Latest news with #MaxCheng
Business Wire
08-05-2025
- Automotive
- Business Wire
VicOne's New xAurient Automotive Threat Intelligence Platform Enables Dramatically Streamlined and Tailored Threat Response
DETROIT & TOKYO--(BUSINESS WIRE)-- VicOne, an automotive cybersecurity solutions leader, today announced xAurient. The new automotive threat intelligence platform uniquely enables streamlined threat response by delivering early threat intelligence tailored to the particular manufacturing environment of an original equipment manufacturer (OEM) or Tier 1 supplier. xAurient illuminates the how and why of developing threats, delivers precise insights into attack paths and enables proactive, prioritized countermeasures to ensure product security for software-defined vehicles (SDVs). VicOne's new xAurient goes beyond gathering fragmented global threat data to define precise attack paths and provide on-demand threat research services for efficient and effective protection. An automaker's product cybersecurity personnel are freed to concentrate their efforts on deciding optimal risk treatments when designing newer automotive projects, evaluating current claims of threats to product security and assessing supply-chain partners. xAurient—powered by VicOne's battle-tested CyberThreat Research Lab—draws data from thousands of hidden TOR/Onion dark-web sources, and its artificial intelligence (AI) agent is trained on 30 years of threat intelligence to enable quick information gathering from social media and the web. The new VicOne solution uniquely factors a particular automaker's risk landscape, automatically prioritizing and identifying the most critical risks with AI-powered autobuild or customizable product-security risk profiles. Based on an open interface delivering seamless scalability, xAurient integrates with an automaker's intrusion detection system (IDS), vehicle management system (VMS) and vehicle security operations center (VSOC) platforms. Automakers also can use the new VicOne solution as a standalone platform to accelerate response times and enhance tailored mitigation. 'We have engineered xAurient to dramatically streamline threat response for our OEM and supplier customers,' said Max Cheng, chief executive officer of VicOne. 'Our new solution enables automakers to act more effectively and swiftly to counter emerging threats, while actually reducing human workload. xAurient drives meaningful actions that elevate an automaker's product security today and delivers continual monitoring for ongoing, differentiated protection.' Founded and singularly focused on spearheading innovation in vehicle cybersecurity, VicOne, the market leader of automotive cybersecurity, provides the most advanced and comprehensive solutions to the automotive industry and galvanizes collective expertise from the sector's broadest cast of best-of-breed partners. OEMs and suppliers trust VicOne's purpose-built solutions to stay ahead of evolving threats and safeguard vehicles, drivers and sensitive data. VicOne is a trusted threat intelligence source of automakers, delivering truly predictive insights and providing long lead times for threats to be averted and mitigated. Furthermore, VicOne has uncovered more than 100 zero-day vulnerabilities in connected cars and electric vehicle (EV) chargers. For more information on VicOne's new xAurient solution, please visit as well as the 'Automotive Threat Intelligence: Is It Your Threat or Your Burden?' blog post and a webinar introducing the solution. For more information on VicOne's holistic approach to cybersecurity—spanning software, hardware and supply-chain ecosystems—please visit About VicOne With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers and suppliers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro's 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit
Yahoo
08-05-2025
- Automotive
- Yahoo
VicOne's New xAurient Automotive Threat Intelligence Platform Enables Dramatically Streamlined and Tailored Threat Response
New VicOne xAurient reveals how and why of emerging threats, defines precise attack paths and provides on-demand intelligence services—while reducing OEM/supplier human workload DETROIT & TOKYO, May 08, 2025--(BUSINESS WIRE)--VicOne, an automotive cybersecurity solutions leader, today announced xAurient. The new automotive threat intelligence platform uniquely enables streamlined threat response by delivering early threat intelligence tailored to the particular manufacturing environment of an original equipment manufacturer (OEM) or Tier 1 supplier. xAurient illuminates the how and why of developing threats, delivers precise insights into attack paths and enables proactive, prioritized countermeasures to ensure product security for software-defined vehicles (SDVs). VicOne's new xAurient goes beyond gathering fragmented global threat data to define precise attack paths and provide on-demand threat research services for efficient and effective protection. An automaker's product cybersecurity personnel are freed to concentrate their efforts on deciding optimal risk treatments when designing newer automotive projects, evaluating current claims of threats to product security and assessing supply-chain partners. xAurient—powered by VicOne's battle-tested CyberThreat Research Lab—draws