New CTI/OT Lab: Norwegian Dam Compromise: Campaign Analysis
We have received reports of a cyber incident that occurred at the Lake Risevatnet Dam, near Svelgen, Norway, in April 2025. A threat actor gained unauthorized access to a web-accessible Human-Machine Interface (HMI) and fully opened a water valve at the facility. This resulted in an excess discharge of 497 liters per second above the mandated minimum water flow. Which persisted for four hours before detection. This attack highlights a dangerous reality: critical OT systems are increasingly exposed to the internet, making them accessible to threat actors. In this case, control over a dam’s valve system was obtained via an insecure web interface, a scenario that could have had even more severe consequences. A recent report by Censys identified over 400 exposed web-based interfaces across U.S. water utilities alone. This dam incident in Norway exemplifies the tangible risks posed by such exposures. In this lab, you will be taken through the attack from an offensive viewpoint, including cracking an HMI and fully opening two valves. Why should our customers care? OT environments, including dams, energy grids, and oil pipelines, are foundational to national security and daily life. These systems cannot be secured using traditional IT playbooks. As OT becomes more connected, tailored security strategies are critical to prevent unauthorized access and catastrophic failures. Who is it for? Incident responders SOC analyst Threat Hunters Red Teamer Penetration Testers OT Engineers Here is the link to the lab: https://immersivelabs.online/v2/labs/norwegian-dam-compromise-campaign-analysisCommunity Newsletter - June 2025
Hello from Immersive HQ where once again we're getting ready for our next in-person community meetup on Thursday, June 12th. Come and join us for another evening of talks from cyber security experts RobertKlentzeris, KevBreen and MisterV. 🎁 Community Challenge Season 1 Congratulations to every single one of you who attempted our community challenge labs. Since we launched the challenge in November 420 of you have collectively logged over 2,600 lab attempts! Don't worry if you struggled. All of the walkthrough guides are available here. We are in the process of contacting the Season winners. 🏆 The Human Connection Challenge Over 100 of you attempted this month's challenge, and 19 completed it before the deadline! 🥇 First to Finish Waqar was the fastest community member to complete the lab - looks like you registered a community account just in time! ⏱️ Fastest to Complete Jamesstammers2 was the fastest to complete in just under 4 hours. 🎯 Most Accurate Markus onkelstony Jamesstammers2 m0ns00n IotS2024 barney gromych Xat CyberSharpe phurtim frakattk and netcat all got 100% - Nicely done everyone! 💪 Most Persistent Congrats to chuz2z who spent over 12 hours on this lab! Congratulations to all of our winners! If you haven't completed it yet you can find the walkthrough here. The Community Challenge is taking a short break while we prepare for Season 2. Please drop a comment below and let us know what you'd like to see in the next season. 📰 Community Updates Here are some of my favourite community articles from the last month: This month GreggOgden posted a 3 part series on Level Up Your Organisation's Resilience Using Cyber Drills: Part 1: Unlocking the Power of Cyber Drills with Immersive Part 2: Planning and Executing Effective Cyber Drills with Immersive Part 3: Analyzing Results and Building a Culture of Continuous Improvement 🛡️ Container 7 Updates Did you notice our new Container 7 blog? Container 7 is the new home for our team of cyber security experts to post about their research, insights, and the latest threats and vulnerabilities that you need to know about. Patch Newsday May 2025 - As per usual, the Container 7 team have reviewed the latest Microsoft patches so that you don't have to. ZEROLOT Analysis - Inside Sandworm’s Destructive New Wiper Decoding the May Retail Cyber Onslaught - Inside the World of Ransomware Cartels and Social Engineering 🙌 Special Shout Outs Please join me in thanking this month's most helpful members in our Help & Support Forum. 1. netcat 2. steven 3. retornet 4. Xat 5. CyberSharpe If you'd like to see your name here one day, head on over to the forum and answer a question. 🔮 Looking Forward Did I mention that we have a meetup in Bristol on Thursday, June 12th? Not in Bristol? Don't worry, next month we hope to host a meetup in London. Please get in touch if you would like to host us or speak. We also have lots of cyber drills taking place globally, you can find the details on our events page. Did you hear about the Immersive Cyber Resilience Awards 2025? Read on to learn how you can qualify for nine different awards this October. As always, we want to hear from you! Please give us your feedback on your community experience and let us know what else you'd like to see. See you in the community soon! Kieran
