Insights

As cyber threats become more sophisticated and relentless, organisations can no longer rely on reactive defences alone.  

We hear a lot about external threats but in reality, one of the biggest risks to your organisation might already be on the inside. Insider threatswhether malicious, negligent, or compromisedpose a significant threat to organisations. And with privileged accounts often at the centre of these threats, Privileged Access Management (PAM) has become an essential part of any modern cyber defence strategy. 

CyberFire MDR, Integrity360’s advanced Managed Detection and Response service, is purpose-built to address the real and persistent challenges facing modern businesses. Powered by our proprietary CyberFire platform and backed by 24/7 global SOC coverage, it delivers low-noise, high-accuracy protection where it matters most.

Looking for an MDR solution that delivers fast, accurate threat detection with minimal noise and maximum support? Here’s everything you need to know about why CyberFire MDR stands out from the crowd.

Privileged Access Management (PAM) is a critical layer of defence in today’s cyber security landscape. With attackers increasingly targeting privileged accounts to access sensitive data and systems, having the right PAM strategy in place is essential. In this blog, we answer the most common questions about PAM, explaining why it matters, what it involves, and how Integrity360’s tailored services can help organisations of all sizes manage privileged access effectively. Whether you’re looking to improve compliance, reduce risk, or streamline secure access, this guide covers everything you need to know about PAM. 

A critical vulnerability, CVE-2025-22457, has been identified in Ivanti Connect Secure (ICS), Pulse Connect Secure (PCS), Ivanti Policy Secure, and ZTA Gateways. This stack-based buffer overflow allows remote, unauthenticated attackers to execute arbitrary code on affected devices. The flaw is currently being actively exploited by a suspected Chinese advanced persistent threat (APT) group, UNC5221, to deploy custom malware families, TRAILBLAZE and BRUSHFIRE, facilitating persistent access and deep network intrusion.

Deepfake technology is rapidly evolving, making it easier for cybercriminals to manipulate digital content and deceive individuals and organisations. One of the most concerning threats that has emerged from this technology is deepfake social engineering – a sophisticated cyber attack method that leverages artificial intelligence (AI) to create realistic fake audio, video, or images to manipulate and defraud targets.

CyberFire MDR is now available across Integrity360’s European markets, bringing advanced threat detection, full incident response, and predictable pricing to organisations of all sizes. 

Next.js is a popular development library for web developers. In the authentication section of the library in affected versions, there is a vulnerability which would allow an attacker to bypass authentication, potentially gaining access to sensitive data or maninpulating targeted accounts. 

Securing identities has become just as important as protecting networks and endpoints. Identity and Access Management (IAM) is at the heart of this effort, ensuring that only the right individuals have access to the right resources at the right times. Without a robust IAM strategy, organisations risk unauthorised access, data breaches, and insider threats—whether malicious or accidental. 

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-23120, has been discovered in Veeam Backup & Replication (VBR). This flaw allows authenticated domain users to execute arbitrary code on the affected system. The vulnerability has been assigned a CVSS v3.1 score of 9.9, indicating its critical severity. 

Holiseum will form a new Integrity360 services practice focused on OT/IoT and as a regional hub for the group in France