News

Stay up-to-date with the latest news and events in the cybersecurity industry. Here, you'll find a wide range of articles, updates, and event listings covering topics such as data breaches, emerging threats, and new security technologies.

19 January 2026

Positive Technologies assists in fixing Windows Server vulnerability posing risk to enterprise environments

Microsoft has released a patch addressing a zero-day vulnerability discovered by PT SWARM researcher Sergey Bliznyuk in Windows Server. If exploited, the vulnerability could allow arbitrary code execution on telephony servers and enable lateral movement across the network, providing a foothold for large-scale, sophisticated attacks. Successful exploitation could compromise internal systems, enable theft of confidential data, and disrupt business operations at affected organizations.

15 January 2026

Positive Technologies expert helps patch two zero-day vulnerabilities in Windows file system

As part of its January security update, software giant Microsoft has patched two previously unknown vulnerabilities in the NTFS file system driver—a critical component of modern Windows operating systems responsible for file storage and retrieval on hard drives and SSDs. The flaws were identified by Sergey Tarasov, a specialist at the Positive Technologies Expert Security Center (PT ESC), and reported to the developer under a responsible disclosure policy. Prior to the fix, exploitation of these vulnerabilities could have compromised personal or corporate devices by granting attackers full control over the OS.

28 November 2025

Positive Technologies helps fix 22 vulnerabilities in the FreeScout customer support system

PT SWARM experts Artyom Danilov, Roman Cheremnykh, and Daniil Satyaev discovered 22 vulnerabilities in FreeScout modules. FreeScout is an open-source helpdesk platform and shared mailbox. By exploiting the security flaws, an attacker could steal credentials and pivot deeper into the organization's network. The vendor was notified of the vulnerability under a responsible disclosure policy and released an update.

21 November 2025

Positive Technologies helps strengthen security of iTop IT service management system

PT SWARM expert Maxim Ilyin has helped fix a vulnerability in iTop, an open-source web application used to automate IT infrastructure management and ensure uninterrupted service operations. If exploited, the vulnerability could have allowed an attacker to execute operating system commands remotely and then gain access to a company's internal infrastructure or move laterally across the network. The vendor was notified of the vulnerability under a responsible disclosure policy and released an update.

22 October 2025

Positive Technologies helps fix vulnerability in Trend Micro Antivirus

Egor Filatov, a member of PT SWARM, helped address a critical vulnerability in antivirus software developed by the Japanese company Trend Micro. This security flaw put Apple users at risk—even those who had already uninstalled the antivirus application from their computers. If exploited, the vulnerability could allow an attacker to compromise user data. In cases involving corporate devices, an attacker could also disrupt the organization's business operations.

21 October 2025

Positive Technologies helps fix vulnerabilities in Broadcom network adapter firmware

Alexey Kovrizhnykh of Positive Labs, a research team at Positive Technologies specializing in hardware and software security, helped Broadcom remediate two vulnerabilities in the firmware of its high-speed network adapters used in servers and data centers. Successful exploitation could disrupt business operations and lead to the compromise of employee, customer, and partner data. Broadcom added Alexey Kovrizhnykh to its Hall of Fame, acknowledging his contribution and thanking him for the research.

17 October 2025

Positive Technologies expert helps fix vulnerability in Garmin Connect fitness app

Garmin, the maker of smartwatches and navigation devices, has patched a vulnerability in its Garmin Connect fitness tracking app discovered by PT SWARM researcher Artem Kulakov. Owners of nearly 300 different Garmin device models who had installed the app on Android smartphones could have been at risk. If successful, an attacker could have stolen users' health and workout data. That information could potentially be used for further unlawful activity, such as revealing a victim's location.

29 September 2025

Positive Technologies uncovers new tools used by an APT group active in Russia since 2022

Positive Technologies has identified a previously unknown toolkit used by the cybercriminal group known as Goffee. Deployed in the later stages of attacks, these tools helped the attackers remain hidden inside victim networks for extended periods. The group's operations have already caused serious disruptions, including temporary shutdowns of business operations at several Russian companies.

18 September 2025

IDrive and RemotePC developer fixes vulnerabilities discovered by Positive Technologies

PT SWARM expert Egor Filatov helped fix vulnerabilities in two IDrive products: the IDrive backup service and the RemotePC remote access application. The security defects could have allowed an attacker to escalate privileges in macOS and compromise data. If the vulnerable products were used on corporate devices, a company could be at risk of an attack on its IT infrastructure. The vendor was notified of the vulnerabilities under a responsible disclosure policy and released updates for IDrive and RemotePC.

15 September 2025

Positive Technologies helps fix Windows vulnerability

Microsoft, the world's leading supplier of desktop operating systems, fixed a security flaw affecting eight Windows versions, reported by Sergey Tarasov of Positive Technologies Expert Security Center (PT ESC). The vulnerability could have enabled credential theft and, if exploited on a corporate endpoint, facilitated lateral movement within the corporate network. Microsoft was notified under the responsible disclosure policy and has released a security update.

Thinking about the best way to protect your company?

During the consultation we'll propose a solution precisely tailored to your organization.