Enter The Maze Challenge: Immersive’s Most Advanced Collection Yet
Today marks the release of the Maze Challenge, Immersive’s most advanced and cunningly designed offensive cybersecurity collection yet. This new series of labs is more than just a test of skills. It's a puzzle, a game, and a creative brain-bender, crafted by two of Immersive’s most brilliant minds: StefanApostol and SabrinaKayaci. Stefan, known to many as the "evil genius" behind the Human Connection Challenge, and Sabrina, who recently inspired our London community meetup attendees with her predictions on AI within the AppSec space, have teamed up to create something truly unique. We sat down with them to get their insights on what makes the Maze Challenge so special, so challenging, and so much fun. What was the main inspiration behind the maze theme, and how did you translate that narrative into a collection of technical labs? The core idea for the Maze Challenge, as Stefan explained, came from a shared love of games. "Both Sabrina and I are geeks. We like games, and we wanted to create a challenge with an overarching goal that was more than about earning a completion token." While our labs have always awarded tokens for completion, Stefan and Sabrina wanted to create a narrative that would engage users on a deeper level. "A maze is the perfect example of that," Stefan said. "We wanted to include a game element in these challenges." This isn't just a series of technical scenarios. It's a cohesive puzzle where each lab is a step toward a larger objective. The maze narrative encourages participants to think creatively, connecting different skills and techniques in a way that feels more like a game than a traditional capture the flag (CTF). I’ve heard that this is the most advanced lab collection yet. So, what makes these labs more challenging than the thousands of others in Immersive's catalogue? This collection is Immersive's most advanced to date, introducing a range of techniques not yet widely covered in the platform. The labs are a combination of real-world examples drawn from the creators' past experiences and internal testing, all woven together with a good deal of imagination. While the challenge covers a broad spectrum of offensive skills, including web, Linux, Windows, and Active Directory, Stefan was quick to name binary exploitation as an obvious concept that will have participants scratching their heads. The team collaborated with BenMcCarthy on this particular lab, and Ben being Ben, he poured all his creativity into it, making even Stefan nervous to attempt this mean challenge! Sabrina added that the real difficulty lies in the type of thinking required. "Some of them will really require outside-the-box thinking," she said. "They're unusual in a way that requires not just the technical skill, but some creativity and more critical thinking." This is a key theme throughout the collection. Participants can't rely on a simple, formulaic approach. Instead, they must be flexible and resourceful. Sabrina noted that some challenges will require "multiple sets of skills," forcing users to chain together their expertise in different areas to find a solution. Without giving away any spoilers, can you describe a moment in one of the labs that you're particularly proud of designing? Sabrina beamed as she recalled the Inner Maze lab. "I really enjoyed creating Inner Maze," she said, before adding a cryptic twist. "When you break out of that maze is when you're really trapped." She was particularly proud of her ability to create and then beat her own challenge, finding the exploit even more difficult than the design itself. Can you give users any hints or tips? The Maze Challenge is designed to be tough, and you should certainly expect it to be just that. However, the creators want everyone to have a fair shot, so they’ve some advice for those who might feel intimidated. Use the platform to your advantage. Stefan noted that around 98% of concepts within this challenge can be learned in the rest of our lab catalogue. “If you get stuck on a specific skill, take a break from the maze, find the relevant labs on the platform, and then come back with your newfound knowledge.” We encourage you to learn along the way, and persistence is always rewarded! Failure can be a sign of progress. Sabrina shared a key insight: "Sometimes it's important to take note of what it is you're doing that's failing... If you're failing at the same spot in a particular approach, that could actually mean that you're doing something right." Go figure that one out! Don't go it alone. Sabrina advises anyone starting their journey to ask others for advice and help. Our community help forum is a great resource for sharing knowledge and getting tips from fellow participants. We want you to have fun, and part of that fun is collaborating with your industry peers along the way. In the end, what do you hope participants will take away from this experience, beyond the technical skills? Stefan and Sabrina both hope it's a "desire for more challenges”! They also dropped a teaser for a community Halloween challenge… That’s all you’re getting for now! 👀 Want a head start? Join Stefan and Sabrina for a Labs Live webinar on August 19th. They’ll be solving the Improbable Maze lab live on the call, in collaboration with you. Attendees are encouraged to play along, offer their suggestions, methods, and frustrations. It’s the perfect opportunity to see the creators’ thought process and gain some momentum for your own journey through the maze. See you there!Community Newsletter - August 2025
