Blogs

I recently had the pleasure of attending a unique and highly engaging cyber drill in the heart of London, right next to the iconic Tower of London and Tower Bridge. These landmarks always leave me in...

Understanding the RCE On July 22, 2025, Immersive’s threat research team was trying to understand how the SharePoint zero-day vulnerability was uncovered, based on Eye Security’s initial artic...

Recently, a critical zero-day vulnerability affecting on-premise SharePoint servers, identified as CVE-2025-53770, was uncovered. This vulnerability allows for authentication bypass, leading to remot...

Cyber threats have become a pervasive force within the business world, elevating the need for regular cyber resilience exercises into an organization-wide imperative.  Genuine resilience is about m...

Before I start, it’s important to take a moment to acknowledge that I’m privileged to work with some fantastic experts.  Immersive’s Crisis Sim lead, JonPaulGabriele​, is our very own Daedalus, for...

“The best customer feedback we got was, we don’t need you to do everything for us.”  Rebecca: Wait, seriously?  Matt: Never more so. We built Lab Builder, a powerful Immersive One platform ...

Why Prompting Matters for Crisis Simulations Think of AI as a highly intelligent, but literal, assistant. The quality of its output directly reflects the clarity and specificity of your instruction...

The wake-up call no one wanted Just after midnight on September 22, 2024, a suspected ransomware attack forced operators at the Arkansas City, Kansas, water-treatment plant to switch to manual cont...

What is OT? Operational technology refers to the hardware and software systems that monitor and control physical devices, processes, and infrastructure. This includes everything from the syste...

If you haven’t heard already, Model Context Protocol (MCP) is a new, standardised way that LLMs and AI agents can communicate with external tools. Lots of people in the AI community have been calling...

On June 30, 2025, the Stratascale Cyber Research Unit (CRU) team identified a critical local privilege escalation vulnerability in sudo, tracked as CVE-2025-32463. This vulnerability, related to sudo...

Time’s Up! Congratulations to everyone who completed Lab 5: Windows from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab...

The Human Edge Beyond Pentesting – Building True Cyber Resilience Pentest vs. Red Team: Understanding the Core Difference Many cybersecurity vendors are rebadging pentesting as attack simulations...

We have received reports of a cyber incident that occurred at the Lake Risevatnet Dam, near Svelgen, Norway, in April 2025. A threat actor gained unauthorized access to a web-accessible Human-Machine...

Keeping up with vulnerabilities is like playing a never-ending game of whack-a-mole. One day, we were knee-deep in XSS payloads and buffer overflows; the next, developers everywhere were plugging SQL...

This is the second blog in a 2 part series that will walk you through the entire process of building your first custom practical lab. You’ll learn how to do everything from launching and configuring ...

This is the first blog in a 2 part series that will walk you through the entire process of building your first custom practical lab. You’ll learn how to do everything from launching and configuring a...

Time’s Up! Congratulations to everyone who completed Lab 4: Linux from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab b...

Neurodiversity advocate and my own personal hero, Chris Packham, recently made a series for the BBC titled Inside Our Minds. It focused on giving a voice to neurodivergent individuals by creating sho...

We're in an age of rapid digitization. Different industries are embracing technologies like artificial intelligence (AI) and cloud solutions, driven by the ambition to shift from analog to digital. ...