
VARTE GROUP
Information Security Services
Our Services
The company specializes in providing various Information Security(Cyber) Services of the highest quality, aimed at identifying business risks in the applications, networks, architectures, and processes.
RED TEAM EXERCISE
-
External and Internal
-
OSINT
-
Lateral movement
-
Privilege escalation
-
"Capture the Flag"
-
Vulnerabilities identification and safe exploits
-
Spear phishing
PENETRATION TESTING
-
Web applications
-
Thick clients
-
Mobile applications
-
External & Internal networks
-
Code Reviews
-
Rest\WS
-
Hardening advisory
-
Cloud
CONSULTING
-
Threat modeling and Secure Design
-
Protection Consulting
-
Regulations Compliance
CLOUD
-
Configuration review
-
RBAC review
SECURITY PROGRAMS
-
Vulnerability management
-
Secure SDLC process Implementation
About Us
An Information security boutique company providing thorough and comprehensive security
assessments, tailor-made per clients requirements.
The company was founded and operational since 2018.
The company’s Business Model is to employ High-End, experienced professionals on a project basis, best suited to their abilities, which essentially means the client is receiving services from the “Cream of the Crop” of Israeli market.
Each consultant employed by the company has at least 6 years of hands-on experience in various industries such as Military,
Financial, Hi-Tech, International corporations, etc.
Each project involves at least two consultants to achieve best possible results.
The company completed successful projects both locally and internationally.

World News
technology and tools
7/9/2026 Zeljka Zorz
Extortion crew hijacks Microsoft 365 accounts via fake passkey setup
The Pink cyber extortion crew is tricking employees into giving them access to their Microsoft 365 accounts by faking Entra passkey enrollment requests. The attack The attack starts with a vishing call to an employee. The caller poses as IT and says it’s time to set up a passkey. Everything after that is theater, built to keep the victim occupied while the attacker finalizes everything. The attackers instruct the target to visit a subdomain that … More →
The post Extortion crew hijacks Microsoft 365 accounts via fake passkey setup appeared first on Help Net Security.
protection,vulnerabilities and exploits,technology and tools
7/9/2026 Zeljka Zorz
Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)
Microsoft has finally released a security update for its Microsoft Malware Protection Engine, which fixes CVE-2026-50656, the Windows Defender local privilege escalation vulnerability triggered by the RoguePlanet exploit. The vulnerability and the fix CVE-2026-50656 is due to improper link resolution before file access, affects Windows 10 and Windows 11, and may allow authenticated attackers to achieve SYSTEM-level privileges on vulnerable machines by launching low-complexity attacks. The flaw’s existence was publicly revealed on June 10, hours … More →
The post Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656) appeared first on Help Net Security.
laws, regulations and policies,attacks and breaches
7/9/2026 Sinisa Markovic
5,811 arrests, $293 million seized over social engineering scams
Criminals who pose as police officers, romantic partners, and business suppliers have built fraud operations that reach across continents. A four-month enforcement campaign against these schemes wrapped up, and police in 97 countries and territories took part. Thousands of arrests The campaign, called Operation First Light 2026, centered on social engineering scams and the money laundering that moves their proceeds. Arrests reached 5,811. Investigators intercepted $293 million in illicit assets. Blocking those funds relied in … More →
The post 5,811 arrests, $293 million seized over social engineering scams appeared first on Help Net Security.
technology and tools
7/9/2026 Mirko Zorz
Your coding agent says no in chat and yes in the code
Millions of developers share their keyboard with GitHub Copilot. Inside Visual Studio Code, it opens their files, writes and edits code, runs scripts, and reworks its own output across many turns. The safety testing that vets these agents still runs on chatbot rules: one harmful prompt, one response, graded alone. That rulebook misses where the real danger sits, according to a study from the Alan Turing Institute in London. The researchers, Abhishek Kumar and Carsten … More →
The post Your coding agent says no in chat and yes in the code appeared first on Help Net Security.
