Recent Blogs
What is the Immersive Workday Connector?
The Immersive Workday Connector is designed to bridge the gap between our cutting-edge cybersecurity skills development platform and your organization's cor...
5 hours ago27Views
1like
1Comment
Congratulations to those who completed Lab 4 of the Human Connection Challenge: Season 1! We're aware that some of you are still attempting this lab, and so community member steven has creat...
4 days ago42Views
1like
1Comment
In this blog post, I explore benefits of the integration, what it means for you, and how you can leverage it to build a world-class cybersecurity team.
Seamless access to Immersive content
Access...
4 days ago32Views
2likes
0Comments
This integration combines the hands-on, engaging learning experience of Immersive Labs with the robust learning management capabilities of Cornerstone, creating a comprehensive and efficient solution...
4 days ago21Views
2likes
0Comments
Seamless access to your Immersive data
Our REST API offers easy access to your Immersive data. Once authenticated, you can access your organization’s data by making REST API requests to any of the ...
4 days ago13Views
1like
0Comments
Time’s Up! Congratulations to everyone who completed Lab 4: Linux from the Human Connection Challenge: Season 1.
In this walkthrough, I'll share some strategies for efficiently completing the lab b...
4 days ago706Views
1like
32Comments
1 MIN READ
On the 7th April 2025, a vulnerability in the CrushFTP was added to the CISA Kev Catalogue, CrushFTP is an enterprise FTP solution with tens of thousands of instances publicly accessible online. Rece...
10 days ago23Views
1like
0Comments
7 MIN READ
CVE-2025-29812 -7.8 - DirectX Graphics Kernel Elevation of Privilege Vulnerability
A vulnerability has been identified in the Windows Kernel Memory subsystem, specifically in how DirectX components...
10 days ago26Views
1like
0Comments
Water Gamayun, also known as EncryptHub and Larva-208, is a threat actor (suspected to be of Russian origin) that has been observed exploiting a zero-day vulnerability in the Microsoft Management Con...
15 days ago54Views
2likes
0Comments
While traditional code comments focus on explaining the code's functionality, security-focused comments are crucial to promoting secure coding practices throughout the development lifecycle (SDLC). ...
16 days ago18Views
1like
0Comments
Time’s Up! Congratulations to everyone who completed Lab 5: Windows from the Human Connection Challenge: Season 1.
In this walkthrough, I'll share some strategies for efficiently completing the lab...
16 days ago175Views
2likes
4Comments
Supply chain security is all about protecting your organization from risks and threats that come from external parties and processes you rely on. But trust, like code, is a dependency. And risk? That...
18 days ago16Views
1like
0Comments
The previous blog entry covered how SmokeLoader uses various obfuscation techniques to slow reverse engineers down. We also identified yet another shellcode being allocated to a memory region, which ...
22 days ago31Views
2likes
0Comments
Our Cyber Drills Roadshow is kicking off in North America! I’m thrilled to share that in just one week, we will launch the North American leg of our 2025 Cyber Drill roadshow.
In addition to const...
23 days ago27Views
1like
0Comments
In the early hours of March 21, 2025, a fire broke out at the North Hyde electrical substation in West London, just a few miles from Heathrow Airport. Within hours, a local infrastructure incident ha...
25 days ago91Views
4likes
0Comments
What are cyber drills and outcome-based programs?
Cyber drills vs. outcome-based programs
Cyber drills
Prove
Outcome-based programs
Improve
Simulate a realistic cyberattack ...
29 days ago48Views
1like
0Comments
Salt Typhoon has been a threat actor that has caused a lot of worry for defensive teams all over the world. They are a threat actor group which has been predominately targeting Telecommunication comp...
31 days ago113Views
4likes
0Comments
What is CVE-2024-21412?
CVE-2024-21412 is a security feature bypass vulnerability in Windows Defender SmartScreen.
SmartScreen typically evaluates the safety of downloaded files and displays warn...
2 months ago27Views
0likes
0Comments
This is the second part of a series of blog posts analyzing the SmokeLoader malware. It goes into detail on how we reverse-engineered it to identify its objectives and actions.
The first part of t...
2 months ago38Views
2likes
0Comments
6 MIN READ
My background
After two decades in the world of penetration testing and offensive security, I joined Immersive as the Director of Technical Product Management. This new role represented more than j...
2 months ago15Views
1like
0Comments