CVE Series: Follina (CVE-2022-30190)
The Follina exploit (CVE-2022-30190) is a Windows Remote Code Execution (RCE) vulnerability that could allow a threat actor to acquire an initial level of access after a successful phishing attack. Take our course to gain the skills you need to identify the vulnerability, detect it, and mitigate it (with current best knowledge).
2.1Root Cause and Detection
Who should take this course?
This course is for seasoned offensive security professionals, SOC analysts, and Windows system administrators who want to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.
What are the prerequisites for this course?
You should have functional knowledge of Windows as an operating system, unique URI schemes, and scripting languages like powershell.
Why should I take this course?
Microsoft released a security bulletin defining the Follina vulnerability on May 30th, 2022, with a base CVSS score of 7.8. This vulnerability is rated as “High” due to the ability of attackers to execute remote code on a system, install programs, modify data, or create new accounts in the context allowed by the user’s rights. This variation has made the attack very enticing for Advanced Persistent Threat actors (APTs) and cyber criminal organizations because detections are more immature and thus the potential for impacting organizations more easily is greater.
What makes this course different from other courses on similar topics?
By the end of this course, you should be able to:
- Explain what the “Follina Exploit” is and which CVE is associated with the vulnerability.
- Describe the root cause of the vulnerability.
- Perform exploitation of the vulnerability with publicly available exploit code.
- Identify how to detect the vulnerability as well as mitigate it.
Your instructor, Matt Mullins, is a seasoned professional in offensive security with over a decade of experience where he has worked in medical, financial, and government spaces. Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security.
Why should I take this course on Cybrary and not somewhere else?
Our Follina vulnerability (CVE-2022-30190)course enables you to learn from the foremost experts in the field and ensures your readiness to recognize and mitigate this CVE. Defenders will know how to protect their organization against this vulnerability. Offensive teams will be able to exploit this vulnerability. Our on-demand format affords you the flexibility to learn at your own pace.
Complete this entire course to earn a CVE Series: Follina (CVE-2022-30190) Certificate of Completion