Christoffer S.@nopatience@swecyb.com
@cR0w@infosec.exchange Might this be what the folks at GreyNoise picked up reconnaissance wise?
cR0w@cR0w@infosec.exchange
@nopatience@swecyb.com I don't think so. They noted SSL VPN activity specifically. These appear to be in other services. It's possible they were looking for initial access to use one of these to pivot or escalate but that would a reach to assume.