NSA, CISA, FBI, & NCSC | Russian GRU Global Brute Force Campaign

This is quite a scary advisory from the combined intelligence services in the USA and UK (NSA, CISA, FBI, & NCSC). I suggest you read the whole document then look for IoCs in your own network. A good place to start is in your own logs. If you have any threat intel feeds / private threat intelligence services (hint: we sell these) see if any of the following IP addresses show up…:

 158.58.173[.]40  185.141.63[.]47  185.233.185[.]21  188.214.30[.]76  195.154.250[.]89
 93.115.28[.]161  95.141.36[.]180  77.83.247[.]81
 192.145.125[.]42  193.29.187[.]60

Original article