Hello again from Immersive HQ where we hope you all had a fantastic July. Looking for something to do on these long Summer evenings? Why not join us in Bristol on 14th August for our next meetup? This month we excited to welcome ex-hacker Glenn Wilkinson who will take us inside the hacker’s world to reveal how attackers think, and what the rest of us can learn from it. 🏆 The Human Connection Challenge Congratulations once again to the winners of season 1 of the Season 1 Finale Prize Draw. A number of you have asked for a leaderboard for the whole of the season, so we’ve crunched the numbers and come up with this: 🥇 First to Finish steven was the first to finish 6 of the 7 labs! ⏱️ Fastest to Complete onkelstony was the fastest to complete all 7 labs in just 15 hours 🎯 Most Accurate Xat had an average accuracy of 96.1% across all 7 labs 💪 Most Persistent barney completed all 7 labs in 14 attempts. Congratulations to everyone who took part. New challenges will be available very soon! 📰 Community Updates Here are some of my favourite community articles from the last month: Vibe coding your way to a ZAP MCP server - RobertKlentzeris shared his adventures in "vibe coding" to create a ZAP Model Context Protocol (MCP) server, demonstrating how AI can leverage existing SDKs to build new tools and highlighting the potential and challenges of this new coding paradigm. The secret to hosting an engaging Crisis Sim - TomBoyle shared practical advice on how to keep participants engaged and ensure the effectiveness of virtual crisis simulation sessions. CVE-2025-53770 - Unauthenticated Remote Code Execution via unsafe deserialization in Microsoft SharePoint Server In this blog, AmarKhan detailed his research journey to understand and weaponize the CVE-2025-53770 vulnerability, an unauthenticated remote code execution exploit in Microsoft SharePoint Server leveraging unsafe deserialization, by overcoming challenges in lab setup and payload analysis. We also hosted a community webinar on this topic, you can watch the recording here. 🛡️ Container 7 Updates Container 7 is the new home for our team of cyber security experts to post about their research, insights, and the latest threats and vulnerabilities that you need to know about. Patch Newsday July 2025 - As per usual, the Container 7 team have reviewed the latest Microsoft patches so that you don't have to. Weaponizing LLMs: Bypassing Email Security Products via Indirect Prompt Injection Ben McCarthy explains how Large Language Models can be exploited through hidden instructions in emails to reconstruct and present malicious links, thereby circumventing conventional email security products. Our Container 7 Team will be at Blackhat and DEFCON later this week. Keep an eye on the blog for their daily updates or say “Hi” if you see them there. 🙌 Special Shout Outs Please join me in thanking this month's most helpful members in our Help & Support Forum. 1. netcat 2. jamesstammers 3. Fa11acy 4. steven 5. SIgwe1 If you'd like to see your name here one day, head on over to the forum and answer a question. 🔮 Looking Forward Feeling lost without the Human Connection Challenge? Hit a dead end on your cybersecurity upskilling journey? Fear not, we have some a-maze-ing new challenge labs coming very soon 🌽 As always, we want to hear from you! Please give us your feedback on your community experience and let us know what else you'd like to see. See you in the community soon! KieranNew CTI Labs: CVE-2025-53770 (ToolShell SharePoint RCE): Offensive and Defensive
Recently, a critical zero-day vulnerability affecting on-premise SharePoint servers, identified as CVE-2025-53770, was uncovered. This vulnerability allows for authentication bypass, leading to remote code execution, and has been actively exploited in the wild. Eye Security researchers detected an in-the-wild exploit chain on July 18, 2025, during an incident response engagement. This discovery led to Microsoft assigning two CVEs: CVE-2025-53770 and CVE-2025-53771. The attack notably leveraged a combination of vulnerabilities to achieve its objectives, impacting numerous SharePoint servers globally. There is now a public exploit available for anyone wanting to achieve remote code execution. Why should our customers care? This critical vulnerability has been added to the CISA Kev Catalog. and with no authentication or user interaction, a vulnerable SharePoint server can be fully taken over remotely, letting attackers run arbitrary code as if they were privileged admins. SharePoint is a complex and large system that often holds a lot of sensitive data for organizations and is often a targeted system for attackers. Who is the defensive lab for? System Administrators SOC Analysts Incident Responders Threat Hunters Who is the offensive lab for? Red teamers Penetration Testers Threat Hunters Here are the links to the labs: Offensive: https://immersivelabs.online/v2/labs/cve-2025-53770-toolshell-sharepoint-rce-offensive Defensive: https://immersivelabs.online/v2/labs/cve-2025-53770-toolshell-sharepoint-rce-defensiveCommunity Newsletter - July 2025
