The APT28 advanced-threat actor (APT) has been using a Kubernetes cluster in a widespread campaign of password-spraying attacks against hundreds of government and private sector targets worldwide. The attacks have been launched since at least mid-2019 through early 2021 and are almost certainly still ongoing, authorities say. The threat actor has targeted a significant amount of its activity at organizations using Microsoft Office 365 cloud services, authorities warned. The attackers are after the passwords of people who work at sensitive jobs in hundreds of organizations worldwide.
Source: https://threatpost.com/kubernetes-brute-force-attacks-russia-apt28/167518/