Community Newsletter - February 2025
Welcome to February’s edition of the community newsletter! After what feels like a long month for many, February is finally here! Let's take a moment to look back at some of our favourite community highlights from January: 🏆 The Human Connection Challenge First of all, The moment that many of you have been waiting for: The results of Episode 3 of The Human Connection Challenge: Season 1. Here are the top performing community members in each category: 🥇 First to Finish jamesstammers was the first to finish the lab, in what can only be described as rapid speed! ⏱️ Fastest to Complete Xat was the fastest to finish, completing in a very respectable 48 minutes. 🎯 Most Accurate Shout outs to autom8on jamesstammers Xat and ifeanyiukadike, who each completed the lab 100% accuracy. 💪 Most Persistent They say that the most certain way to succeed is always to try just one more time… audeyisaacscba & netcat did exactly that, securing the spots for the most persistent participants. Congratulation to winners and all who took part. Share how you got on in the comments below, and keep your eyes peeled for ✨ Lab 4 ✨ later today 👀 If you'd like to see how the lab author BethHolden intended for you to complete the lab, check out the official walkthrough here. 💡 Expert Insights We kicked off this year with a content theme of our highly anticipated new feature, Custom Lab Builder. You can read all you need to know about lab builder here: Feature Focus: Introducing Lab Builder Feature Focus: Introducing Drag and Drop, Free Text Questions, and Instructional Tasks in the Lab Builder A 3-part series from NaomiRoberts starting with From Concept to Content: A Deep Dive into Theorizing and Planning a Lab Collection From Feng Shui to Surveys: How User Feedback Shapes Immersive Labs And the beginning of a 3-part series from helenpayne & LauraBrady on Making the Most of Custom Lab Builder, deep-diving on topics including Accessibility, Inclusivity and Tone of Voice. And as usual, our expert CTI team have worked tirelessly to deliver the latest in CTI news, including new labs & Patch Tuesday January 2025. 🤝 Peer to Peer Support We built the Human Connection to help our members to connect and support each other, so it’s great to see many of you actively engaging to troubleshoot challenges and sharing solutions over in the Help and Support forum. So far, the forum is proving its worth with over 180 solutions to date. This month I wanted to particularly wanted to thank RobN who achieved Bronze III Rank by providing hints and tips to numerous other members. Thank you! In addition to forums, on Friday we introduced the community to the Human Connection Study Group! More news on the very first lab of Study Group coming later today. 📰 Product Updates If you are an Immersive Labs customer, come and read about all of the new features (including Lab Builder) and content in our January Release Notes. 🗓️ Exclusive Events If you missed it, catch KevBreen DaveSpencer & DanPotter in the recording of Be Ready in 2025: Hot Cybersecurity Takes and How to Build Resilience 🔮 Looking Forward We know how popular JP’s virtual Crisis Sims have been in this community, so you’ll be pleased to know that he’s back on valentines day with #LoveHacked Virtual Crisis Sim LIVE To look forward, we need to look back over your experiences of the community, so please do take the time to complete the survey this week. Last week we attended an Immersive off-site in Dublin, where we connected with colleagues across the business to plan lots of great initiatives, content and events to come in 2025, so watch this space! Of course, no trip to Dublin is complete without a visit to the Guiness Storehouse… It had to be done! Stay tuned by following the News & Announcements Tag and turn on your email Notifications 👀 See you in the community soon! TillyAnnouncing the Winners of the 2025 Cyber Resilience Customer Awards!
