What did we discover about the world’s cyber workforce capabilities? Dive into the data with us to find out. Read More

Immersive Labs Logo

Is Your Org Doing Enough to Prevent a Cybersecurity Breach? (Our research says ‘maybe not’!)

In our latest blog post, learn the human capabilities needed to respond, contain, and recover from the inevitable subset of cybersecurity breach attempts that succeed.

By |2022-06-24T16:51:27+00:00June 22, 2022|Uncategorized|0 Comments

Patch Newsday June – No new active threats but warnings for SharePoint users, incoming Autopatch rollout, Follina zero-day fixed

A fairly quiet Patch Tuesday this month but still [...]

By |2022-06-17T15:49:06+00:00June 15, 2022|Uncategorized|0 Comments

Patch Newsday May – NTLM relays, RDP again and the ongoing specter of Print Spooler

Security admins need to watch out for several vulnerabilities in [...]

By |2022-05-25T19:10:58+00:00May 13, 2022|Uncategorized|Comments Off on Patch Newsday May – NTLM relays, RDP again and the ongoing specter of Print Spooler

McLaren’s vision for optimizing its cyber workforce with Immersive Labs

We caught up with Ed Green, Head of Commercial Technology at McLaren, to discover his vision for optimizing the cyber workforce of the entire business.

By |2022-05-23T19:22:08+00:00January 27, 2022|Uncategorized|Comments Off on McLaren’s vision for optimizing its cyber workforce with Immersive Labs

Patch Newsday: 12 October 2021 – Spooky Spooler and Sinister Scores

Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.

By |2022-05-23T19:22:53+00:00October 13, 2021|Uncategorized|Comments Off on Patch Newsday: 12 October 2021 – Spooky Spooler and Sinister Scores

Building cyber resilience for the Financial Services sector with breadth and at scale

Today, we are proud to announce an initiative with the […]

By |2021-10-04T09:10:36+00:00October 4, 2021|Uncategorized|Comments Off on Building cyber resilience for the Financial Services sector with breadth and at scale

Patch Newsday: 14 September 2021 – Lousy Browsers and Arsey RCEs

Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.

By |2022-05-23T19:25:46+00:00September 15, 2021|Uncategorized|Comments Off on Patch Newsday: 14 September 2021 – Lousy Browsers and Arsey RCEs

Take the power back: Tool-up against a notorious global threat group with our new FIN7 series

Earlier this year, a hacker found guilty for his ‘high-level’ involvement in a series of financially motivated cyberattacks received a ten-year jail sentence in Seattle.

By |2022-05-23T19:26:10+00:00September 13, 2021|Uncategorized|Comments Off on Take the power back: Tool-up against a notorious global threat group with our new FIN7 series

Patch Newsday 10 August: Ironic exploitation and the spectre of PrintNightmare

Kev Breen, Director of Cyber Threat Research, weighs in with his thoughts on this month's Patch Tuesday.

By |2022-05-23T19:26:20+00:00August 10, 2021|Uncategorized|Comments Off on Patch Newsday 10 August: Ironic exploitation and the spectre of PrintNightmare

An investment into the cyber skilled workforce of the future

Immersive Labs is today announcing a Series C investment of $75m with Insight Partners, Menlo Ventures, Citi Ventures and existing investor Goldman Sachs. James Hadley, CEO and Founder, shares his plans for the future of the platform.

By |2021-06-11T12:27:49+00:00June 11, 2021|Uncategorized|Comments Off on An investment into the cyber skilled workforce of the future

Frustrations of an AppSec Engineer Part 1: Collaboration, Collaboration, Collaboration

In collaboration with Osterman Research, we recently embarked on a […]

By |2021-05-13T11:31:21+00:00May 13, 2021|Uncategorized|Comments Off on Frustrations of an AppSec Engineer Part 1: Collaboration, Collaboration, Collaboration

It’s not all CorrectHorseBatteryStaple: How to power up your passwords in 2021

For World Password Day 2021, Kev Breen, our Director of Cyber Threat Research, weighs in with his advice on keeping your passwords safe.

