indicatorregistry_key
UseLogonCredential
- First seen
- 2026-05-13
- Last seen
- 2026-05-13
- Sightings
- 1
Posts referencing this indicator
- Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
Registry entry modified by the attacker to turn on WDigest credential caching for credential theft.