What a year for cyber resilience! As we say goodbye to another Cybersecurity Awareness Month, we are thrilled to celebrate the organizations and individuals who have demonstrated exceptional dedication to proving and improving their cybersecurity posture, defending against emerging threats, and embedding a culture of resilience across their organizations using the Immersive One platform. Collectively, our customers have tackled countless labs and simulations, setting new benchmarks for capability and speed. After crunching the numbers and reviewing the nominations, we're ready to announce just some of the winners who truly excelled in 2025 across the following categories: Emerging Threats Leader Award The Emerging Threats Leader award recognizes organizations and individuals at the forefront of threat detection and threat hunting; proactively identifying risks and strengthening defenses using insights from our Cyber Threat Intelligence labs. 🏆 Emerging Threats Award Organization Winners include: NHS England T-Mobile Arctic Wolf 🏆 Emerging Threats Award Individual Winners include: Steven Glogger, Swisscom Paul Blance, Specsavers Taz Wake, Jones Lang LaSalle Mark Cox, NationalGrid Stephen Wilson, BT Group Cyber Resilience Leader Award This award acknowledges organizations that maximize the full use of the Immersive One platform to fully optimize end-to-end cyber readiness. True cyber resilience goes beyond simply preventing attacks; it encompasses the ability to prove, improve, benchmark and report your cyber resilience. 🏆 Cyber Resilience Leader Award Winners include: Swisscom NHS England Arctic Wolf Darktrace BT Group Secure Development Champions Award This award celebrates organizations and individuals who champion security throughout the software development lifecycle. It recognizes a proactive approach to building secure applications, emphasizing practices like threat modeling, secure coding standards, and rigorous testing using the Immersive One platform to prepare and demonstrate secure coding practices. 🏆 Secure Development Champion Organization Award Winners include: Citigroup GfK Swisscom 🏆 Secure Development Champion Individual Award Winners include: Steffen Wacker, Arctic Wolf Joao Santos, GfK Omkar Joshi, GfK Balaji Kannan, GfK Naresh Sivakumar, GfK Alexander Kolyshkin, EMCD Exercising Excellence Award The Exercising Excellence award recognizes organizations that have excelled in regularly using scenarios on the Immersive One platform to prove their cyber resilience. They have successfully run multiple crisis simulations to regularly exercise their teams and have high levels of participation and engagement. 🏆 Exercising Execellence Award Winners include: Mastercard Citigroup Siemens Energy NHS England Immersive Trailblazer Award This award recognizes individuals who simply love Immersive and have shown exceptional dedication to the platform. They have been amongst our top point scorers since January 1st 2025, completing thousands of labs and truly immersing themselves in the platform. 🏆 Immersive Trailblazer Award Winners include: Mico Marcos, PepsiCo QingKai Ma, Hubbel Community Leader Award Our final award, the Community Leader award, recognizes individual members of the Human Connection Community that have contributed to, and engaged with, both community content and their fellow community members. They have consistently shared tips and advice, engaged with popular threads and participated in community events and meetups, helping to bring the Human Connection community to life. 🏆 Community Leader Award Winners include: netcat steven CyberSharpe autom8on MegMarCyberTrust Nneka_AN Dooley DGAnnouncing the Immersive Cyber Resilience Awards 2025!