Hello from Immersive HQ where we're getting ready for an extravaganza of events over this July! These include: 🎤 July 3rd - Beyond the Situation Room: What your crisis response looks like to the outside world 🎤 July 15th - Labs Live: Operational Technology 🎤 July 16th - Confessions of a Red Teamer: How Unseen Work Pays Off in a Crisis 🎤 July 17th - Immersive X Darktrace Community Meetup - London Yep, you read that correctly - our next in-person community meetup will be in London! We’ve teamed up with our friends at Darktrace and will be hosting an evening of cybersecurity talks and professional networking at Darktrace’s London HQ. Tell your teams, tell your colleagues, tell your friends... You’re all invited and you wont want to miss this one! 📰 Community Updates The Good This week, we enhanced the search functionality of this community by integrating our Help Center, which offers comprehensive help & support documentation, alongside your existing community articles. From now on, your community searches will return both community and help center resources... It's all at your fingertips! ✨ Read more here, try it out and let us know how you get on! The Bad It’s not always butterflies and rainbows in the world of community management and unfortunately we experience bugs on the community platform from time to time. Last week, we learned that the calendar invitation community you receive when you click “Attend” to one of our community events contains a dead link. We’ve reported this and are absolutely chasing it as a high priority, but, in the meantime, it’s best that you go to the event page itself when a webinar is due to start. We'll let you know when this is fixed. The Ugly Just kidding! There’s nothing ugly in this community, but the recent uptick in ClickFix phishing being used to socially engineer and get victims to download malware is pretty ugly alright. Here is some of my favourite community content from the last month: Catch the recording of MaxVetter & KevBreen's fireside chat, Decoding the May Retail Cyber Onslaught as events are still unfolding. Learn how to Build your first practical lab with Immersive’s lab builder product manager, MattParven. From Abstract to Action: Immersive One's Compliance Solution. Read about how a large healthcare customer has recently leveraged Immersive One for their training needs from Cyber Resilience Advisor, MarieHargraves. 🛡️ Container 7 Updates Did you notice our new Container 7 blog? Container 7 is the new home for our team of cyber security experts to post about their research, insights, and the latest threats and vulnerabilities that you need to know about. Patch Newsday June 2025 - The Container 7 team have reviewed the latest Microsoft patches so that you don't have to. Insider Threats: Definitions, Types & How to Detect Them 🙌 Special Shout Outs Please join me in thanking this month's most helpful members in our Help & Support Forum. 1. netcat 2. retornet 3. gwenael 4. dpnotnull 5. T3S0r0 If you'd like to see your name here one day, head on over to the forum and answer a question. 🔮 Looking Forward Did I mention that we’re taking July’s meetup to London? Sign up to catch talks from Immersive’s SabrinaKayaci, Appsec engineer & Darktrace’s Nicole Wong, Principal Analyst. Did you hear about the Immersive Cyber Resilience Awards 2025? Read on to learn how you can qualify for nine different awards this October. See you back in the community soon! TillyCommunity Newsletter - June 2025
Hello from Immersive HQ where once again we're getting ready for our next in-person community meetup on Thursday, June 12th. Come and join us for another evening of talks from cyber security experts RobertKlentzeris, KevBreen and MisterV. 🎁 Community Challenge Season 1 Congratulations to every single one of you who attempted our community challenge labs. Since we launched the challenge in November 420 of you have collectively logged over 2,600 lab attempts! Don't worry if you struggled. All of the walkthrough guides are available here. We are in the process of contacting the Season winners. 🏆 The Human Connection Challenge Over 100 of you attempted this month's challenge, and 19 completed it before the deadline! 🥇 First to Finish Waqar was the fastest community member to complete the lab - looks like you registered a community account just in time! ⏱️ Fastest to Complete Jamesstammers2 was the fastest to complete in just under 4 hours. 🎯 Most Accurate Markus onkelstony Jamesstammers2 m0ns00n IotS2024 barney gromych Xat CyberSharpe phurtim frakattk and netcat all got 100% - Nicely done everyone! 💪 Most Persistent Congrats to chuz2z who spent over 12 hours on this lab! Congratulations to all of our winners! If you haven't completed it yet you can find the walkthrough here. The Community Challenge is taking a short break while we prepare for Season 2. Please drop a comment below and let us know what you'd like to see in the next season. 📰 Community Updates Here are some of my favourite community articles from the last month: This month GreggOgden posted a 3 part series on Level Up Your Organisation's Resilience Using Cyber Drills: Part 1: Unlocking the Power of Cyber Drills with Immersive Part 2: Planning and Executing Effective Cyber Drills with Immersive Part 3: Analyzing Results and Building a Culture of Continuous Improvement 🛡️ Container 7 Updates Did you notice our new Container 7 blog? Container 7 is the new home for our team of cyber security experts to post about their research, insights, and the latest threats and vulnerabilities that you need to know about. Patch Newsday May 2025 - As per usual, the Container 7 team have reviewed the latest Microsoft patches so that you don't have to. ZEROLOT Analysis - Inside Sandworm’s Destructive New Wiper Decoding the May Retail Cyber Onslaught - Inside the World of Ransomware Cartels and Social Engineering 🙌 Special Shout Outs Please join me in thanking this month's most helpful members in our Help & Support Forum. 1. netcat 2. steven 3. retornet 4. Xat 5. CyberSharpe If you'd like to see your name here one day, head on over to the forum and answer a question. 🔮 Looking Forward Did I mention that we have a meetup in Bristol on Thursday, June 12th? Not in Bristol? Don't worry, next month we hope to host a meetup in London. Please get in touch if you would like to host us or speak. We also have lots of cyber drills taking place globally, you can find the details on our events page. Did you hear about the Immersive Cyber Resilience Awards 2025? Read on to learn how you can qualify for nine different awards this October. As always, we want to hear from you! Please give us your feedback on your community experience and let us know what else you'd like to see. See you in the community soon! KieranBeyond the Badges: Why Women in Cyber Events are a Game-Changer (for Everyone!)
