Top 10 AWS Attacker Techniques 2023
Amazon Web Services (AWS) is the most popular cloud [...]
Amazon Web Services (AWS) is the most popular cloud [...]
Organizations are wasting their money on cybersecurity training. This may [...]
I never really thought about just how exposed the person-in-the-middle [...]
Over 81% of developers knowingly ship vulnerable code regularly. This [...]
Both attackers and researchers often use msfvenom to generate shellcode. [...]
Agile is one of the most common buzzwords used to [...]
Cybersecurity professionals. Administrative assistants. Engineers. HR professionals. Managing directors. [...]
Git, a version control system, is one of the [...]
Cyber attacks are on the rise, threatening infrastructure, supply [...]
Application security (AppSec) vulnerabilities are increasing rapidly. According to [...]
There’s no shortage of cybersecurity training or certifications for [...]
This year, retailers are anticipating a high volume of [...]
How to prove cyber resilience Throwing money at cybersecurity [...]
Can You Trust Single Sign-On? A Novel Technique for [...]
Logging in AWS – a journey of discovery Logging [...]
Writing good quality code is not enough to improve [...]
Overview Earlier this year, researchers at Immersive Labs responsibly [...]
Okay, so we all know developers are great problem solvers. Every day they harness this superpower of turning ideas into reality. However, with great power comes even greater responsibility. That means ensuring they create secure applications can be more important than making sure they deliver that exciting new feature on time.
Cybersecurity talent acquisition and retention is one of the biggest challenges security executives face in 2022. The need for skilled cybersecurity resources is ever-increasing, so competition for experienced cybersecurity pros is fierce. Meanwhile, the unpredictable and unrelenting nature of cybersecurity often leads to burnout and employee turnover issues.
Immersive Labs’ Crisis Sim customers can easily create bespoke scenarios using our new template range.
In a previous post, we highlighted how the development [...]
One of the things that makes enterprise security so challenging [...]
“Government organisations are routinely and relentlessly targeted [for cybersecurity [...]
When hearing the term “exploit development”, your first instinct may be to recoil in horror, recalling news stories of nefarious hackers breaking into systems and stealing from the innocent. However, just as a lock pick can aid both a thief and a locksmith, exploit development is a skill that can be used for both ethical and unethical purposes.
In our latest blog post, learn the human capabilities needed to respond, contain, and recover from the inevitable subset of cybersecurity breach attempts that succeed.
In Q3 2021, a team of researchers reported a new [...]
A fairly quiet Patch Tuesday this month but still [...]
Join us at Infosecurity Europe on June 21–23 to play [...]
Join us at Infosecurity Europe on June 21–23 to play [...]
Join us at Infosecurity Europe on June 21–23 to [...]
Resilience is important in any workplace. It’s been a [...]
Most start-ups invest significant time and energy in defining [...]
Security admins need to watch out for several vulnerabilities in [...]
I joined Immersive Labs’ revenue operations team in February [...]
What was flexible working like before the pandemic? [James] Flexible working [...]
In late March 2022, a security researcher accidentally disclosed [...]
It’s Monday morning in the Crisis Sim Content team at [...]
On Tuesday March 8, Immersive Labs, along with countless other [...]
Ain't no mountain high enough I only ever wanted [...]
Starting a new job remotely is pretty much the [...]
Hi, I’m James. I look after our Talent Acquisition [...]
We caught up with Ed Green, Head of Commercial Technology at McLaren, to discover his vision for optimizing the cyber workforce of the entire business.
Kev Breen shares his thoughts on November's Patch Tuesday!
The start of XD Day Hello! I’m Rob Pezet, [...]
Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.
Today, we are proud to announce an initiative with the […]
Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.
CVE-2021-40444 On the 7th of September 2021, Microsoft announced [...]
Earlier this year, a hacker found guilty for his ‘high-level’ involvement in a series of financially motivated cyberattacks received a ten-year jail sentence in Seattle.
Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.
Our Director of Cyber Threat Research, Kev Breen, recently discovered […]
AppSec Engineers, Mat Rollings and Will Roberts, explore an RCE vulnerability in Less.js.
Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.
Our Director of Cyber Threat Research, Kev Breen, recently discovered […]
Immersive Labs is today announcing a Series C investment of $75m with Insight Partners, Menlo Ventures, Citi Ventures and existing investor Goldman Sachs. James Hadley, CEO and Founder, shares his plans for the future of the platform.
What comes after Patch Tuesday? Patch Newsday of course! Check out the biggest and baddest vulnerabilities from June 2021 Patch Tuesday here.
DarkSide's Colonial strike proved that attacks on IT can easily bleed into operations – and this will only encourage onlooking hackers.
In collaboration with Osterman Research, we recently embarked on a […]
For Anti-Ransomware Day, we caught up with Kev Breen to find out what you need to know about ransomware in 2021.
It’s Patch Newsday! As always, we caught up with Kev Breen, Director of Cyber Threat Research here at Immersive Labs, to uncover all the best bits from this month’s Patch Tuesday.
For World Password Day 2021, Kev Breen, our Director of Cyber Threat Research, weighs in with his advice on keeping your passwords safe.
