News
The 2024 Elastic Global Threat Report highlights Security Gaps; Misconfigurations and OSTs fuel Adversary Success
The 2024 Elastic Global Threat Report highlights Security Gaps; Misconfigurations and OSTs fuel Adversary Success
Off-the-shelf offensive security tools (OSTs) and poorly configured cloud environments expose vulnerabilities in organisational defences.
![]()
By
Elets News Network 27-November-2024
Elastic, the Search AI Company (NYSE: ESTC), has unveiled the 2024 Elastic Global Threat Report, crafted by Elastic Security Labs. Drawing insights from over 1 billion data points, the report underscores how adversaries exploit offensive security tools (OSTs) and cloud misconfigurations to infiltrate systems, emphasizing the growing risk of credential theft.
According to Raymond Schippers, Director of Security Engineering for Detection and Response at Canva, the report is invaluable for tracking real-world adversarial activities. He noted, “Elastic’s diamond models offer a fast, in-depth view of adversary movements, empowering our teams to stay ahead.”
Key Findings:
- Rising Use of Offensive Security Tools (OSTs):
- OSTs like Cobalt Strike and Metasploit accounted for ~54% of malware alerts.
- Cobalt Strike alone represented 27% of malware-related activity.
- Cloud Misconfigurations:
- Microsoft Azure: 47% of failures are linked to storage misconfigurations.
- Google Cloud: 44% failed encryption checks for BigQuery.
- AWS: 30% of S3-related failures stemmed from missing multifactor authentication (MFA).
- Credential Access Trends:
- Credential access behaviours: Accounted for 23% of cloud-based activities, especially in Microsoft Azure.
- Brute force attacks: Increased by 12%, comprising 35% of all techniques in Azure.
- Shift in Adversary Tactics:
- Defence Evasion: Declined by 6% from the previous year.
- Adversaries are prioritizing credential gathering over traditional evasion techniques.
Elastic’s Head of Threat and Security Intelligence, Jake King, commented, “The 6% drop in Defense Evasion demonstrates that defender technologies are effective. However, the rise in credential abuse reinforces the need for robust security policies and capabilities.”
Elastic empowers organizations to leverage their data for real-time insights at scale, offering solutions in search, observability, and security. Over 50% of Fortune 500 companies rely on Elastic’s AI-driven platforms.
Be a part of Elets Collaborative Initiatives. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook , connect with us on LinkedIn and follow us on Twitter, Instagram.
"Exciting news! Elets technomedia is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest insights!" Click here!