By |2021-05-06T08:35:57+00:00May 6, 2021|Uncategorized|Comments Off on It’s not all CorrectHorseBatteryStaple: How to power up your passwords in 2021

Play along with our new crisis scenario – Insider Threat: Pharma Drama!

Join one of our upcoming webinars to play through our exciting new pharma crisis scenario.

By |2022-05-23T19:29:20+00:00March 31, 2021|Uncategorized|Comments Off on Play along with our new crisis scenario – Insider Threat: Pharma Drama!

Why so salty? Local privilege escalation on SaltStack minions

Mat Rollings, Vulnerable App Developer at Immersive Labs, has uncovered a command injection vulnerability in SaltStack's Salt programme.

By |2022-05-23T19:30:57+00:00February 26, 2021|Uncategorized|Comments Off on Why so salty? Local privilege escalation on SaltStack minions

Diverse organizations build high-performing crisis response teams. Here’s how.

Global diversity is having a moment – and rightly so. […]

By |2021-02-24T09:41:38+00:00February 24, 2021|Uncategorized|Comments Off on Diverse organizations build high-performing crisis response teams. Here’s how.

The digitalization of kidnap and extortion: a modern business dilemma

Cyberextortion is now rife online – but where did it all begin? And what, if anything, can we learn from physical extortion cases?

By |2022-05-23T19:31:38+00:00February 11, 2021|Uncategorized|Comments Off on The digitalization of kidnap and extortion: a modern business dilemma

Cyber Crisis Simulator: Weathering the storm: public vs private crises

You can’t always anticipate a data breach. What do you do when the unexpected happens at a high-security organization? What if national secrets are now in the hands of your adversaries?

By |2022-05-23T19:36:49+00:00January 27, 2021|Uncategorized|Comments Off on Cyber Crisis Simulator: Weathering the storm: public vs private crises

Cyberattacks are hammering businesses and public sector organizations – but when is it really a crisis?

Before dipping your toes into the considerable waters of cyber crises, you should first understand what a crisis is more broadly. That might sound elementary – it’s just a bad situation right? – but the definition runs deeper than you might think.

By |2022-05-23T19:41:11+00:00January 18, 2021|Uncategorized|Comments Off on Cyberattacks are hammering businesses and public sector organizations – but when is it really a crisis?

Cyber Crisis Simulator: ransomware cripples major energy supplier – live it and learn

Immersive Labs’ Cyber Crisis Simulator is an online solution that drops defenders and decision makers into real-time cyber crises. The system challenges teams to make critical decisions when dealing with emerging incidents such as ransomware outbreaks, insider threats, data breaches, and spear-phishing attacks.

By |2022-05-23T19:40:53+00:00January 6, 2021|Uncategorized|0 Comments

The Psychology of Cyber: Understanding cognitive agility as a fix for the ‘wicked problem’ of cyber crises

By |2022-05-23T19:37:39+00:00November 16, 2020|Uncategorized|Comments Off on The Psychology of Cyber: Understanding cognitive agility as a fix for the ‘wicked problem’ of cyber crises

Upcoming Anatomy of a Hack: Hands-on Red Teaming with the “Zerologon” Vulnerability

Randy Franklin Smith of Ultimate Windows Security will discuss the details around the vulnerability, how it works, and what’s at risk. Not only that but our own Director of Cyber Threat Research, Kev Breen, will be totally hands-on and demonstrate how to use this attack in red teaming using the Immersive Labs platform.

