Recent Blogs
The changing world
To understand where we're going, you first need to grasp the sheer scale of what's happening now. The May 2025 report on Artificial Intelligence Trends by Mary Meeker and Bond Ca...
5 days ago28Views
0likes
0Comments
Today marks the release of the Maze Challenge, Immersive’s most advanced and cunningly designed offensive cybersecurity collection yet.
This new series of labs is more than just a test of skills. I...
7 days ago20Views
1like
1Comment
1 MIN READ
This year, as in previous years, the Immersive Container 7 team arrived to attend briefings, talk to vendors, and get a glimpse into the state of security – or at least, how the vendors and researche...
8 days ago48Views
1like
5Comments
Key Objectives of the Email
Generate Excitement: Make employees want to participate.
Clearly State Benefits: What's in it for them?
Provide Clear Next Steps: How do they get started?
Assure...
12 days ago18Views
1like
0Comments
I recently had the pleasure of attending a unique and highly engaging cyber drill in the heart of London, right next to the iconic Tower of London and Tower Bridge. These landmarks always leave me in...
13 days ago148Views
4likes
4Comments
In 2025, the cybersecurity landscape isn’t just evolving – it’s accelerating. State-backed cyberattacks, geopolitical tensions, and a fragmented regulatory environment have placed cyber resilience sq...
13 days ago16Views
1like
0Comments
Understanding the RCE
On July 22, 2025, Immersive’s threat research team was trying to understand how the SharePoint zero-day vulnerability was uncovered, based on Eye Security’s initial artic...
21 days ago100Views
4likes
0Comments
Recently, a critical zero-day vulnerability affecting on-premise SharePoint servers, identified as CVE-2025-53770, was uncovered. This vulnerability allows for authentication bypass, leading to remot...
26 days ago151Views
4likes
1Comment
Cyber threats have become a pervasive force within the business world, elevating the need for regular cyber resilience exercises into an organization-wide imperative.
Genuine resilience is about m...
26 days ago16Views
0likes
0Comments
Before I start, it’s important to take a moment to acknowledge that I’m privileged to work with some fantastic experts.
Immersive’s Crisis Sim lead, JonPaulGabriele, is our very own Daedalus, for...
28 days ago56Views
1like
0Comments
“The best customer feedback we got was, we don’t need you to do everything for us.”
Rebecca: Wait, seriously?
Matt: Never more so. We built Lab Builder, a powerful Immersive One platform ...
2 months ago38Views
2likes
0Comments
3 MIN READ
Why Prompting Matters for Crisis Simulations
Think of AI as a highly intelligent, but literal, assistant. The quality of its output directly reflects the clarity and specificity of your instruction...
2 months ago71Views
1like
0Comments
The wake-up call no one wanted
Just after midnight on September 22, 2024, a suspected ransomware attack forced operators at the Arkansas City, Kansas, water-treatment plant to switch to manual cont...
2 months ago56Views
1like
0Comments
What is OT?
Operational technology refers to the hardware and software systems that monitor and control physical devices, processes, and infrastructure. This includes everything from the syste...
2 months ago38Views
1like
0Comments
5 MIN READ
If you haven’t heard already, Model Context Protocol (MCP) is a new, standardised way that LLMs and AI agents can communicate with external tools. Lots of people in the AI community have been calling...
2 months ago58Views
1like
0Comments
On June 30, 2025, the Stratascale Cyber Research Unit (CRU) team identified a critical local privilege escalation vulnerability in sudo, tracked as CVE-2025-32463. This vulnerability, related to sudo...
2 months ago63Views
1like
0Comments
Time’s Up! Congratulations to everyone who completed Lab 5: Windows from the Human Connection Challenge: Season 1.
In this walkthrough, I'll share some strategies for efficiently completing the lab...
2 months ago744Views
2likes
8Comments
The Human Edge Beyond Pentesting – Building True Cyber Resilience
Pentest vs. Red Team: Understanding the Core Difference
Many cybersecurity vendors are rebadging pentesting as attack simulations...
2 months ago25Views
1like
0Comments
We have received reports of a cyber incident that occurred at the Lake Risevatnet Dam, near Svelgen, Norway, in April 2025. A threat actor gained unauthorized access to a web-accessible Human-Machine...
2 months ago273Views
1like
0Comments
Keeping up with vulnerabilities is like playing a never-ending game of whack-a-mole. One day, we were knee-deep in XSS payloads and buffer overflows; the next, developers everywhere were plugging SQL...
2 months ago84Views
2likes
0Comments