Threat advisory: multiple critical remote code execution vulnerabilities affecting Microsoft windows platforms
advisory ID: ADV-2025-ALL-05
date issued: 14 May 2025
severity: Critical (CVE-2025-29966), High (CVE-2025-30397)
CVSs scores:
In 2024, the landscape of ransomware attacks will continue to evolve, drawing from past trends while adapting to new defences and technologies.
Learn about seven of the most popular cyber security frameworks being used by businesses around the world.
advisory ID: ADV-2025-ALL-05
date issued: 14 May 2025
severity: Critical (CVE-2025-29966), High (CVE-2025-30397)
CVSs scores:
A ransomware attack is a nightmare scenario for any organisation. It’s disruptive, costly, and often deeply damaging to your reputation. How you respond in the first 24 hours can make all the difference between containment and catastrophe. In those critical moments, fast and informed action is essential. Not just to mitigate harm, but to enable recovery and identify root causes.
CVSS Base Score: 9.8 CRITICAL
It doesn't matter how large your organisation is, you are at risk and sooner or later cyber criminals will try to attack you. It’s not a matter of whether your organisation will face a security incident but when. That's why a robust incident response plan is crucial. So what elements should your incident response plan include to be truly effective?
With the increasing sophistication of cyber threats, businesses need more than just security tools—they need expert-driven, proactive defence. Managed Detection and Response (MDR) services provide this, but not all MDR solutions are created equal. Choosing the right provider can mean the difference between efficient threat detection and response or drowning in alert noise and ineffective security measures.
Here we are again—another World Password Day, and still the most commonly used password is 123456. It’s 2025, and that sequence remains the digital equivalent of leaving your front door wide open with a neon “come on in” sign above it.
As cyber threats become more sophisticated and relentless, organisations can no longer rely on reactive defences alone.
We hear a lot about external threats but in reality, one of the biggest risks to your organisation might already be on the inside. Insider threatswhether malicious, negligent, or compromisedpose a significant threat to organisations. And with privileged accounts often at the centre of these threats, Privileged Access Management (PAM) has become an essential part of any modern cyber defence strategy.
CyberFire MDR, Integrity360’s advanced Managed Detection and Response service, is purpose-built to address the real and persistent challenges facing modern businesses. Powered by our proprietary CyberFire platform and backed by 24/7 global SOC coverage, it delivers low-noise, high-accuracy protection where it matters most.
Looking for an MDR solution that delivers fast, accurate threat detection with minimal noise and maximum support? Here’s everything you need to know about why CyberFire MDR stands out from the crowd.
Privileged Access Management (PAM) is a critical layer of defence in today’s cyber security landscape. With attackers increasingly targeting privileged accounts to access sensitive data and systems, having the right PAM strategy in place is essential. In this blog, we answer the most common questions about PAM, explaining why it matters, what it involves, and how Integrity360’s tailored services can help organisations of all sizes manage privileged access effectively. Whether you’re looking to improve compliance, reduce risk, or streamline secure access, this guide covers everything you need to know about PAM.
A critical vulnerability, CVE-2025-22457, has been identified in Ivanti Connect Secure (ICS), Pulse Connect Secure (PCS), Ivanti Policy Secure, and ZTA Gateways. This stack-based buffer overflow allows remote, unauthenticated attackers to execute arbitrary code on affected devices. The flaw is currently being actively exploited by a suspected Chinese advanced persistent threat (APT) group, UNC5221, to deploy custom malware families, TRAILBLAZE and BRUSHFIRE, facilitating persistent access and deep network intrusion.