Kev Breen, Director of Cyber Threat Research, loves a bit of bug hunting. Here's what he's found this time...
Those hot pandemic looks! 2020 didn’t bring much positivity [...]
When every decision impacts the next, it's crucial that crisis management teams are prepared to respond in tandem.
Join one of our upcoming webinars to play through our exciting new pharma crisis scenario.
The fix for CVE-2020-28243 in SaltStack may have prevented command injection – but it wasn't enough.
Hafnium has been exploiting four zero-day vulnerabilities in Microsoft Exchange, depositing tools that would enable threat actors to gain remote access to victim systems following initial access.
Kev Breen, Director of Cyber Threat Research here at Immersive Labs, shares his thoughts on this month's Patch Tuesday.
The Controller Area Network (CAN) of a vehicle can be […]
In honor of International Women's Day 2021, we caught up with Debbie Tunstall, Account Director here at Immersive Labs.
In collaboration with Dan Raywood, we've been catching up with the people of InfoSec to find out what makes them tick. This is the first blog in our #CyberHumans series.
Here at Immersive Labs, we love to get exploits and […]
Mat Rollings, Vulnerable App Developer at Immersive Labs, has uncovered a command injection vulnerability in SaltStack's Salt programme.
Global diversity is having a moment – and rightly so. […]
As part of LGBT+ History Month in the UK, we're catching up with Paul Thomas, Engineering Manager, to find out why being open matters.
Cyberextortion is now rife online – but where did it all begin? And what, if anything, can we learn from physical extortion cases?
Kev Breen, Director of Cyber Threat Research here at Immersive Labs, shares his thoughts on this month's Patch Tuesday.
As part of our Life at Immersive Labs series, we catch up with Steph McCrary, Sales Development Representative, to discover just what Black History Month means to her - and why we should be celebrating it every month.
In the first week of 2021, messaging giant WhatsApp announced […]
You can’t always anticipate a data breach. What do you do when the unexpected happens at a high-security organization? What if national secrets are now in the hands of your adversaries?
Immersive Labs Announces New Series for Incident Responders and Threat [...]
Before dipping your toes into the considerable waters of cyber crises, you should first understand what a crisis is more broadly. That might sound elementary – it’s just a bad situation right? – but the definition runs deeper than you might think.
We knew it already, but now it’s official: Immersive Labs […]
Immersive Labs’ Cyber Crisis Simulator is an online solution that drops defenders and decision makers into real-time cyber crises. The system challenges teams to make critical decisions when dealing with emerging incidents such as ransomware outbreaks, insider threats, data breaches, and spear-phishing attacks.
The US government was recently hit by a severe [...]
The US government was recently hit by a severe [...]
This is the third post in a series by psychologist [...]
This is the third post in a series by [...]
People often assume that AppSec focuses solely on the security involved in an app or service’s development – but this isn't the case.
It's the spookiest time of the year, so naturally we've got free labs to get you ready for Halloween!
Randy Franklin Smith of Ultimate Windows Security will discuss the details around the vulnerability, how it works, and what’s at risk. Not only that but our own Director of Cyber Threat Research, Kev Breen, will be totally hands-on and demonstrate how to use this attack in red teaming using the Immersive Labs platform.
Kev Breen, Director of Cyber Threat Research at Immersive Labs, recently conducted research into the Fitbit app store. This is what he found.
The cybersecurity landscape is, traditionally, not very diverse. There. We […]
Guest blog by Phil Venables, CISO at Goldman Sachs. Originally appeared on the Risk & Cybersecurity: Thoughts from the Field blog.
Ransomware affected half of all businesses last year, and this […]
Immersive Labs is delighted to feature in Tech Track's 10 Ones to Watch. Our CEO James Hadley shares his thoughts.
Anyone who has formulated an organizational plan knows that [...]
The evolving cyber field needs people who develop their skills continually, and you can encourage this by making learning fun.
The folklore genre of mythology consists of narratives that play […]
A version of this appeared on Infosecurity magazine The suspension […]
In light of Anthony Levandowski's sentencing, we take a look at the five types of insider threats – and how you can tackle them in your own organization.
We recently released one of the few definitive reports on cyber crisis preparedness. Compiled alongside Ostermann Research, it taps into the collective consciousness of around 400 CISOs and senior security leaders at organizations with more than 500 employees.
We recently released one of the few definitive reports on cyber crisis preparedness. Compiled alongside Ostermann Research, it taps into the collective consciousness of around 400 CISOs and senior security leaders at organizations with more than 500 employees.
Today, we released one of the few definitive reports on cyber crisis preparedness. Compiled alongside Ostermann Research, it taps into the collective consciousness of around 400 CISOs and senior security leaders at organizations with more than 500 employees.
The following piece comes from a discussion with a senior security practitioner at a large global brand hit by a major cyberattack. As media, regulators and commentators scrutinized every move, its cyber crisis response played out in real time in front of a global audience. The interviewee agreed to share their story in the hope it would help shape other companies’ responses to such situations.
After taking part in the launch of the Cyber Crisis Simulator, Phil Venables of Goldman Sachs shares his thoughts on why incident response should focus on human capabilities – not on playbooks.