By |2022-05-23T19:38:48+00:00October 28, 2020|Uncategorized|Comments Off on Upcoming Anatomy of a Hack: Hands-on Red Teaming with the “Zerologon” Vulnerability

The more the merrier: four ways to build a more diverse cybersecurity team

The cybersecurity landscape is, traditionally, not very diverse. There. We […]

By |2020-09-30T14:18:19+00:00September 30, 2020|Uncategorized|Comments Off on The more the merrier: four ways to build a more diverse cybersecurity team

The key element in your cybersecurity strategy isn’t process, tech or data – it’s people

Anyone who has formulated an organizational plan knows that [...]

By |2022-05-19T12:12:17+00:00September 7, 2020|Uncategorized|Comments Off on The key element in your cybersecurity strategy isn’t process, tech or data – it’s people

The five types of insider threats – and how to tackle them

In light of Anthony Levandowski's sentencing, we take a look at the five types of insider threats – and how you can tackle them in your own organization.

By |2022-05-23T20:34:59+00:00August 20, 2020|Uncategorized|Comments Off on The five types of insider threats – and how to tackle them

Osterman Research Part 3: Learn and Adapt

We recently released one of the few definitive reports on cyber crisis preparedness. Compiled alongside Ostermann Research, it taps into the collective consciousness of around 400 CISOs and senior security leaders at organizations with more than 500 employees.

By |2022-05-23T20:35:07+00:00August 17, 2020|Uncategorized|Comments Off on Osterman Research Part 3: Learn and Adapt

Osterman Research Part 2: The human element

We recently released one of the few definitive reports on cyber crisis preparedness. Compiled alongside Ostermann Research, it taps into the collective consciousness of around 400 CISOs and senior security leaders at organizations with more than 500 employees.

By |2022-05-23T20:35:13+00:00August 14, 2020|Uncategorized|Comments Off on Osterman Research Part 2: The human element

Osterman Research Part 1: Out of sync with the threat landscape

Today, we released one of the few definitive reports on cyber crisis preparedness. Compiled alongside Ostermann Research, it taps into the collective consciousness of around 400 CISOs and senior security leaders at organizations with more than 500 employees.

By |2022-05-23T20:35:20+00:00August 12, 2020|Uncategorized|Comments Off on Osterman Research Part 1: Out of sync with the threat landscape

Cyber preparedness lessons from the trenches

The following piece comes from a discussion with a senior security practitioner at a large global brand hit by a major cyberattack. As media, regulators and commentators scrutinized every move, its cyber crisis response played out in real time in front of a global audience. The interviewee agreed to share their story in the hope it would help shape other companies’ responses to such situations.

By |2022-05-23T20:35:38+00:00July 30, 2020|Uncategorized|Comments Off on Cyber preparedness lessons from the trenches

Less stress, more success: how psychological safety affects your team’s performance

Mental health has weighed on our minds for as long […]

By |2020-07-21T12:29:34+00:00July 21, 2020|Uncategorized|Comments Off on Less stress, more success: how psychological safety affects your team’s performance

Powering Cyber Skills with KPMG

In a week-long online competition, a collaborative effort between KPMG New Zealand and Immersive Labs, 400 people from 169 NZ organizations pitted their skills against each other through their browsers on 750-plus knowledge based capture-the-flag style challenges.

By |2020-07-10T11:01:09+00:00July 10, 2020|Uncategorized|Comments Off on Powering Cyber Skills with KPMG

When is a security vulnerability not a vulnerability?

Having taken a look at CVE-2020-19781, our very own Director of Cyber Threat Research, Kev Breen, got to thinking: when is a security vulnerability not a vulnerability?

By |2020-06-04T08:54:00+00:00June 4, 2020|Uncategorized|Comments Off on When is a security vulnerability not a vulnerability?

It’s been three years since WannaCry, so we asked our experts – where were you?

Three years ago this week, WannaCry shook the world. The [...]

By |2020-05-15T09:34:34+00:00May 15, 2020|Uncategorized|Comments Off on It’s been three years since WannaCry, so we asked our experts – where were you?

When a cyberattack hits you need a prepared security team – not certificates

Cybersecurity training has entwined with certification over the years, but [...]

