Original release date: July 1, 2021
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) have released Joint Cybersecurity Advisory (CSA): Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments.
The CSA provides details on the campaign, which is being conducted by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The campaign uses a Kubernetes® cluster in brute force access attempts against the enterprise and cloud environments of government and private sector targets worldwide. After obtaining credentials via brute force, the GTsSS uses a variety of known vulnerabilities for further network access via remote code execution and lateral movement.
CISA strongly encourages users and administrators to review the Joint CSA for GTSS tactics, techniques, and procedures, as well as mitigation strategies.
This product is provided subject to this Notification and this Privacy & Use policy.
Cisco released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled…
CISA released four Industrial Control Systems (ICS) advisories on October 24, 2024. These advisories provide…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
This website uses cookies.