MDR Services

Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed...

Incident Response Services

Gain access to malware experts to quickly contain threats and reduce future exposure to attacks...

Gartner Recognised

Integrity360 has been recognised as a Gartner Representative Vendor.

Download our MDR ebook

Many organisations are turning to managed service providers and MDR services. Find out why in our ebook.

The Reality of Ransomware: What you need to know in 2024

In 2024, the landscape of ransomware attacks will continue to evolve, drawing from past trends while adapting to new defences and technologies. 

How should organisations respond to a data breach?

In this blog we look at how an organisation should respond to a data breach.

Your guide to 2025: Trends and Predictions

Stay ahead of the latest cyber security industry developments, advancements and threats, and understand how you can best protect your organisation.

Choosing your cyber security framework

Learn about seven of the most popular cyber security frameworks being used by businesses around the world.

MDR Services

Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed

Integrity360 Expands into France

As part of its global expansion plan Integrity360 has acquired Holiseum

Integrity360 Expands into France

As part of its global expansion plan Integrity360 has acquired Holiseum

Integrity360 Accelerates Global Expansion

As part of its global expansion plan Integrity360 has acquired Grove Group, headquartered in Cape Town, South Africa.
Integrity360 Emergency Incident Response button Under Attack?

Threat Advisories

threat advisory

Critical Vulnerability in SharePoint - CVE-2025-53770: Guidance & Mitigation

Over the weekend, Integrity360 has been asked by multiple customers about a recent critical vulnerability (CVE-2025-53770) targeting on-premise instances of Microsoft Sharepoint using a deserialisation flaw. This zero-day has been reportedly widely exploited since mid-July, posing serious risk to any unpatched on-premise Sharepoint environment (Subscription, Server 2016 and Server 2019). Integrity360 wants to reassure customers that the vulnerability does not affect any cloud instances of SharePoint Online of which the majority of organisations are using. On-premise Sharepoint is likely to be converted to (or in the process of) Microsoft 365 across lots of organisations due to the extended end date of Microsoft support running out in the near future.

Read More

CitrixBleed 2 Proof of Concept Released

Researchers at Watchtowr have released technical details on an exploit for the “CitrixBleed 2” (CVE-2025-5777) vulnerability released on 2025-06-17, leading to the development of a Proof of Concept (PoC) exploit.

Read More

Threat Advisory: CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability

CVE-2025-33073 is a critical vulnerability identified in Microsoft Windows Server Message Block (SMB) protocol implementations. This flaw stems from improper access control mechanisms, potentially allowing attackers to escalate privileges over a network to SYSTEM. The vulnerability has been assigned a CVSS v3.1 base score of 8.8, indicating a high-severity risk. An update to address this issue was in Microsoft June Patch Tuesday.

Read More

Threat Advisory: CVE-2025-5063 and CVE-2025-5280

Summary 

Both high severity vulnerabilities reside in Google Chrome and are exploitable via a specially crafted HTML page. CVE-2025-5063 is a “Use after free” vulnerability that resides in the compositing subsystem of the browser whereby improper memory management when the browser renders layered page elements leads to a potential hijack of control flows during DOM manipulations. CVE-2025-5280 is an “out of bounds” exploit in the JavaScript V8 engine that could potentially allow arbitrary code to execute outside of the JavaScript sandbox, meaning it’s run natively on the target system. 

Read More
threat advisory

Threat Advisory: Critical 10.0 vulnerability in Erlang OTP SSH Implementation

A critical vulnerability in Erlang's Open Telecom Platform (OTP) SSH implementation has recently been published. OTP is a collection of middleware, libraries and tools written in the Erlang programming language and is used by a large number of global companies for communications. According to https://erlang-companies.org, companies that may be affected include Ericsson, T-Mobile, BT and Bet365 (that reportedly use it in it's live betting infrastructure) and major products that may be affected include WhatsApp, Klarna and Discord. 

Read More
threat advisory

Threat Advisory: Mitre's CVE Contract Renewed Last Minute

Foundational security organisation MITRE announced on the 15th April that the funding it received to maintain the CVE and CWE program would not be renewed. This was important, because MITRE, along with NIST and the CISA, are a huge contributor to the CVE program.

Read More