At Immersive, we recognize the exceptional efforts of organizations and individuals leading the charge in building true cyber resilience. That's why we’re thrilled to introduce the all-new Immersive Cyber Resilience Awards for 2025! These awards are designed to celebrate those demonstrating an outstanding commitment to proving and improving their cyber resilience through practical application and deep engagement with the Immersive One platform. For Cyber Awareness Month 2025, we're expanding last year’s successful Customer Awards program to nine honors across three categories – celebrating more top-tier organizations and cyber pros than ever. Let’s look at this year’s categories and what’s up for grabs when Cyber Awareness Month rolls around this October! Cyber Resilience Awards 01. Emerging Threats Leader This award recognizes those leading the charge in threat detection and hunting, proactively identifying risks and strengthening defenses using insights from our Cyber Threat Intelligence labs. To qualify for this award, we’ll be looking at the: Total number of Cyber Threat Intelligence (CTI) labs completed: Indicating a strong commitment to understanding the latest threat intelligence. Average time to complete and respond to every new CTI lab: Highlighting efficiency and agility in addressing emerging threats. 02. Cyber Resilience Leader This award acknowledges organizations that maximize the full use of the Immersive platform to fully optimize end-to-end cyber resilience. True cyber resilience goes beyond simply preventing attacks; it encompasses the ability to withstand, respond to, and recover from cyber incidents with minimal disruption. This award celebrates organizations that: Zero in on the breadth and depth of coverage across the MITRE ATT&CK framework: Demonstrating a comprehensive understanding and application of real-world attack tactics and techniques. Have taken it upon themselves to build Immersive fully into their cyber resilience program: Showing a deep integration of practical cyber skills development into their overall security strategy. 03. Immersive Trailblazer This award recognizes individuals who simply love Immersive and have shown exceptional dedication to the platform. This category celebrates personal commitment and enthusiasm for continuous learning and skill development in cybersecurity. We’re looking for individuals who: Have been our top point scorers since January 1, 2025: Indicating consistent engagement and mastery of a wide range of cyber skills. Have completed hundreds of labs and truly immersed themselves in the platform: Demonstrating an exceptional commitment to hands-on learning and practical skill development. Cyber Excellence and Innovation Awards 04. Exercising Excellence (Crisis Sim) This award recognizes organizations that have excelled in regularly using Crisis Sim scenarios to prove their cyber resilience. In the face of a major cyber incident, the ability to respond effectively and maintain business continuity is critical. This award celebrates organizations that: Have successfully run multiple simulations: Demonstrating a proactive approach to testing and refining their incident response plans. Have high participation in Immersive's own virtual Crisis Sims: Indicating a commitment to leveraging realistic and challenging scenarios to prepare their teams. 05. Exercising Excellence (Cyber Drilling) This Immersive-nominated prize rewards organizations that have successfully implemented and run cyber drill exercises with Immersive in 2025. Cyber Drills are dynamic, immersive simulations that test every aspect of an organization’s ability to detect, manage, and recover from high-impact cyber threats. This award celebrates organizations that have: Actively run Immersive-led cyber drills as part of their security training program: Showing a commitment to continuously improving technical capabilities. Demonstrated success in integrating Cyber Drill outcomes and learnings into their wider security landscape: Highlighting their ability to translate theoretical knowledge into practical skills. 06. Secure Development Champion (AppSec) This award celebrates organizations and individuals championing security throughout the software development lifecycle. Proactive security measures integrated early in the development process are essential for building secure and resilient applications. This award recognizes those who: Have implemented strong Developer Champion programs into their secure development training environment: Demonstrating a commitment to embedding security expertise within development teams. Have completed the highest number of AppSec lab content on the Immersive One platform: Demonstrating a dedication to hands-on practical learning and ongoing upskilling across the secure development lifecycle. Immersive Growth and Adoption Awards 07. Cybersecurity Maturity Leader This award recognizes organizations that have significantly shifted their security culture as a direct result of integrating the full Immersive One platform into their cybersecurity infrastructure. Building a strong security culture is fundamental to long-term cyber resilience, and this award celebrates those who have successfully fostered a more security-aware and engaged workforce. We’re looking for organizations that have demonstrated: A noticeable positive evolution in employee security behaviors and awareness. Evidence of Immersive One being a key driver in this cultural transformation. A commitment to embedding continuous learning and practical skills development across the organization. 