UBC A.I CyberSecurity Scoring
UBC
Company Information
Website:http://www.usasean.org
Employees number:119
Number of followers:16,654
NAICS:522293
Industry Type:International Trade and Development
Homepage:usasean.org
UBC Risk Score (AI oriented)
Between 750 and 799
UBCInternational Trade and Development
Updated:
01/04/2026
01/04/2026
750/1000
Fair
Baa
UBC Global Score (TPRM)
xxxx
UBCInternational Trade and Development
Score locked

UBCFair
Current Score
750Baa (FAIR)
01000
1 incidents
-3 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
750
JUNE 2026
750
MAY 2026
750
APRIL 2026
753
Vulnerability
01 Apr 2026 • UBC
TrueConf and Government entities in Southeast Asia: TrueConf Vulnerability Under Active Exploitation in Southeast Asia Government Attacks
Critical Zero-Day in TrueConf Video Conferencing Exploited in Targeted Espionage Campaign
750
CRITICAL-3
USATRU1775032190
Critical Zero-Day in TrueConf Video Conferencing Exploited in Targeted Espionage Campaign
Check Point Research uncovered a high-severity zero-day vulnerability (CVE-2026-3502, CVSS 7.8) in the TrueConf video conferencing client, actively exploited in a campaign dubbed Operation TrueChaos against government entities in Southeast Asia. The flaw stems from insufficient security checks in the application’s update mechanism, allowing attackers to distribute malicious payloads via the trusted update system.
TrueConf, widely used by government, military, and critical infrastructure sectors, operates on secure, on-premises networks. However, the vulnerability enables threat actors to compromise the central TrueConf server and replace legitimate updates with weaponized packages. When clients fetch the update, they unknowingly execute the malicious files, leading to system compromise.
In observed attacks, the threat actor gained access to a government IT department’s TrueConf server, infecting connected endpoints across multiple agencies. The attack chain involved DLL side-loading, network reconnaissance, and privilege escalation, culminating in the deployment of the Havoc post-exploitation framework. Key indicators include unsigned update files, the presence of poweriso.exe or 7z-x64.dll in the ProgramData folder, and unauthorized registry modifications.
Researchers attribute the campaign to a Chinese-nexus threat actor, citing tactics, infrastructure, and victim profiles consistent with known espionage operations. TrueConf has released version 8.5.3 to patch the vulnerability. Defenders are advised to monitor for compromise indicators, including the listed malicious files and command-and-control (C2) IP addresses.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
MARCH 2026
753
FEBRUARY 2026
753
JANUARY 2026
753
DECEMBER 2025
753
NOVEMBER 2025
753
OCTOBER 2025
753
SEPTEMBER 2025
753
AUGUST 2025
753
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for UBC ??
What was UBC's A.I Rankiteo Cyber Score in June 2026 ??
What was UBC's A.I Rankiteo Cyber Score in May 2026 ??
What was UBC's A.I Rankiteo Cyber Score in April 2026 ??
What was UBC's A.I Rankiteo Cyber Score in March 2026 ??
What was UBC's A.I Rankiteo Cyber Score in February 2026 ??
What was UBC's A.I Rankiteo Cyber Score in January 2026 ??
What was UBC's A.I Rankiteo Cyber Score in December 2025 ??
What was UBC's A.I Rankiteo Cyber Score in November 2025 ??
What was UBC's A.I Rankiteo Cyber Score in October 2025 ??
What was UBC's A.I Rankiteo Cyber Score in September 2025 ??
What was UBC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on UBC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with UBC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view UBC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?