Vietnam-based cybersecurity firm VinCSS has detected six critical vulnerabilities classified as ’Zero Day’. These vulnerabilities were found in Microsoft and Adobe, according to a report in Tuoi Tre News.
Mr. Tran Van Khang, head of VinCSS’s malware analysis under Vietnamese conglomerate Vingroup, was recently acknowledged by Adobe for finding three vulnerabilities in the Windows version of their software Framemaker, a processor for large or complex documents.
They were deemed critical security flaws and were fixed by a security patch released on September 14, according to the report.
A day later, Mr. Tran Van Khang found three other vulnerabilities in the business office suite Microsoft 365 Apps for Enterprise. Such vulnerabilities could be exploited by hackers to gain access to the network of an organisation and commit malicious actions that could result in significant damage.
While digital transformation is accelerated across all sectors in Vietnam, Covid-19 and the rising demand for remote work has prompted even greater needs for data protection, within businesses and organisations.
Vietnam recorded more than 3900 Cyber Attacks in the first 7 months of the year 2021 with 718 were reported in June alone according to NCSC data, equating to it being placed at No.25 out of 194 countries. Minister of Information and Communications Nguyen Manh Hung has issued Directive No 22/CT-BTTT on strengthening the prevention and combat of violations and crimes on the Internet, in May 2021.
All six vulnerabilities found by Mr. Tran Van Khang are classified as ’Zero Day,’ which means that there is literally no time to fix them before malicious hackers exploit them.
This is not the first time Mr. Tran Van Khang has contributed white-hat efforts to tech giants’ digital safeguard, as he had detected a total of 27 vulnerabilities for Microsoft, Adobe, as well as anti-virus software by Trend Micro, McAfee, Bitdefender, and ESET, within a three-year span working for VinCSS.
In April 2019, Mr. Tran Van Khang became the first Vietnamese engineer to receive the GIAC Reverse Engineering Malware (GREM) certification from the SANS Institute.
Vietnam jumped 25 places in two years to rank 25th out of 194 countries and territories worldwide in the Global Cybersecurity Index (GCI) in 2020, according to a report by the International Telecommunications Union (ITU).