Let’s be honest, traditional cyber conferences can sometimes feel a bit... well, a tad dry, can't they? We've all experienced the endless lectures, the slightly awkward coffee breaks that aren't quite conducive to proper networking, and enough tech deep-dives to make you genuinely pine for your admin tasks! But what if I told you there’s a completely different kind of event out there? One that’s actually, dare I say, genuinely enjoyable? From the moment I stepped in, I was greeted by a room absolutely buzzing with competent and knowledgeable professionals. The shared focus was palpable: to forge new connections and genuinely support one another. This wasn't a room of homogenous backgrounds; it was a vibrant mix of individuals from all walks of life – some cyber-adjacent, some industry newcomers, others in technical leadership roles. Crucially, there wasn't a hint of superiority or self-importance amongst them. It genuinely felt like everyone was eager to engage, to learn about each other, and to passionately discuss the very thing that brought us all together: Cyber! (Yes, we were delightfully a room full of nerds, and proud of it!) We swiftly moved into the main event room, ready to kick off the day's exciting agenda. I must take a moment here to express how incredibly proud I am of Immersive. Utilising our cutting-edge Crisis Sim tooling, we all participated in an extraordinarily engaging simulation, complete with fantastic DC Comic vibes (maintaining that wonderful nerd persona!). What truly set this simulation apart for me was the complete absence of fear when conversations were opened up to the entire room. I genuinely attribute this to the incredibly safe and supportive atmosphere that permeated the entire day. The debates and discussions at each table were simply brilliant, with diverse opinions and experiences beautifully articulated and every single person feeling truly heard. As another example of the brilliance of this event, there was also a moment where one of the guests, using just a lanyard and a pair of scissors, DIY'd a perfectly functioning fridge handle. Inspiring to say the least, though not something that was originally on the agenda. Amongst other fantastic introductions, including a shout-out to WITCH (Women in Tech & Cyber Hub – definitely worth exploring), our very own product powerhouse, Amy Millard, joined the discussion panel. She spoke eloquently about her journey of personal development, overcoming adversity, and masterfully balancing her home and work life. We also had the privilege of hearing from another inspiring Immerser and Woman in Cyber, Emma Walker. Her moving presentation beautifully highlighted the multitude of titles a person can simultaneously hold: Scientist, Psychologist, Wife, Daughter, and Mother to an adorable fur baby. Emma's talk sparked one of the most compelling discussion points of the day: ‘What does resilience truly mean to you?’ Now, if you've managed to navigate your way through this (admittedly lengthy!) post, I'd say that makes you incredibly resilient indeed! For me personally, resilience is about reaching a crossroads, having the courage to choose the most enjoyable option, dedicating yourself fully to that choice, and trusting completely that you've made the right decision. So, to wrap up, I want to share a message with every single professional in this industry, regardless of the gender you identify as: If you ever get the chance to attend a Women in Cyber-style event, DO IT. You might just find it's the most refreshing, insightful, and genuinely fun cyber experience you've ever had.New CTI Lab: CVE-2025-32463 (Sudo Chroot Elevation of Privilege): Offensive
On June 30, 2025, the Stratascale Cyber Research Unit (CRU) team identified a critical local privilege escalation vulnerability in sudo, tracked as CVE-2025-32463. This vulnerability, related to sudo's chroot option, can allow an attacker to escalate privileges to root on an affected system. Why should our customers care? This critical vulnerability is reasonably trivial to exploit, and should an attacker gain user-level access to a vulnerable machine, they'll be able to elevate their privileges and have full control over the machine. It has come to our attention that not many people are aware that sudo has versioning. It is a binary that is constantly iterated upon, which naturally may introduce new vulnerabilities. If administrators and security analysts are not aware of how these vulnerabilities work, this can lead to significant risks and impacts. Who is it for? Red Teamers Penetration Testers System Administrators Here is a link to the lab: https://iml.immersivelabs.online/labs/cve-2025-32463-sudo-chroot-elevation-of-privilege-offensiveSearch smarter: Community & Help Center content, all in one place!
