Today, we have released two brand new CTI labs which cover the new critical vulnerabilities recently disclosed affecting Palo Alto's Expedition software.
CVE-2024-5910 (Palo Alto Expedition) - Defensive
Identify signs of exploitation in event logs and extract indicators of compromise
CVE-2024-5910 (Palo Alto Expedition) - Offensive
Use publicly available Proof of Concept code to exploit the vulnerabilities gaining access to sensitive data
What is Expedition and Why should you care?
The flaws were found in Palo Alto Networks' Expedition solution, which helps migrate configurations from other Checkpoint, Cisco, or supported vendors. This application can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts significantly impacting the security of an organisations network. These labs provide steps to identify any potential signs of exploitation and detail how the exploit functions.
Who is it for?
- Incident responders
- SOC analyst
- CTI Analysts
- Threat Hunters
- Red Teams
- Pen testers
- Offensive Security professionals
Complete CVE-2024-5910 (Palo Alto Expedition) - Defensive here
Complete CVE-2024-5910 (Palo Alto Expedition) - Offensive here
Updated 9 months ago
Version 1.0KevBreen
Immerser
Joined June 17, 2024
The Human Connection Blog
Learn from our passionate experts on a wide range of subjects from Cyber Threat Research to maximizing value with Immersive, plus, hear from our outstanding customers who are keen to share their experiences.