Sign up to save your podcasts
Or
Share The Factory: How a Lazarus-Attributed Credential Pipeline Collected Its Own Operators
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Factory: How a Lazarus-Attributed Credential Pipeline Collected Its Own Operators
Episode 3 focuses on the operator side of the campaign:
- why the collection pipeline did not distinguish between targets and operators;
- how operator workstations appeared in material collected by the campaign;
- how those workstations exposed social-engineering workflow, persona infrastructure, testing behavior, provisioning activity, and command structure;
- why OtterCookie should be understood as a post-access occupation tool;
- what defenders can learn from the factory model without needing access to sensitive data.
View all episodes
By Red AsgardEpisode 3 focuses on the operator side of the campaign:
- why the collection pipeline did not distinguish between targets and operators;
- how operator workstations appeared in material collected by the campaign;
- how those workstations exposed social-engineering workflow, persona infrastructure, testing behavior, provisioning activity, and command structure;
- why OtterCookie should be understood as a post-access occupation tool;
- what defenders can learn from the factory model without needing access to sensitive data.