Today we have a brand new set of labs related to CVE-2024-1086 (Linux nf_tables Privilege Escalation)
On Thursday, the 30th of May 2024, CISA added a use-after-free Linux Kernel vulnerability to their catalogue. When this vulnerability is exploited, which involves exploiting the firewall backend nt_tables, the attack can achieve local privilege escalation.
We've broken this vulnerability down into a collection of 4 labs each designed to help you understand and deal with a different element of the threat.
1/ Offensive
In this lab, you'll get hands-on with the offensive side of this vulnerability to achieve code execution.
Who's it for?
- Penetration Testers
- Red Teamers
- Incident Responders
- Threat Hunters
2/ Elastic Analysis – Defensive
In this lab, you'll get hands-on with the offensive side of this vulnerability to achieve code execution.
Who's it for?
- SOC Analysts
- Incident Responders
- Threat Hunters
3/ Splunk Analysis – Defensive
In this lab, you'll get hands-on with the offensive side of this vulnerability to achieve code execution.
Who's it for?
- SOC Analysts
- Incident Responders
- Threat Hunters
4/ Microsoft Sentinel Analysis – Defensive
In this lab, you'll need to identify indicators of compromise using Microsoft Sentinel, reviewing logs to identify the attack flow.
Who's it for?
- SOC Analysts
- Incident Responders
- Threat Hunters
Only available to Cyber Pro licenced users.
Immerser