is something many homeowners aspire to achieve. In recent years, Lifestyle Aw...

Why Buckets with Lids Are Essential for Safe Storage & Transportation

The right bucket can streamline transport and make handling easier day to day. With options suited to food, chemicals and construction materials, th...

Comfort and Style with Ceiling Fans Perth

While air conditioning is common, it is not always the most cost-effective or sustainable solution, particularly during long hot summers. For homeow...

How Professional Air Conditioning Services Improve Comfort and Efficiency

Air conditioning has become a fundamental part of homes and businesses, providing relief from sweltering summers and keeping interiors warm in winte...

The Value of Professional Rubbish Removal Services

From everyday waste to bulky items like furniture and appliances, finding the right way to dispose of rubbish is not always straightforward. This is...