08. Immersive Impact and Growth Leader This award recognizes organizations and individuals whose level of engagement with the Immersive One platform has significantly increased over 2025. This category celebrates those actively expanding their use of the platform to enhance their cyber capabilities. We’ll be taking into account factors such as: Overall growth in platform utilization and engagement. Involvement and engagement with Immersive-hosted challenges and competitions. 09. Community Leader This award recognizes individual members of the Human Connection Community who have significantly contributed to, and engaged with, both community content and their fellow community members. A strong and supportive community is invaluable in cybersecurity, fostering collaboration, knowledge sharing, and mutual growth. This award celebrates individuals who have: Consistently shared tips and advice. Engaged with popular threads and participated in community events and meetups. Actively helped to bring the Human Connection community to life. Now it’s over to you! We’ll be unveiling the winners of each category throughout Cyber Awareness Month in October 2025, with some exciting prizes up for grabs along the way to fuel your journey. All you have to do is stay on top of your game with Immersive. Throughout the year, keep your eyes peeled for fun and engaging challenges, competitions, and events meticulously designed to help you and your teams sharpen your skills, deepen your understanding of the threat landscape, and ultimately, strengthen your cyber resilience. We're excited to celebrate your progress and achievements as you continue to build a more secure digital future.Community Newsletter - April 2025
Hello from Immersive HQ in Bristol UK where last week we hosted our first ever in-person community meetup. Ever since we launched this community last September we've been keen to find ways to make it more than just a collection of online forums and blogs about our products, and it would appear that you agree! Last Thursday 45 of you turned out for a standing-room only night of cybersecurity talks including the History of Encryption and the Future of Quantum Computing... it was great to put some faces to usernames! These sessions were not recorded, so you'll have to join us for our next meetup to see what it's all about. If you can't make it to Bristol, we are working on our plans to go further afield in the future. If you'd like to speak at a meetup or can offer accomodation please let us know. 🏆 The Human Connection Challenge Over 250 of you attempted this month's challenge, but only 10 completed it before the deadline! 🥇 First to Finish Once again steven completed the lab just a few hours after it's release! How does he do it? ⏱️ Fastest to Complete Steven was also the fastest to complete, with onkelstony coming in second in just under 3 hours. 🎯 Most Accurate Despite the difficulty, the following members all got 100% accuracy in their first attempt: BigChungus autom8on Markus IotS2024 Xat 💪 Most Persistent This month, the most persistent award goes to audeyisaacscba netcat barney MathewM Congratulations to all of our winners! If you haven't completed it yet you can find the walkthrough here. 📰 Community Updates This month we've been mostly concerned with last week's meetup, so there's not been too many changes around here, but hopefully you didn't mis BenMcCarthy and benhopkins fantastic SmokeLoader Blog Series: Reverse Engineering SmokeLoader: An In-Depth Analysis (Stage 1) Reverse Engineering SmokeLoader: An In-Depth Analysis (Stage 2) Reverse Engineering SmokeLoader: An In-Depth Analysis (Part 3) 🙌 Special Shout Outs This month we are introducing a new feature to the newsletter where we give thanks to the most helpful members in our Help. 1. steven 2. IotS2024 3. T3S0r0 4. pschmidt 5. Xat If you'd like to see your name here one day, head on over to the forum and answer a question. 🔮 Looking Forward The penultimate community challenge was launched earlier today and we have big plans for the season finale in May! Meanwhile, the project to integrate our Knowledge Base with the Community is in full swing and we anticipate that you will be able to use the search bar at the top of this page as a one stop shop for all of your Immersive needs in just a few weeks. I'm personally looking forward to the next Puppetmaster Crisis Sim on Thursday 3rd April and of course, the next meetup on 7th May at our Bristol HQ. Finally, we want to hear from you! Please give us your feedback on your community experience and let us know what else you'd like to see. See you in the community soon! KieranOctober is here! Prepare for Cybersecurity Awareness Month with Immersive 🎃
