Blog Post

The Human Connection Blog
1 MIN READ

New Cyber Threat Intelligence Lab release!

BenMcCarthy's avatar
BenMcCarthy
Icon for Immerser rankImmerser
5 months ago

Today we have a brand new set of labs related to CVE-2024-1086 (Linux nf_tables Privilege Escalation)

On Thursday, the 30th of May 2024, CISA added a use-after-free Linux Kernel vulnerability to their catalogue. When this vulnerability is exploited, which involves exploiting the firewall backend nt_tables, the attack can achieve local privilege escalation.

We've broken this vulnerability down into a collection of 4 labs each designed to help you understand and deal with a different element of the threat. 
 

1/ Offensive

In this lab, you'll get hands-on with the offensive side of this vulnerability to achieve code execution.

Who's it for?

  • Penetration Testers
  • Red Teamers
  • Incident Responders 
  • Threat Hunters

2/ Elastic Analysis – Defensive

In this lab, you'll get hands-on with the offensive side of this vulnerability to achieve code execution.

Who's it for?

  • SOC Analysts 
  • Incident Responders 
  • Threat Hunters

3/ Splunk Analysis – Defensive

In this lab, you'll get hands-on with the offensive side of this vulnerability to achieve code execution.

Who's it for?

  • SOC Analysts 
  • Incident Responders 
  • Threat Hunters

4/ Microsoft Sentinel Analysis – Defensive

In this lab, you'll need to identify indicators of compromise using Microsoft Sentinel, reviewing logs to identify the attack flow.

Who's it for?

  • SOC Analysts 
  • Incident Responders 
  • Threat Hunters

Only available to Cyber Pro licenced users.

Published 5 months ago
Version 1.0
No CommentsBe the first to comment