Insights

Overview: 

MITRE Caldera is an open-source cyber security platform designed for automating adversary emulation, red teaming, and threat hunting. It allows security teams to simulate real-world cyber threats, test defences, and improve incident response. 

CVE-2025-21298 is a critical vulnerability present in the windows OLE that enables a remote code execution with a CVSS severity of 9.8. Object Linking and Embedding (OLE) is a proprietary technology developed by Microsoft that allows embedding and linking to documents and objects.

UPDATED ON 12/02/2025: 

When a new security vulnerability emerges, there’s often a small window of time to respond before attackers start exploiting it in the wild. For LDAPNightmare (CVE-2024-49112), that window is quickly closing.

Microsoft’s latest Patch Tuesday release addressed 16 critical vulnerabilities, all classified as remote code execution flaws—a stark reminder of the importance of proactive patch management.

The recently discovered vulnerabilities in Veeam Service Provider Console, tracked as CVE-2024-42448 and CVE-2024-42449, have been classified as critical and high severity. If exploited, these vulnerabilities could severely undermine system integrity and operational security, jeopardising sensitive data and backup operations.

It’s that time of the year again when shoppers get ready to take advantage of the upcoming Black Friday and Cyber Monday sales. It’s also the time of the year when cyber criminals seek to take advantage of those bargain hunters.

We continue our lookback at the biggest cyber attacks of 2024… so far. Read Part one HERE

Severity: Critical
CVSSv3 Score: 9.8 
Date: Oct 23, 2024

If you were to look at a stock image of a hacker, it would show a hooded figure hunched over the desk who’s lost in the sea of green text and numbers that flash across the screen.

As 2024 draws to a close, numerous high-profile cyber incidents have dominated the headlines. With only two and a half months remaining and the Christmas season approaching, it's likely we'll see even more before year’s end. In this blog, the Integrity360 Incident Response team explores some of the most significant cyber attacks of the year... so far.

Overview: Ivanti has released updates for Ivanti CSA (Cloud Services Application) which addresses a medium severity and two high severity vulnerabilities. Exploiting these vulnerabilities effectively enables remote attackers to execute SQL statements through SQL injection, run arbitrary code via command injection, and bypass security restrictions by taking advantage of a path traversal weakness in vulnerable CSA gateways, which provide secure access to internal network resources for enterprise users.