An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by Russian military intelligence since mid-2019, intelligence agencies in the U.K. and U.S. say. The agencies said the attacks primarily focused on government and military, defense contractors, energy companies, higher education, logistics companies, law firms, media companies, and political consultants or political parties. The threat actor is also tracked under various monikers, including APT28 (FireEye Mandiant), Fancy Bear (CrowdStrike), Sofacy (Kaspersky), STRONTIUM (Microsoft), and Iron Twilight.
Source: https://thehackernews.com/2021/07/nsa-fbi-reveal-hacking-methods-used-by.html