By |2020-04-23T12:02:33+00:00April 23, 2020|Uncategorized|Comments Off on When a cyberattack hits you need a prepared security team – not certificates

CVE-2020-10560 – OSSN Arbitrary File Read

Source: https://www.businessinsider.com/coronavirus-email-scam-covid-19-phishing-false-information-who-cdc-2020-2?r=US&IR=T#check-the-senders-email-domain-and-see-if-it-matches-the-website-of-the-organization-they-say-they-work-for-then-check-the-urls-included-in-the-email-1 Open source platforms, although extremely useful and popular, [...]

By |2020-04-16T12:46:29+00:00April 16, 2020|Uncategorized|Comments Off on CVE-2020-10560 – OSSN Arbitrary File Read

The tech behind the headlines: Iran’s cyber capability explained

Iran’s cyber capabilities have been subject to intense scrutiny in recent years due to the high political tensions within the region.

By |2022-05-23T20:43:21+00:00January 13, 2020|Uncategorized|Comments Off on The tech behind the headlines: Iran’s cyber capability explained

Everyone’s discussing the new Windows UAC vuln – and you can explore it for FREE!

Anyone who’s anyone in security is today discussing CVE-2019-1388, a Windows privilege escalation vulnerability that exists in almost every Windows version from Windows 7 (including server versions).

By |2022-05-23T20:43:59+00:00November 20, 2019|Uncategorized|Comments Off on Everyone’s discussing the new Windows UAC vuln – and you can explore it for FREE!

Measuring the effectiveness of your security tech is easy – but what about your people?

The problem for cybersecurity leaders is not measuring the effectiveness of technology – it is measuring the effectiveness of people.

By |2022-05-23T20:44:35+00:00September 17, 2019|Uncategorized|Comments Off on Measuring the effectiveness of your security tech is easy – but what about your people?

Hackers have first-move advantage – that’s why defenders should learn like they do

If threat actors didn’t innovate, we would have already won.

By |2019-08-06T14:56:26+00:00August 6, 2019|Uncategorized|Comments Off on Hackers have first-move advantage – that’s why defenders should learn like they do

Powered by Immersive Labs: Bringing Hiscox’s ‘Crack the Cube’ event to life through gamification

In May Immersive Labs helped Hiscox drum up excitement around […]

By |2019-07-29T15:20:38+00:00July 29, 2019|Uncategorized|Comments Off on Powered by Immersive Labs: Bringing Hiscox’s ‘Crack the Cube’ event to life through gamification

How the ICO’s £183m BA fine should focus businesses on sharpening cyber skills at speed

Between 21 August and 5 September last year, hackers stole […]

By |2019-07-10T16:25:15+00:00July 10, 2019|Uncategorized|Comments Off on How the ICO’s £183m BA fine should focus businesses on sharpening cyber skills at speed

Finding hidden cyber talent in your organisation: A recruitment solution

In professional team sports, coaches rarely experiment with every player at their disposal – even when they face an on-field dilemma.

By |2019-05-16T14:47:27+00:00May 16, 2019|Uncategorized|Comments Off on Finding hidden cyber talent in your organisation: A recruitment solution

Immersive Labs’ Developer Manager makes Top 30 Women in Software

Immersive Labs is proud to announce that our developer manager, Jaycee Cheong went from tech ambassador to role model last night (08 May 2019), by being included on Makers’ Women in Software Powerlist.

By |2022-05-23T20:46:19+00:00April 22, 2019|Uncategorized|Comments Off on Immersive Labs’ Developer Manager makes Top 30 Women in Software

In our on-demand world, why is cyber skills development still so rigid?

The way we learn is changing. Digital solutions that accommodate (and even respond to) individual needs are finally ousting traditional training methods.

By |2022-05-23T20:46:26+00:00April 2, 2019|Uncategorized|Comments Off on In our on-demand world, why is cyber skills development still so rigid?