data from thousands of hidden TOR/Onion dark-web sources, and its artificial intelligence (AI) agent is trained on 30 years of threat intelligence to enable quick information gathering from social media and the web. The new VicOne solution uniquely factors a particular automaker's risk landscape, automatically prioritizing and identifying the most critical risks with AI-powered autobuild or customizable product-security risk profiles. Based on an open interface delivering seamless scalability, xAurient integrates with an automaker's intrusion detection system (IDS), vehicle management system (VMS) and vehicle security operations center (VSOC) platforms. Automakers also can use the new VicOne solution as a standalone platform to accelerate response times and enhance tailored mitigation. "We have engineered xAurient to dramatically streamline threat response for our OEM and supplier customers," said Max Cheng, chief executive officer of VicOne. "Our new solution enables automakers to act more effectively and swiftly to counter emerging threats, while actually reducing human workload. xAurient drives meaningful actions that elevate an automaker's product security today and delivers continual monitoring for ongoing, differentiated protection." Founded and singularly focused on spearheading innovation in vehicle cybersecurity, VicOne, the market leader of automotive cybersecurity, provides the most advanced and comprehensive solutions to the automotive industry and galvanizes collective expertise from the sector's broadest cast of best-of-breed partners. OEMs and suppliers trust VicOne's purpose-built solutions to stay ahead of evolving threats and safeguard vehicles, drivers and sensitive data. VicOne is a trusted threat intelligence source of automakers, delivering truly predictive insights and providing long lead times for threats to be averted and mitigated. Furthermore, VicOne has uncovered more than 100 zero-day vulnerabilities in connected cars and electric vehicle (EV) chargers. For more information on VicOne's new xAurient solution, please visit as well as the "Automotive Threat Intelligence: Is It Your Threat or Your Burden?" blog post and a webinar introducing the solution. For more information on VicOne's holistic approach to cybersecurity—spanning software, hardware and supply-chain ecosystems—please visit About VicOne With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers and suppliers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro's 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit View source version on Contacts U.S. Media Contacts Vivian Kelly Interprose for VicOne+1 703.509.5412viviankelly@ Jill Miley Interprose for VicOne+1
Yahoo
25-03-2025
- Automotive
- Yahoo
VicOne Research Estimates Tens of Billions in Automotive-Cyberattack Losses, Plus Rising Vulnerabilities and Growing AI, EV and Dark-Web Risks
Shifting Gears: VicOne 2025 Automotive Cybersecurity Report reveals value of proactive and comprehensive cybersecurity as transformative era in mobility continues to unfold DETROIT & TOKYO, March 25, 2025--(BUSINESS WIRE)--VicOne, an automotive cybersecurity solutions leader, today announced in-depth analysis revealing concerning signs for the global automotive industry in 2025, despite promising law-enforcement success around cybersecurity in the last year. Shifting Gears: VicOne 2025 Automotive Cybersecurity Report, which is available to download, explores the rapidly evolving landscape of automotive cybersecurity, delivering actionable insights and emerging trends and data points: Cyberattacks in the automotive sector from 2022 through 2024 resulted in tens of billions of dollars in estimated damages from ransomware, data breaches and operational disruptions. Automotive vulnerabilities reached an all-time high in 2024. More than 77 percent of automotive vulnerabilities were found on onboard or in-vehicle systems. Fresh challenges are emerging in electric vehicle (EV) charging, operating systems and fleet management. While artificial intelligence (AI) enhances in-car features and operational efficiency, it also introduces fresh vulnerabilities like prompt injection and compromised training data that challenge traditional security methods. Rapid EV adoption has exposed critical weaknesses in charging infrastructure—from insecure payment protocols to outdated communication standards—potentially affecting both vehicles and power grids. Cybercriminals are leveraging dark-web channels to exchange sophisticated exploit techniques and stolen vehicle data, raising the stakes for manufacturers and consumers alike. "We are amid a transformative era of mobility, as innovations such as AI are helping automakers differentiate their vehicles, accelerate time to market and enhance customer experience," said Max Cheng, chief executive officer of VicOne. "A proactive, multilayered approach to cybersecurity across all levels of the supply chain will help the automotive industry stay ahead of evolving threats and thrive in pursuing the unprecedented opportunities ahead." From the ongoing shift toward software-defined vehicles (SDVs) and AI-enhanced features to the evolving landscape of EV charging and the escalating vulnerabilities in-vehicle systems, the automotive industry is shifting to high gear into unknown