Global Threat Report 2024: Deswegen haben Angreifer Erfolg

Relatively speaking, the grundlegende Sicherheitse-instellungen can be slightly assessed by Elastic’s Global Threat Report 2024. Standard offensive security tools and uncomplicated configuration of cloud solutions buy some Schwachstellen.

The new Global Threat Report 2024 from Elastic said about all possible developments in the area of ​​​​fear on: offensive Security Tools (OSTs) – Test tools, which their proactive identification of Security Lücken-entwickelt -, incorrect configuration of Cloud-based solutions for a zunehmende Fokussierung on the Zugang zu Reporting information. Before the recent news, Elastic Security Labs became more like a billion data points.

Auswertung von een Milliarde Datenpunkten

🔎 The Global Threat Report 2024 by Elastic says, where threats will come from (Image: Elastic).

“The knowledge of the Elastic Global Threat Report 2024 is the highest rated report, which is still available for viewing: the technology of the technology functionality. Unsere Untersuchung said about a defense evasion as a project in the future to Vorjahr,” says Thorben Jändling, Principal Solutions Architect at the Global Security Specialist Group at Elastic. „Angreifer konzentrieren ich verstärkt darauf, Securitytools zu missbrauchen and legitimate registration information about sammeln, um your Soul zu erreichen. If you have a problem, it is important that you keep the security functions and guidelines of your life under control.”

The most important facts from the report

Angreifer nuts Standard tools from security experts

• Offensive Security Tools (OSTs), simple Cobalt Strike and Metasploit, powers etwa 54 Prozent der beobachteten Malware warnings
• Cobalt Strike was responsible for 27 Prozent der Malware-Angriffe

Angreifer has Erfolg, weil Unternehmen Cloud-Umgebungen mangelhaft configurations

• Fast 47 Prozent der Microsoft Azure-Fehler were verbunden mit Fehlkonfigurationen von Speicherkonten
• Quickly 44 options for switching and removing Google Cloud users, which are performed by BigQuery – including a few changes, for processing changes
• 30 Prozent der Ausfälle bei Amazon Web Services (AWS) were op S3-Prüfungen zurückzuführen – especially with a successful Multifaktor-Authentifizierung (MFA), which has been implemented by Security Teams

🔎 The Global Threat Report 2024 includes Endpoints and Changes (Bild: Elastic).

Statt auf Defense Evasion setzen Angreifer zunehmend auf other Ansätze – zum Beispiel darauf, legitimate announcements are erhalten, an unerkannt zu bleiben

• Credential Access Power approx. 23 Prozent aller Cloud-Verhaltensweisen aus, mainsächlich in Microsoft Azure environment
• Brute-Force Techniques are a fast way to produce products in Microsoft Azure 35 Prozent all techniques.
• Where Endpoint versions were a trio of Prozent alle Verhaltensweisen in Linux ausmachten, 89 Prozent davon Brute-Force-Angriffe.
• The Zahl der Defense Evasion Verhaltensmuster has been around for years now.

“As a global platform that has served more than 200 million people, it is the best that the most trusted visual communication platform offers for our global community. The Elastic Global Threat Report is a large-scale tool that enables real action recovery through fear-mongering analysis,” said Raymond Schippers, Director of Security Engineering for Detection and Response at Canva.

Entscheidend ist, the most important technology in the Cloud has been strengthened. When I look at other messages, the full names are displayed, a diamond model from Elastic a schnellen, detailed Einblick in the Bewegungen der Angreifer and helfen uns, the game is a Schritt voraus zu sein“.

Background to the report

The Elastic Global Threat Report 2024 will be evaluated quickly, while the confusing categories have been removed. Analysis with the Elastic Search AI platform, Elastic Telemetry data, open data and data were voluntarily offered by Drittanbiten to an Elastic Security Labs, a bedrohungen aufzudecken. These beobachtungen became more than a million data points of the month they summarize. All information could lead to the identification of the requirements of your protection.

More at Elastic.co

Über-elastic
Elastic is a functional platform for such basic solutions. Elastic is just a date, but one of the answers is not true. With the Elasticsearch platform you can find the answers, which or more are useful – in real time and a number of data components, so more that you may. Elastic fun complete, cloud-based and AI-enabled solutions for Enterprise Security, Observability and the like on the basis of the Elasticsearch platform, an Entwicklungsplattform, die bereits van Tausenden of Unternehmen will also use 50% of the “Fortune 500”-Unternehmen.

Suitable articles for the theme