Business Daily Media

The Times


.

Trend Micro ZDI Surpasses 1000 Published Advisories in 1H 2023 In Continued Commitment to Coordinated Disclosure

Security leader to announce critical Microsoft zero-days at Black Hat USA 2023

HONG KONG SAR - Media OutReach - 18 August 2023 - Trend Micro (TYO: 4704; TSE: 4704), a global cybersecurity leader, announced at Black Hat USA 2023 that its Zero Day Initiative program has published advisories addressing over 1000 unique vulnerabilities in 2023.

The real-world impact if these vulnerabilities were to be weaponized would amount to time and financial losses of over 10 times the cost of prevention.

"Our proactive investment of millions each year into vulnerability research and purchases saves billions in recovery for both our customers and the industry as a whole," said Kevin Simzer, COO at Trend. "A concerning trend is being documented of companies lacking transparency around vulnerability disclosure vendor patching, which pose a threat to the security of the digital world."

Today, Trend is calling for an end to silent patching – the practice of slowing or diluting public disclosure and documentation of vulnerabilities and patches. It is a major roadblock to fighting cybercrime but is all too common among major vendors and cloud providers.

During a session at Black Hat USA 2023, Trend Research representatives revealed that silent patching has become particularly common among cloud providers. Companies are more frequently refraining from assigning a Common Vulnerabilities and Exposures (CVE) ID for public documentation and are instead privately issuing patches.

The lack of transparency or version numbers for cloud services hinders risk assessment and deprives the wider security community of valuable information for enhancing overall ecosystem security.

At last year's Black Hat event, Trend warned of a growing number of incomplete or faulty patches and an increasing reluctance among vendors to deliver authoritative information on patches in plain language. The gap has since worsened, with some companies deprioritizing patching altogether, leaving their customers and industries exposed to unnecessary and increasing risk.

Urgent action is needed to prioritize patching, address vulnerabilities and foster collaboration among researchers, cybersecurity vendors and cloud service providers to fortify cloud-based services and protect users from potential risks.

Trend is committed to transparent vulnerability patching and aims to enhance security postures industry-wide through its Zero Day Initiative program. Through its commitment to transparent disclosure, Trend's ZDI issued today advisories on several zero-day vulnerabilities including:

ZDI-CAN-20784 Github (CVSS 9.9)

  • This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft GitHub. Authentication is required to exploit this vulnerability
  • The flaw exists within the configuration of Dev-Containers. The application does not enforce the privileged flag within a dev container configuration. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor

ZDI-CAN-20771 Microsoft Azure (CVSS 4.4)

  • This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. An attacker must first obtain the ability to execute high-privileged code on the target environment in order to exploit this vulnerability
  • The flaw exists within the handling of certificates. The issue results from the exposure of a resource to the wrong control sphere. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.

For a full list of advisories published by Trend Micro's ZDI, visit: https://www.zerodayinitiative.com/advisories/published/

Trend Micro's ZDI pioneered the vulnerability marketplace with a focus on disrupting attackers by legitimately purchasing vulnerability research that can then be disclosed to affected vendors to address before the information is made public.

Hashtag: #trendmicro #ZDI #cybersecurity #cloudsecurity



The issuer is solely responsible for the content of this announcement.

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,500+ employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world.

News from Asia

NCB introduces Seamless Cross-Border QR Payments for international travellers in Vietnam

HANOI, VIETNAM - Media OutReach Newswire - 15 July 2026 - Open visa policies, a wealth of cultural and natural attractions, acclaimed cuisine, warm local hospitality, and increasingly convenient p...

SBI Global Asset Management and DigiFT Launch JX, Bringing a Japanese Asset Manager’s Equity Strategy On-Chain for the First Time

SINGAPORE - Media OutReach Newswire - 15 July 2026 - DigiFT, a regulated digital asset exchange for institutional-grade real-world assets ("RWAs"), and SBI Global Asset Management Co., Ltd. ("SBI ...

Smilegate LORDNINE Launches Pre-Registration for New Growth-Accelerated Server 'Helena' in Celebration of 1st Anniversary… 32,000 USDt Reward Event Underway

Pre-registration for new server Helena opens July 14... Official launch on July 29 Sweeping new server growth-support systems, including 50% additional EXP via Mastery Buff ...

A SIM Guide to Comparing Graduate Salaries and Employability in Singapore

SINGAPORE - Media OutReach Newswire - 15 July 2026 - As students and parents in Singapore evaluate higher education pathways, employability, starting salary and return on investment are increasing...

Hong Kong SMEs Accelerate Transformation as AI and Northern Metropolis Unlock New Opportunities, Dah Sing Bank Survey

Capability and Resource Gaps Limit Growth Potential As Firms Explore the New EconomyHONG KONG SAR - Media OutReach Newswire - 15 July 2026 - Dah Sing Bank, Limited ("Dah Sing Bank") revealed in it...

Xsolla and Management and Science University (MSU) Sign Memorandum of Understanding (MOU) to Connect Future Game Developers With Global Commercial Opportunities

Collaboration Provides Students Access To Xsolla’s Publishing Suite And Launcher, Bridging Academic Learning With Commercial Game Development PracticesKUALA LUMPUR, MALAYSIA - Media OutReach Newsw...

Louis Vuitton Celebrates 130 Years of the Monogram

TAIPEI, TAIWAN - Media OutReach Newswire - 15 July 2026 - In 2026, Louis Vuitton commemorates the 130th anniversary of its most enduring emblem: the Monogram, born in 1896. To mark this extraordin...

Fitch Ratings assigns first-time credit rating to HDBank, recognises its strong financial profile

HO CHI MINH CITY, VIETNAM - Media OutReach Newswire - 15 July 2026 - Fitch Ratings has assigned its first-ever credit ratings to Ho Chi Minh City Development Joint Stock Commercial Bank (HoSE: HDB...

Cushman & Wakefield Study: AI to Drive Stronger Growth and Higher Real Estate Demand Across Asia Pacific

Scenario-based analysis shows AI will expand demand across office, industrial and retailHONG KONG SAR - Media OutReach Newswire - 15 July 2026 - Artificial intelligence (AI) is set to fuel economi...

Arup partners YJK to launch AI Designer in Hong Kong to advance AI-enabled structural engineering

Strategic partnership integrates design optimisation and artificial intelligence to improve engineering efficiency, project outcomes and decarbonisation HONG KONG SAR - Media OutReach Newswire - 1...

Selling a Small Business in Australia: Understanding the Capital Gains Tax Concessions

For many Australian business owners, selling a business represents the reward for years—sometimes decades—of hard work. Unlike employees who may bu...

Australian businesses lean into global strategic partnerships (GCCs) for next wave of outsourcing

The Australian corporate landscape is undergoing a fundamental transformation in how it sources talent and innovation. While businesses have traditi...

The New Pressure Gap Crushing Small Businesses

Starting any business and making it prosper is a major undertaking. Part of the challenge is managing the uncertainty, but the financial pressures o...

Click Frenzy returns with a free EOFY sale event for retailers this month

New owners Gabby and Hezi Leibovich bring back Australia’s leading ecommerce sales event with Australia Post as Major Sponsor   Click Frenzy is ...

The 95 Per Cent Failure Rate Is Not An AI Problem

Most Australian SMEs I speak with are already having a go at AI. Some are running formal pilots, others have a team member quietly experimenting o...

New AR tech helping to solve field service skills crisis

AI-enabled augmented reality (AR) smart glasses are emerging as a new practical solution to fill a shortage of field service technicians maintaini...