Global threats were analyzed in a recent Elastic report. The report focused on security tools, malware attacks and cloud environment security.

The report reveals adversary success from using offensive security tools (OSTs) — testing tools created to proactively identify security flaws — alongside misconfigured cloud environments and a growing emphasis on credential access.

Key findings in the report include:

• Adversaries are utilizing off-the-shelf tools.
• Offensive security tools (OSTs), including Cobalt Strike and Metasploit, made up ~54% of observed malware alerts.
• Cobalt Strike accounted for 27% of malware attacks.
• Enterprises are misconfiguring cloud environments, allowing adversaries to thrive.
• Nearly 47% of Microsoft Azure failures were tied to storage account misconfigurations.
• Nearly 44% of Google Cloud users failed checks coming from BigQuery — specifically, a lack of customer-managed encryption.
• S3 checks accounted for 30% of Amazon Web Services (AWS) failures — specifically a lack of multifactor authentication (MFA) being implemented by security teams.
• In the wake of successful counters for Defense Evasion, attackers are leaning into legitimate credentials to infiltrate.
• Credential Access accounted for ~23% of all cloud behaviors, primarily in Microsoft Azure environments.
• There was a 12% increase in Brute Force techniques — making up nearly 35% of all techniques in Microsoft Azure.
• While endpoint behaviors accounted for ~3% of the total behaviors in Linux, 89% of them involved brute-force attacks.
• There has been a 6% decrease in Defense Evasion behaviors over the last year.

Download the report

https://www.securitymagazine.com/articles/101081-there-was-a-12-increase-in-brute-force-cyberattack-techniques-in-2024