territories. A total of 215 automotive cybersecurity incidents were recorded in 2024, highlighting a consistent threat throughout the year. Cloud and backend vulnerabilities were the most frequent attack vectors and typically involved ransomware attacks, data breaches and social engineering or phishing attacks. Vehicle hijacking, supply-chain vulnerabilities, keyless entry exploits and vehicle-electronics virtualization attacks mostly involved onboard systems and over-the-air (OTA) vulnerabilities. Supply-chain attacks are growing more complicated and devastating, as criminals in the last year clearly targeted suppliers and third-party providers of components as the weak link to exploit in the tightly integrated industry. A ransomware attack on a dealership software provider in June 2024, for example, disrupted operations at more than 15,000 North American dealerships. Analysis of criminal-underground message exchanges shows that multi-layered, widespread attacks on automobiles and the industry are growing only more possible and likely. The pieces are in place for a transition from today's manual, car-modding hacks to more harmful and larger-scale attacks such as user impersonation and account thefts. Meanwhile, the total count of automotive-related vulnerabilities ("CVEs") published in 2024 reached 530 vulnerabilities, another annual gain and just two short of twice as many as in 2019. The sharp rise in vulnerabilities highlights the rapid growth in both the automotive attack surface and complexity of automotive systems. Vulnerabilities began shifting from chipset-related issues to CVEs involving in-vehicle infotainment (IVI) platforms and operating systems, in addition to EV-charging infrastructure. Indeed, at the world's largest zero-day vulnerability discovery contest, Pwn2Own Automotive 2025, which took place at Automotive World Jan. 22-24, 2025, in Tokyo, top-tier security researchers from 13 countries discovered 49 unique zero-day vulnerabilities across primarily IVI and EV-charging systems. Increased adoption of AI is creating unprecedented opportunities but also significant new operational, financial and strategic risks for automakers. "AI-enabled systems may encounter misuse and abuse throughout their lifecycle due to factors such as over- or under-utilization, operating outside of operational envelopes, and malice," reads a September 2024 U.S. Department of Transportation white paper, Understanding AI Risks in Transportation. "Humans may either be a source of these vulnerabilities or help prevent them depending on their role in the system." The large language models (LLMs) informing generative AI are especially attractive targets for cybercriminals, given their dependency on critical enterprise data, utilization of hard-to-control self-learning and propensity for errors. Insecure plugin designs, improper output handling and adversarial attacks are among the prominent operational risks to be addressed in the adoption of AI. In addition, significant strategic (seismic shifts in governance) and financial risks (hard-to-assess liability, risk-management and branding issues) are presenting themselves. For more information on the critical factors shaping today's automotive cybersecurity landscape and strategies to safeguard the future of connected mobility, please download Shifting Gears: VicOne 2025 Automotive Cybersecurity Report. Founded and singularly focused on spearheading innovation in vehicle cybersecurity, VicOne, the market leader of automotive cybersecurity, provides the most advanced and comprehensive solutions to the automotive industry and galvanizes collective expertise from the sector's broadest cast of best-of-breed partners. OEMs and suppliers trust VicOne's purpose-built solutions to stay ahead of evolving threats and safeguard vehicles, drivers and sensitive data. For more information on VicOne's holistic approach to cybersecurity—spanning software, hardware and supply-chain ecosystems—please visit About VicOne With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers and suppliers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro's 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit View source version on Contacts U.S. Media Contacts: Vivian Kelly Interprose for VicOne+1 703.509.5412viviankelly@ Jill Miley Interprose for VicOne+1 Sign in to access your portfolio
Yahoo
28-01-2025
- Automotive
- Yahoo
VicOne and Trend Micro Stage Pwn2Own Automotive Zero Day Vulnerability Event to Boost Industry Cybersecurity as SDV Trend Reshapes Threat
