Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
Cisco Talos would like to acknowledge Anna Bennett and Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in brute-fo...
For as long as I can remember, open SSH endpoints have been subject to password scan attacks from random corners of the internet. It’s just how life is.
The moment I install ssh is the moment I install fail2ban.
I was exited to read about the recent surge of brute force attempts I received from IPs my fail2ban has not previously seen, but this is just a generic piece from 6 months ago :(
I found just white listing cidrs from your country the most effective way to reduce this log spam. I only use keys anyway so the attempts are pointless.