About Us

Laser Focus World is an industry bedrock—first published in 1965 and still going strong. We publish original articles about cutting-edge advances in lasers, optics, photonics, sensors, and quantum technologies, as well as test and measurement, and the shift currently underway to usher in the photonic integrated circuits, optical interconnects, and copackaged electronics and photonics to deliver the speed and efficiency essential for data centers of the future.

Our 80,000 qualified print subscribers—and 130,000 12-month engaged online audience—trust us to dive in and provide original journalism you won’t find elsewhere covering key emerging areas such as laser-driven inertial confinement fusion, lasers in space, integrated photonics, chipscale lasers, LiDAR, metasurfaces, high-energy laser weaponry, photonic crystals, and quantum computing/sensors/communications. We cover the innovations driving these markets.

Laser Focus World is part of Endeavor Business Media, a division of EndeavorB2B.

Laser Focus World Membership

Never miss any articles, videos, podcasts, or webinars by signing up for membership access to Laser Focus World online. You can manage your preferences all in one place—and provide our editorial team with your valued feedback.

Magazine Subscription

Can you subscribe to receive our print issue for free? Yes, you sure can!

Newsletter Subscription

Laser Focus World newsletter subscription is free to qualified professionals:

The Daily Beam

Showcases the newest content from Laser Focus World, including photonics- and optics-based applications, components, research, and trends. (Daily)

Product Watch

The latest in products within the photonics industry. (9x per year)

Bio & Life Sciences Product Watch

The latest in products within the biophotonics industry. (4x per year)

Laser Processing Product Watch

The latest in products within the laser processing industry. (3x per year)

Get Published!

If you’d like to write an article for us, reach out with a short pitch to Sally Cole Johnson: [email protected]. We love to hear from you.

Photonics Hot List

Laser Focus World produces a video newscast that gives a peek into what’s happening in the world of photonics.

Following the Photons: A Photonics Podcast

Following the Photons: A Photonics Podcast dives deep into the fascinating world of photonics. Our weekly episodes feature interviews and discussions with industry and research experts, providing valuable perspectives on the issues, technologies, and trends shaping the photonics community.

Social Media

BlueskyFacebookInstagram LinkedIn • YouTube

Meet the Laser Focus World Team

Editorial

Sales

Editorial Advisory Board

  • Professor Andrea M. Armani, University of Southern California
  • Ruti Ben-Shlomi, Ph.D., LightSolver
  • James Butler, Ph.D., Hamamatsu
  • Natalie Fardian-Melamed, Ph.D., Columbia University
  • Justin Sigley, Ph.D., AmeriCOM
  • Professor Birgit Stiller, Max Planck Institute for the Science of Light, and Leibniz University of Hannover
  • Professor Stephen Sweeney, University of Glasgow
  • Mohan Wang, Ph.D., University of Oxford
  • Professor Xuchen Wang, Harbin Engineering University
  • Professor Stefan Witte, Delft University of Technology
My Watchlist
Indicators
Industrial Laser Index
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Elastic Global Threat Report Reveals Nearly 33% of Cyberattacks in the Cloud Leverage Credential Access

By: via Business Wire

Adversary success in identity theft indicates default cloud security controls are ineffective at preventing attacks

  • Human error poses the greatest risk to cloud security as users overestimate the security of their cloud deployments
    • Of the 33% of attacks in the cloud leveraging credential access, nearly 41% of alerts represented attempts to steal application access tokens versus other credentialed materials.
  • Commercial software designed to help security teams is being used by threat actors to evade those same teams
    • CobaltStrike was the most widespread malicious binary or payload for Windows endpoints accounting for nearly 35% of all detections.
  • Endpoint attacks are becoming more diverse in efforts to bypass defenses
    • A combined 74% of all defense evasion techniques consisted of masquerading (44%) and system binary proxy execution (30%)—methods that adversaries use to make artifacts appear legitimate or trusted—indicating that in addition to bypassing security instrumentation, defense evasion techniques also bypass visibility, resulting in longer dwell times for threats.

Elastic (NYSE: ESTC), the company behind Elasticsearch, today released the 2022 Elastic Global Threat Report, detailing the evolving nature of cybersecurity threats, as well as the increased sophistication of cloud and endpoint-related attacks.

The identified trends provide organizations with the operational intelligence needed to fortify their security technology and the strategies required to observe and protect mission-critical business systems against cyber threats. This report is produced by Elastic Security Labs, the company’s threat research, malware analysis, and detection engineering team, and compiled using telemetry from worldwide deployments of Elastic Security from August 2021 to August 2022.

Key trends covered in the report include:

Human error poses the greatest risk to cloud security as users overestimate the security of their cloud deployments

Nearly 1 in 3 (33%) attacks in the cloud leverage credential access, indicating that users often overestimate the security of their cloud environments and consequently fail to configure and protect them adequately.