We’ve integrated our Help Center with this community This means when you search for content using the search bar within the community, the searches now return both Community and Help Center content, so you can access all the information and guidance you need to succeed in one place. What’s the difference between the Community and the Help Center? Help Center Provides comprehensive guidance on using Immersive One, including how to get started with the platform, step-by-step workflows and how-to guides, release notes, Frequently Asked Questions documents, troubleshooting assistance, and lab content catalogues. Community The community is where Immersive One users come for SME-guided articles, peer-to-peer support forums, events, product updates, challenges and community notices. What else? The advanced search functionality and search filters have also been improved, so you can increase the accuracy of your search results; filtering from events, to community users - the search parameters are set by you. We hope you like what you see with this enhanced search functionality. To get into the specifics on how to use it, check out our Knowledge Base article, How to Search.New CTI/OT Lab: Norwegian Dam Compromise: Campaign Analysis
We have received reports of a cyber incident that occurred at the Lake Risevatnet Dam, near Svelgen, Norway, in April 2025. A threat actor gained unauthorized access to a web-accessible Human-Machine Interface (HMI) and fully opened a water valve at the facility. This resulted in an excess discharge of 497 liters per second above the mandated minimum water flow. Which persisted for four hours before detection. This attack highlights a dangerous reality: critical OT systems are increasingly exposed to the internet, making them accessible to threat actors. In this case, control over a dam’s valve system was obtained via an insecure web interface, a scenario that could have had even more severe consequences. A recent report by Censys identified over 400 exposed web-based interfaces across U.S. water utilities alone. This dam incident in Norway exemplifies the tangible risks posed by such exposures. In this lab, you will be taken through the attack from an offensive viewpoint, including cracking an HMI and fully opening two valves. Why should our customers care? OT environments, including dams, energy grids, and oil pipelines, are foundational to national security and daily life. These systems cannot be secured using traditional IT playbooks. As OT becomes more connected, tailored security strategies are critical to prevent unauthorized access and catastrophic failures. Who is it for? Incident responders SOC analyst Threat Hunters Red Teamer Penetration Testers OT Engineers Here is the link to the lab: https://immersivelabs.online/v2/labs/norwegian-dam-compromise-campaign-analysisNew CTI Lab: CVE-2025-33073 (SMB Elevation of Privilege): Defensive
Another vulnerability patched was released during Microsoft's June 2025 patch Tuesday review! An important elevation of privilege vulnerability was listed, and if exploited successfully, attackers can achieve elevation of privilege on the compromised machine. Even though it's not recorded to have been exploited in the wild as yet, the fact that research exists with details on how the vulnerability was found improves the chances an attacker will attempt to exploit this flaw against a victim.In these labs, you will be taken through the vulnerability from both an offensive and defensive perspective. Why should our customers care? This is a new vulnerability that has just been patched, and is has in depth research released about it. Successful exploitation of this vulnerability allows attackers to elevate their privileges and achieve command execution on a victim machine. Learn what sort of indicators this exploit leaves, but also learn how to execute and take advantage of this vulnerability! Who is it for? Incident responders SOC analyst Threat Hunters Red Teamer Penetration Testers Here is the link to the labs: Defensive: https://immersivelabs.com/v2/labs/cve-2025-33073-smb-elevation-of-privilege-defensive Offensive: https://immersivelabs.com/v2/labs/cve-2025-33073-smb-elevation-of-privilege-offensive Container 7 Release We have released a threat detection for this particular vulnerability, helping the community to protect against any potential use of this vulnerability. https://github.com/Immersive-Labs-Sec/SigmaRules/blob/main/cve-2025-33073-smb-exploit.yml
