Insights

The Payment Card Industry Security Standards Council (PCI SSC) has announced significant updates to Self-Assessment Questionnaire A (SAQ A), particularly affecting e-commerce merchants. These changes, taking effect on 31 March 2025, remove certain requirements and introduce new eligibility criteria that require merchants to strengthen website security and protect against malicious script attacks.

CVE-2025-21298 is a critical vulnerability present in the windows OLE that enables a remote code execution with a CVSS severity of 9.8. Object Linking and Embedding (OLE) is a proprietary technology developed by Microsoft that allows embedding and linking to documents and objects.

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Leading cyber services business Nclose acquired by Integrity360 further expanding global footprint and adding innovative MDR platform “Cyberfire”

 

Organisations often seek a Security Operations Center (SOC) for comprehensive cyber security monitoring and incident response. However, for Darktrace customers, Managed dSOC offers a uniquely valuable alternative that can address critical security needs without replicating the full scope of a traditional SOC.  

As the complexity of digital environments grows, businesses face increasing challenges in maintaining visibility and managing risk across their attack surface. Integrity360's Managed ASM (Attack Service management) service is designed to tackle these challenges head-on. Below, we answer some of the most frequently asked questions about this innovative service.

Leading PCI and Cyber Security Services Company Adsigo acquired by Integrity360 to expand European footprint 

London/Dublin/Stuttgart/Zurich – 4^th December 2024 – As part of its Pan European expansion plan Integrity360 has acquired leading European PCI QSA (Payment Card Industry Qualified Security Assessor) and cyber security services company Adsigo. The terms of the transaction were not disclosed. The acquisition will enable Integrity360 to expand further into continental Europe and provides additional skilled resources to its existing substantial PCI and cyber security compliance teams.

London, UK - 3. December 2024 – Integrity360, one of the leading pan-European cyber security specialists, has announced the launch of its new Managed ASM service designed to address the growing complexities of securing diverse environments, including IT (Information Technology), Operational Technology (OT) and Internet of Things (IoT). The Attack Surface Management (ASM) service provides complete visibility into an organisation’s attack surface, enabling proactive risk reduction, exposure management, and threat detection to safeguard critical assets.

As the number of vulnerabilities grows each year, organisations are grappling with an increasingly complex security landscape. Traditional, reactive security methods struggle to keep pace, often leaving critical gaps unaddressed. Continuous Threat Exposure Management (CTEM) steps in as a proactive solution, providing a continuous approach that prioritises high-risk exposures and significantly reduces the chance of breaches. This FAQ explores how CTEM works and why it’s becoming essential for effective, modern cyber security.

Integrity360 enables organisations to fully optimise their AI investment with launch of Managed dSOC Services underpinned by Darktrace’s ActiveAI Security Platform

Service improves operational efficiencies and costs caused by siloed and redundant cloud security tools

Severity: Critical
CVSSv3 Score: 9.8 
Date: Oct 23, 2024