That wasn't a zero-click infection attempt. You had to actually click on the link to get infected. This could happen on any service that allows you to send links.
Sure. But the list of projects is for 1 Azure Devops organization and the list appear to be in alphabetical order and showing B to C. Also it looks a bit like the logged on user only has access to one of the projects (at least it's only showing icons for one of them).
Once a threat actor has access to internal, less hardened systems, it is a matter of time until they have access to everything. In this case it’s a matter of privilege escalation at best and RCE at worst, no lateral movement required unless it’s easier to escalate directly in the IdP system or as a MitM between the IdP and the service in the screenshot.
My point was that so far every little information has been shared.
I have no idea what your point is. Also not sure if what you mean by "internal system" here. I can also log on to Azure Devops service (it public), but that doesn't mean I can access windows source code.
From what I've read the Russians said that they didn't use this type of vehicle in that location and it didn't carry their markings. But see my other comment to parent.
No, I think it was kind of a joke to call it Pravda. The guy who started it ended up being decapitated and buried, likely by the government, for uncovering corruption.
Just like how the seat cushion doubles as a flotation maybe arm rests should dispense 8 in knifes. Not much advantage to sneaking a weapon on a plane if everyone else has one too.