Additional key cloud security findings:

  • Nearly 57% of cloud security telemetry came from AWS, followed by 22% for Google Cloud and 21% for Azure.
    • AWS: More than 74% of alerts related to credential access, initial access, and persistence tactics, with nearly 57% of techniques related to attempted application access token theft—one of the most common forms of credential theft in the cloud.
    • Google Cloud: Nearly 54% of alerts related to service account abuses, with 52% of techniques leveraging account manipulation and indicating that service account compromise remains rampant when default account credentials aren’t changed.
    • Microsoft Azure: More than 96% of alerts related to authentication events, with 57% of authentication events attempting to retrieve OAUTH2 tokens.
  • 58% of initial access attempts used a combination of traditional brute-force attempts and previously-compromised password spraying.

Commercial software designed to help security teams is being used by threat actors to evade those same teams

While commercial adversary simulation software such as CobaltStrike is helpful to many teams’ defense of their environments, it is also being used as a malicious tool for mass-malware implants. Elastic Security Labs found that CobaltStrike was the most widespread malicious binary or payload for Windows endpoints accounting for nearly 35% of all detections, followed by AgentTesla at 25% and RedLineStealer at 10%.

Additional key malware findings:

  • More than 54% of all global malware infections were detected on Windows endpoints, while more than 39% were on Linux endpoints.
  • Nearly 81% of malware observed globally are trojan-based, followed by cryptominers at 11%.
  • MacKeeper ranked as the highest threat for macOS at nearly 48% of all detections, with XCSSet in the second-place position at nearly 17%.

Endpoint attacks are becoming more diverse in efforts to bypass defenses

More than 50 endpoint infiltration techniques are being utilized by threat actors, suggesting that endpoint security is working well, as its sophistication requires threat actors to continually find new or novel methods of attack to be successful.

Three MITRE ATT&CK® tactics represented 66% of all endpoint infiltration techniques:

  • A combined 74% of all defense evasion techniques consisted of masquerading (44%) and system binary proxy execution (30%). This indicates that in addition to bypassing security instrumentation, defense evasion techniques also bypass visibility, resulting in longer dwell times for threats.
  • 59% of execution techniques related to command and native scripting interpreters, followed by 40% attributed to Windows Management Instrumentation abuses, indicating that adversaries abuse PowerShell, Windows Script Host, and Windows shortcut files to execute commands, scripts, or binaries.
  • Nearly 77% of all credential access techniques are attributed to OS credential dumping with commonly known utilities. This follows the trend of adversaries relying on valid accounts to draw less suspicion of administrators in hybrid-based deployment environments between on-premise hosting and Cloud Service Providers.

While credential access techniques have long been a priority for attackers, adversary investment in defense evasion techniques indicates a reaction to improvements in security technologies that have been impacting their success. When combined with execution techniques, attackers are able to bypass advanced endpoint controls while remaining undetected within organizations’ environments.

Supporting Quotes:

  • “To effectively prevent cybersecurity threats, organizations need more than just great security software—they need a program that extends to shared insights and best practices and a community focused on security data intelligence to extend the value of that product for customers,” said Ken Exner, Chief Product Officer, Elastic. “The 2022 Elastic Global Threat Report is an important part of our holistic security program offering, and we are excited to share our visibility, capability, and expertise with the broader community.”

View the full findings of the 2022 Elastic Global Threat Report and read the blog.

About Elastic:

Elastic (NYSE: ESTC) is a leading platform for search-powered solutions. We help organizations, their employees, and their customers accelerate the results that matter. With solutions in Enterprise Search, Observability, and Security, we enhance customer and employee search experiences, keep mission-critical applications running smoothly, and protect against cyber threats. Delivered wherever data lives, in one cloud, across multiple clouds, or on-premise, Elastic enables 19,000+ customers and more than half of the Fortune 500, to achieve new levels of success at scale and on a single platform. Learn more at elastic.co.

Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.

Contacts

More News

View More
Datavault AI: The New AI Contender Backed by Big Funding
Via MarketBeat
Topics Artificial Intelligence
Tickers DVLT IBM SCLX
CoreWeave: Why the New King of AI Infrastructure Has Room to Run
Via MarketBeat
Topics Artificial Intelligence
Tickers CORZ CRWV META NVDA
Top 3 Dividend Achievers for October: High Yields, Growth Ahead
Via MarketBeat
Topics Artificial Intelligence World Trade
Tickers FDX PFE UPS VZ
Etsy Partners With OpenAI—What It Means for Investors Now
Via MarketBeat
Topics Artificial Intelligence
Tickers ETSY
3 Solid Consumer Brands Offering Stability in Volatile Markets
Via MarketBeat
Topics Economy
Tickers AOUT JAKK KO PG SN
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.