Embed Notice

There is a reoccurring Tactic, Technique, and Procedure (TTP) that threat actors have been demonstrating as highly effective.
It was most notably used by Lapsus$ and you can see the behavior Copy+Pasted in the majority of recent attacks:

Opportunistic Compromise of an account -> Pour over generally unrestricted internal docs/wikis/repos -> obtain design details -> use discovered unremeditated creds for informed lateral movement/follow up attacks with more specific deeper objectives/targets.