Blogs

The previous blog entry covered how SmokeLoader uses various obfuscation techniques to slow reverse engineers down. We also identified yet another shellcode being allocated to a memory region, which ...

Time’s Up! Congratulations to everyone who completed Lab 4: Linux from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab b...

Our Cyber Drills Roadshow is kicking off in North America! I’m thrilled to share that in just one week, we will launch the North American leg of our 2025 Cyber Drill roadshow.  In addition to const...

Time’s Up! Congratulations to everyone who completed Lab 5: Windows from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab...

In the early hours of March 21, 2025, a fire broke out at the North Hyde electrical substation in West London, just a few miles from Heathrow Airport. Within hours, a local infrastructure incident ha...

What are cyber drills and outcome-based programs? Cyber drills vs. outcome-based programs Cyber drills Prove Outcome-based programs Improve Simulate a realistic cyberattack ...

Salt Typhoon has been a threat actor that has caused a lot of worry for defensive teams all over the world. They are a threat actor group which has been predominately targeting Telecommunication comp...

What is CVE-2024-21412? CVE-2024-21412 is a security feature bypass vulnerability in Windows Defender SmartScreen. SmartScreen typically evaluates the safety of downloaded files and displays warn...

This is the second part of a series of blog posts analyzing the SmokeLoader malware. It goes into detail on how we reverse-engineered it to identify its objectives and actions.  The first part of t...

My background After two decades in the world of penetration testing and offensive security, I joined Immersive as the Director of Technical Product Management. This new role represented more than j...

Windows NTFS / FAT Remote Code Execution Vulnerability Top of the list for patching this monthly release is a set of 4 CVEs actively being exploited by threat actors These 4 CVEs are all related to...

Cyberattacks are increasingly frequent and sophisticated. According to the Identity Theft Resource Center (ITRC)’s 2024 Data Breach Report, they remain the primary root cause of data breaches, with F...

At our recent event, Operational CTI: Lessons from the Attacks that Didn't Target You, we shared that we would releasing reverse engineering blogs on SmokeLoader. Here is part 1!  SmokeLoader is a ...

A crisis doesn’t respect boundaries – it unfolds in real time, demanding responses from every level, from technical teams to executives. That’s exactly what we set out to simulate with our recent c...

How it works Under the Crisis Sim section of the platform, simply head to Create Scenario > Create with AI to start generating your realistic, customizable scenario. Then, you can choose your opt...

In today’s rapidly evolving technological landscape, staying ahead of cyber threats is critical for every organization. Cybersecurity teams must be equipped with the latest knowledge and skills to ef...

The rapid rise in the popularity and application of AI has been unprecedented. We are actively experiencing the dawn of a revolutionary chapter in technology and innovation, but it also feels a littl...

Bridging the gap with existing frameworks A major issue in the cybersecurity landscape is the inconsistency in training programs and the gap between what's taught and the skills that businesses nee...

Time’s Up! Congratulations to everyone who completed Lab 2: Scanning from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the la...

Experience-driven learning Experience-driven learning can take many forms, including: Practical simulations Role-playing exercises Individual hands-on learning Team-based exercising F...