Insights

Leading Canadian cybersecurity services provider Advantus360 joins Integrity360 creating the group’s first hub in North America

Leading cyber security services business Cresco joins forces with Integrity360

to create a key regional hub in Benelux

 

 

London/Dublin/Brussels – 22 December 2025 – Continuing its global expansion plan, Integrity360 has acquired Cresco, a well-established and highly regarded cyber security services company operating out of Brussels in Belgium. The terms of the transaction were not disclosed. The acquisition will enable Integrity360 to expand further into continental Europe and provides additional skilled resources to its existing substantial offensive security, cyber security consulting and compliance capability.

Leading cyber security services business Redshift acquired by Integrity360 expanding the group’s footprint in South Africa 

 

London/Dublin/Johannesburg/Cape Town – 1 December 2025 – Continuing its global expansion plan, and its commitment to the African continent, Integrity360 has acquired Redshift, a well-established and highly regarded cyber security services company operating out of Johannesburg in South Africa. The terms of the transaction were not disclosed. The acquisition comes on the back of Integrity360’s considerable investment in the region following the 2024 and early 2025 acquisitions of the Grove Group and Nclose.

Integrity360 has been recommended as a supplier for Incident Response (IRT) under Adda’s framework agreement for IT security – Incident Management (IRT) DIS. This appointment strengthens Integrity360’s commitment to helping the public sector in Sweden build a robust and secure digital infrastructure.

New cyber security partnership provides businesses with round-the-clock protection through a global network of over two million ethical hackers

Integrity360, one of Europe and EMEA’s leading cyber security specialists, has been named as a Representative Vendor in the 2025 Gartner Market Guide for Digital Forensics and Incident Response (DFIR).

Dublin, June 19th, 2025 – At a time when cyber threats are growing in scale and sophistication, Integrity360 has marked a major milestone in its mission to protect digital. Integrity360, one of Europe and EMEA’s leading cyber security specialists, has successfully completed its SOC 2 audit, reinforcing its commitment to safeguarding customer data and upholding the highest standards of operational resilience and trust.

A critical vulnerability, CVE-2025-22457, has been identified in Ivanti Connect Secure (ICS), Pulse Connect Secure (PCS), Ivanti Policy Secure, and ZTA Gateways. This stack-based buffer overflow allows remote, unauthenticated attackers to execute arbitrary code on affected devices. The flaw is currently being actively exploited by a suspected Chinese advanced persistent threat (APT) group, UNC5221, to deploy custom malware families, TRAILBLAZE and BRUSHFIRE, facilitating persistent access and deep network intrusion.

CyberFire MDR is now available across Integrity360’s European markets, bringing advanced threat detection, full incident response, and predictable pricing to organisations of all sizes. 

Next.js is a popular development library for web developers. In the authentication section of the library in affected versions, there is a vulnerability which would allow an attacker to bypass authentication, potentially gaining access to sensitive data or maninpulating targeted accounts. 

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-23120, has been discovered in Veeam Backup & Replication (VBR). This flaw allows authenticated domain users to execute arbitrary code on the affected system. The vulnerability has been assigned a CVSS v3.1 score of 9.9, indicating its critical severity. 

Important Update on PCI DSS SAQ A Eligibility Criteria

The PCI Security Standards Council (PCI SSC) has published a new Frequently Asked Question (FAQ 1588) to help businesses better understand the updated eligibility criteria for Self-Assessment Questionnaire (SAQ) A under PCI DSS v4.0.1. These new requirements will take effect on April 1, 2025 and are especially important for e-commerce merchants using embedded payment pages (like iframes).