Update the definition of "action.hacking.variety.Use of stolen creds" to include "includes use of default creds".
We have always treated it this way. The only distinction for use of creds is when they are brute forced on the victim system, however the definition doesn't explicitly state it.
Update the definition of "action.hacking.variety.Use of stolen creds" to include "includes use of default creds".
We have always treated it this way. The only distinction for use of creds is when they are brute forced on the victim system, however the definition doesn't explicitly state it.