News

Stay up-to-date with the latest news and events in the cybersecurity industry. Here, you'll find a wide range of articles, updates, and event listings covering topics such as data breaches, emerging threats, and new security technologies.

29 September 2025

Positive Technologies uncovers new tools used by an APT group active in Russia since 2022

Positive Technologies has identified a previously unknown toolkit used by the cybercriminal group known as Goffee. Deployed in the later stages of attacks, these tools helped the attackers remain hidden inside victim networks for extended periods. The group's operations have already caused serious disruptions, including temporary shutdowns of business operations at several Russian companies.

18 September 2025

IDrive and RemotePC developer fixes vulnerabilities discovered by Positive Technologies

PT SWARM expert Egor Filatov helped fix vulnerabilities in two IDrive products: the IDrive backup service and the RemotePC remote access application. The security defects could have allowed an attacker to escalate privileges in macOS and compromise data. If the vulnerable products were used on corporate devices, a company could be at risk of an attack on its IT infrastructure. The vendor was notified of the vulnerabilities under a responsible disclosure policy and released updates for IDrive and RemotePC.

15 September 2025

Positive Technologies helps fix Windows vulnerability

Microsoft, the world's leading supplier of desktop operating systems, fixed a security flaw affecting eight Windows versions, reported by Sergey Tarasov of Positive Technologies Expert Security Center (PT ESC). The vulnerability could have enabled credential theft and, if exploited on a corporate endpoint, facilitated lateral movement within the corporate network. Microsoft was notified under the responsible disclosure policy and has released a security update.

9 September 2025

Positive Technologies reports a new wave of attacks by the PhantomCore cyberespionage group

From May to July, specialists at the Positive Technologies Expert Security Center's Threat Intelligence group (PT ESC TI) found over 180 infected hosts at Russian organizations. The malicious activity directed at Russia's critical infrastructure was traced back to the PhantomCore cybercriminal group. PT ESC TI experts identified the victims and notified them of the cyberthreats before non-tolerable events occurred.

29 August 2025

Mozilla patches Firefox browser vulnerability discovered by Positive Technologies

A security researcher from Positive Technologies, Daniil Satyaev of the PT SWARM team, has discovered a vulnerability in Mozilla Firefox, one of the world's most popular browsers. The vulnerability also affects the enterprise version of Firefox. By exploiting this flaw via malicious code injected into a compromised website, attackers could steal credentials or redirect users to phishing sites. Mozilla was notified under the responsible disclosure policy and has already released security updates for Firefox and Firefox ESR.

19 August 2025

Positive Technologies bolsters security for Tunnelblick, a popular VPN app

Tunnelblick, the go-to graphical interface for OpenVPN on macOS, just got safer thanks to a major security fix. The security issue, discovered by PT SWARM's Egor Filatov, put Apple users at risk—even those who thought they were safe after deleting the app. If exploited, the vulnerability allowed attackers to elevate their system privileges and steal data. Companies whose employees use Tunnelblick on their work devices could face the risk of a cyberattack spreading to the corporate IT infrastructure.

14 August 2025

Positive Technologies helps strengthen security of Windows PCs and servers

Microsoft has released updates for several products to fix a vulnerability discovered by Marat Gayanov of the Positive Technologies Expert Security Center (PT ESC). Exploitation of this issue can crash affected system and disrupt operations. Up to 96% of Windows PC users and organizations running Microsoft Server solutions were potentially affected. Microsoft was notified under the responsible disclosure and has released a security update.

13 August 2025

Second session of Positive Hack Camp 2025, an international cybersecurity training program, concludes

In Moscow, Positive Technologies and Positive Education recently concluded Positive Hack Camp, a global education program for the next generation of cybersecurity professionals. More than 90 emerging professionals from 25 countries across Asia, Africa, and the Middle East received valuable, hands on ethical hacking training from leading experts. The event was held with the support of the Russian Ministry of Digital Development, Communications and Mass Media.

12 August 2025

Five products, one goal: Positive Technologies to unveil the updated Standoff 365 platform at Positive Security Day

At its flagship Positive Security Day 2025 conference on October 8 in Moscow at the Irina Viner Gymnastics Palace (Luzhniki), Positive Technologies will unveil the updated Standoff 365 platform. Standoff 365 helps organizations upskill their security teams and strengthen the protection of their IT assets against cyberthreats. More than 27,000 ethical hackers use the platform to practice vulnerability assessment and earn significant rewards for finding flaws. The international cyberbattle Standoff 16 will take place October 6–8, with the finals at Positive Security Day.

28 July 2025

Over 90 young cybersecurity and IT professionals from 25 countries arrive in Russia for cybersecurity training

Positive Hack Camp is a global educational initiative by Positive Technologies and Positive Education for aspiring cybersecurity specialists—has launched in Moscow with support from Russia's Ministry of Digital Development and Cyberus international cybersecurity development foundation. For two weeks, leading experts will mentor young professionals from around the world. Running through August 10, the program features intensive hands-on training, real-world case studies, and international networking. The main goal: to help countries develop talent and expertise in information security, supporting their cyber sovereignty and a secure digital future.

Thinking about the best way to protect your company?

During the consultation we'll propose a solution precisely tailored to your organization.