Hollywood loves a good hacking scene. Supercomputers, neon strings of […]
Mental health has weighed on our minds for as long […]
Everyone remembers being a teenager and having to choose between […]
At the end of a long week hunting threats and creating labs, Director of Cyber Threat Research, Kev Breen, was looking forward to a quiet weekend. But these things always seem to happen on a Friday afternoon, don’t they?
In a week-long online competition, a collaborative effort between KPMG New Zealand and Immersive Labs, 400 people from 169 NZ organizations pitted their skills against each other through their browsers on 750-plus knowledge based capture-the-flag style challenges.
Over the last few decades, the concept of malware has [...]
One of the biggest problems in cybersecurity today is [...]
Recording the new Immersive Labs podcast gives us a chance to […]
Sean Wright, Lead Application Security SME at Immersive Labs, takes a look at the lessons to be learned in Apple's near miss...
Having taken a look at CVE-2020-19781, our very own Director of Cyber Threat Research, Kev Breen, got to thinking: when is a security vulnerability not a vulnerability?
Enterprises now handle so much information in such varied [...]
The Certified Information Systems Security Professional (CISSP) certification is a [...]
Three years ago this week, WannaCry shook the world. The [...]
Hackers are targeting SaltStack systems following security firm F-Secure’s discovery [...]
The software SaltStack is a commercial, open source management [...]
Every year organizations buy overpriced cyber courses that occur in [...]
One of the core values Immersive Labs stands by is [...]
Covid-19 has forced businesses around the world into remote working, [...]
Cybersecurity training has entwined with certification over the years, but [...]
Ransomware attacks happen when threat actors prevent organizations or individuals [...]
Source: https://www.businessinsider.com/coronavirus-email-scam-covid-19-phishing-false-information-who-cdc-2020-2?r=US&IR=T#check-the-senders-email-domain-and-see-if-it-matches-the-website-of-the-organization-they-say-they-work-for-then-check-the-urls-included-in-the-email-1 Open source platforms, although extremely useful and popular, [...]
Unfortunately, coronavirus doesn’t seem to be going away any [...]
In a series of blogs, we’ll be using NIST’s [...]
Chief Information Security Officers (CISOs) currently average just 18 to [...]
In a series of blogs, we’ll be using NIST’s [...]
In a series of blogs, we’ll be using NIST’s [...]
In a series of blogs, we’ll be using NIST’s [...]
On Monday 10th February 2020, the US charged four Chinese [...]
In a series of blogs, we’ll be using NIST’s [...]
US-based software firm Citrix last month released an advisory for [...]
Between 24th and 28th February Immersive Labs is joining cybersecurity [...]
Iran’s cyber capabilities have been subject to intense scrutiny in recent years due to the high political tensions within the region.
Between 12th and 13th February the European Information Security Summit [...]
Travelex recently faced a scenario that every organization dreads: an [...]
Immersive Focus is integral to the growth of Immersive Labs, [...]
We get it. Your inbox is being spammed with [...]
Aviatrix, an enterprise VPN company with customers including Nasa, [...]
Anyone who’s anyone in security is today discussing CVE-2019-1388, a Windows privilege escalation vulnerability that exists in almost every Windows version from Windows 7 (including server versions).
If you're a security professional, you will no doubt [...]
The problem for cybersecurity leaders is not measuring the effectiveness of technology – it is measuring the effectiveness of people.
Security fragmentation is one of the biggest issues facing [...]
If threat actors didn’t innovate, we would have already won.
Cyber threats are no longer confined to Hollywood movies [...]
In May Immersive Labs helped Hiscox drum up excitement around […]
Black Hat is fast approaching and we’re starting to get [...]
Between 21 August and 5 September last year, hackers stole […]
As the need for cyber security talent continues to grow […]
How would you manage the transition of your company’s [...]
Last month news emerged that Iranian-linked hacker group IRIDIUM [...]
If you’ve ever completed a video game you might [...]
In professional team sports, coaches rarely experiment with every player at their disposal – even when they face an on-field dilemma.
Cyber talent is expensive. In the UK, security analysts [...]
Immersive Labs is proud to announce that our developer manager, Jaycee Cheong went from tech ambassador to role model last night (08 May 2019), by being included on Makers’ Women in Software Powerlist.
The way we learn is changing. Digital solutions that accommodate (and even respond to) individual needs are finally ousting traditional training methods.
If you’ve seen even a handful of films on the [...]
Immersive Labs is delighted to be exhibiting at the government’s [...]
Every year tens of thousands of security enthusiasts swarm [...]
Cybersecurity is increasingly making headlines, so why do UK boards still lack awareness?
CompTIA and Immersive Labs are challenging cybersecurity professionals in the US and UK to test their penetration testing skills this month.
When did you last use SMS for two-factor authentication [...]
Immersive Labs will be exhibiting at the Cloud and Cyber [...]
Read Ben McCarthy's analysis of Quasar RAT
In the third quarter of 2018 alone, new malware samples [...]
How many times have you endured a dry-as-dust PowerPoint [...]
Winter is coming – and so is increased cyber fraud [...]