NSA and its US and British partners (the UK's NCSC and the US FBI and CISA) late this morning released an advisory detailing a Russian campaign ("almost certainly ongoing") to brute-force access to cloud and enterprise environments. The campaign is global in scope, NSA says, but focused on American and European targets.
Sectors being prospected for collection or disruption amount to a familiar list: "government and military, defense contractors, energy companies, higher education, logistics companies, law firms, media companies, political consultants or political parties, and think tanks."
Attribution is specific: the threat actor is the GRU's 85th Main Special Service Center (GTsSS). While brute-forcing isn't new, the GTsSS's approach is, having "uniquely leveraged software containers to easily scale its brute force attempts." Here is the link to the NSA press room: https://www.nsa.gov/news-features/press-room/Article/2677750/nsa-partners-release-cybersecurity-advisory-on-brute-force-global-cyber-campaign/
Tip 'o The Hat to The CyberWire.