Today, we have released two brand new CTI labs which cover the new critical vulnerabilities recently disclosed affecting Palo Alto's Expedition software.
CVE-2024-5910 (Palo Alto Expedition) - Defensive
Identify signs of exploitation in event logs and extract indicators of compromise
CVE-2024-5910 (Palo Alto Expedition) - Offensive
Use publicly available Proof of Concept code to exploit the vulnerabilities gaining access to sensitive data
What is Expedition and Why should you care?
The flaws were found in Palo Alto Networks' Expedition solution, which helps migrate configurations from other Checkpoint, Cisco, or supported vendors. This application can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts significantly impacting the security of an organisations network. These labs provide steps to identify any potential signs of exploitation and detail how the exploit functions.
Who is it for?
- Incident responders
- SOC analyst
- CTI Analysts
- Threat Hunters
- Red Teams
- Pen testers
- Offensive Security professionals
Complete CVE-2024-5910 (Palo Alto Expedition) - Defensive here
Complete CVE-2024-5910 (Palo Alto Expedition) - Offensive here
Updated 2 months ago
Version 1.0
KevBreen
Immerser
Immerser