In a world where technology and threats are constantly evolving, building a resilient team is more important than ever. At Immersive, we're proud to be your partner in this journey, and we've put together a fantastic lineup of events, challenges, and resources throughout October to help you and your teams stay ahead of the curve. What’s on at Immersive this Cybersecurity Awareness Month 📆 Oct 1st Whitepaper: GenAI’s Impact on Cybersecurity Skills and Training Oct 6th Trick or Treat on Specter Street Challenge Begins: Labs 1-3 Oct 9th Labs Live: Ripper's Riddle Community Webinar Oct 13th Trick or Treat on Specter Street Challenge: Labs 4 - 6 Oct 15th Webinar: How to Build a People-Centric Defense for AI-Driven Attacks Oct 16th Labs Live: Cursed Canvas Community Webinar Oct 20th Trick or Treat on Specter Street Challenge: Labs 7 - 9 Oct 22nd Cyber Resilience Customer Awards Winners Revealed Oct 23rd Labs Live: Macro Polo Community Webinar Oct 27th Trick or Treat on Specter Street Challenge: Labs 10-12 Oct 30th Labs Live: Phantom Pages Webinar Oct 31st Trick or Treat on Specter Street Challenge Finale: Labs 13 Oct 31st Virtual Crisis Sim: The Puppet Master’s Trick or Treat Challenges and Labs Trick or Treat on Specter Street 👻 Welcome to Trick or Treat on Specter Street, a Halloween-themed cybersecurity challenge where you'll use both offensive and defensive skills to solve a mystery unlike anything we’ve encountered before. Each week throughout October, we’ll drop new hands-on labs that slowly begin to uncover the secrets of Specter Street. Can you crack the case? Find out more. AI Foundations 🤖 Ready to navigate the rapidly evolving world of Artificial Intelligence with confidence? Give our new AI Foundations lab collection a go! Designed to equip your teams with critical AI knowledge and practical implementation skills; this initial collection features seven foundational labs that progressively guide your teams from high-level overviews to secure, hands-on AI implementation. Find out more. Events and Webinars Webinar How to Build a People-Centric Defense for AI-Driven Attacks Wednesday October 15th A must-attend event for understanding how threat actors are leveraging AI and other emerging technologies to carry out attacks. Register Now. Virtual Crisis Sim The Puppet Master’s Trick or Treat Friday October 31st Join us on Halloween as the notorious Puppet Master returns for a fiendish game of Trick or Treat 🎃 Play along with our Immersive crisis response experts as we tackle a LIVE coordinated attack from the Puppet Master on a Critical National Infrastructure organization. Dare you play the Puppet Master’s game and survive, or will they finally get their revenge?! Register Now. AI and Emerging Threats Throughout the month, we’re shining a spotlight on the rise of AI in cyber. From our all-new AI Foundational lab series to cutting edge research from the experts at the cutting edge of GenAI in cybersecurity in our latest whitepaper: GenAI’s Impact on Cybersecurity Skills and Training. Explore our latest AI-focused resources and upskill your teams to confidently face the future of cyber resilience. Check out our latest reports, articles, webinars and more on GenAI, here. Celebrating Cyber Resilience Heroes 🏆 We're also celebrating the individuals and organizations at the forefront of cyber resilience with our Cyber Resilience Customer Awards. Keep your eyes peeled on our social channels! We'll be unveiling our latest winners on October 22nd, recognizing those who demonstrate an outstanding commitment to proving and improving their cyber readiness. It's going to be a jam-packed month focused on practical application and deep engagement. Let’s make this the most secure October yet!New CTI Labs: CVE-2025-53770 (ToolShell SharePoint RCE): Offensive and Defensive
Recently, a critical zero-day vulnerability affecting on-premise SharePoint servers, identified as CVE-2025-53770, was uncovered. This vulnerability allows for authentication bypass, leading to remote code execution, and has been actively exploited in the wild. Eye Security researchers detected an in-the-wild exploit chain on July 18, 2025, during an incident response engagement. This discovery led to Microsoft assigning two CVEs: CVE-2025-53770 and CVE-2025-53771. The attack notably leveraged a combination of vulnerabilities to achieve its objectives, impacting numerous SharePoint servers globally. There is now a public exploit available for anyone wanting to achieve remote code execution. Why should our customers care? This critical vulnerability has been added to the CISA Kev Catalog. and with no authentication or user interaction, a vulnerable SharePoint server can be fully taken over remotely, letting attackers run arbitrary code as if they were privileged admins. SharePoint is a complex and large system that often holds a lot of sensitive data for organizations and is often a targeted system for attackers. Who is the defensive lab for? System Administrators SOC Analysts Incident Responders Threat Hunters Who is the offensive lab for? Red teamers Penetration Testers Threat Hunters Here are the links to the labs: Offensive: https://immersivelabs.online/v2/labs/cve-2025-53770-toolshell-sharepoint-rce-offensive Defensive: https://immersivelabs.online/v2/labs/cve-2025-53770-toolshell-sharepoint-rce-defensive