With automotive system complexity and attack surface both rapidly growing, VicOne set to release new report detailing sharp rise in vulnerabilities and industry recommendations DETROIT & TOKYO, January 28, 2025--(BUSINESS WIRE)--VicOne, an automotive cybersecurity solutions leader, today announced that it co-hosted with Trend Micro the world's largest zero-day vulnerability discovery contest, Pwn2Own Automotive 2025, at Automotive World, which took place Jan. 22-24 in Tokyo. Top-tier security researchers performed real-world testing on cutting-edge automotive technologies, all within Trend Micro's proven Zero Day Initiative (ZDI) platform, the world's largest vendor-agnostic bug bounty program. Pwn2Own Automotive is an annual competition designed to uncover and rectify vulnerabilities in technologies for connected cars. Automotive cybersecurity researchers from 13 countries came together on a global stage to discover 49 unique zero-day vulnerabilities across systems such as in-vehicle infotainment (IVI) systems and electric vehicle (EV) chargers. Sina Kheirkhah of Summoning Team was crowned the Pwn2Own Automotive 2025 Master of Pwn. "As SDVs (software-defined vehicles) reshape the automotive industry, cybersecurity becomes critical to ensuring their safety and reliability," said Max Cheng, chief executive officer of VicOne. "Platforms like Pwn2Own Automotive are instrumental to uncovering zero-day vulnerabilities and mitigating risks before they can escalate. By supporting initiatives like this, the industry can proactively strengthen vehicle security, paving the way for safer and more resilient advancements in mobility." The automotive industry is evolving with innovations such as SDVs, advanced driver-assistance systems (ADAS) and integration of artificial intelligence (AI). These developments promise enhanced functionality and efficiency but also introduce cybersecurity challenges, including risks from generative AI, supply-chain vulnerabilities and over-the-air (OTA) updates. According to the forthcoming VicOne 2025 annual report, the total count of automotive-related vulnerabilities ("CVEs") published in 2024 reached 530 vulnerabilities, another annual gain and just two short of twice as many as in 2019. The sharp rise in vulnerabilities highlights the rapid growth in both the automotive attack surface and automotive systems. Cyberattacks in 2024 caused damages exceeding $22 billion, with $20 billion attributed to data breaches and personal information leaks, the VicOne annual report will show. Key areas impacted in 2024 included the automobile industry's suppliers and dealers, who collectively account for the majority of targeted attacks. Other insights in the report, which is to be released publicly available at The automotive industry must adopt a security-first approach, integrating robust defenses, regulatory compliance and collaborative innovations to mitigate risks and secure the future of mobility. Supply-chain vulnerabilities will likely dominate cybersecurity events moving forward, with an increase in ransomware and OTA exploitations. Emerging threats include AI manipulation, cloud-based attacks and sensor data manipulation in autonomous systems. At Automotive World 2025, the world's leading event for advanced automotive technologies convening more than 1,800 companies, VicOne showcased a range of its innovative solutions built from the ground up to protect the connected-car ecosystem: xZETA, which offers robust capabilities for tackling software bill of materials (SBOM) and zero-day vulnerabilities Smart Cockpit Protection, which leverages AI-driven security to safeguard automotive smart cockpits from data breaches and AI-targeted attacks xCarbon, which leverages edge AI processing to analyzes vehicle data in real time, enabling early detection and prevention of cyberattacks on and malfunctions in in-vehicle electronic control units (ECUs) xNexus, the Vehicle Security Operations Center (VSOC) support platform Various security-related services, including risk analysis using the threat assessment and remediation analysis (TARA) process and Penetration Testing xScope, which uses advanced techniques to identify vulnerabilities, recommends specific improvements, and provides customized reports based on client needs The VicOne booth at Automotive World 2025 also featured the company's collaborative initiatives with its partner companies. VicOne's strategic partnerships include original equipment manufacturers (OEMs), hardware suppliers, semiconductor vendors, software developers and service providers. Founded and singularly focused on spearheading innovation in vehicle cybersecurity, VicOne, the market leader of automotive cybersecurity, provides the most advanced and comprehensive solutions to the automotive industry and galvanizes collective expertise from the sector's broadest cast of best-of-breed partners. OEMs and suppliers trust VicOne's purpose-built solutions to stay ahead of evolving threats and safeguard vehicles, drivers and sensitive data. For more information on VicOne's holistic approach to cybersecurity—spanning software, hardware and supply-chain ecosystems—please visit About VicOne With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers and suppliers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro's 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit About Zero Day Initiative (ZDI) The Zero Day Initiative (ZDI) was launched by Trend Micro in July 2005 to encourage the reporting of zero-day vulnerabilities privately to the affected vendors by financially rewarding researchers. Today, the ZDI represents the world's largest vendor-agnostic bug bounty program. For more information, visit About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's AI-powered cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend's platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world. For more information, visit View source version on Contacts U.S. Media Contacts: Vivian Kelly Interprose for VicOne+1 703.509.5412viviankelly@ Jill Miley Interprose for VicOne+1
