Inside the Synthient Threat Data

Key Points:

• A significant volume of threat intelligence data, totaling 3.5 terabytes and containing 23 billion rows, has been aggregated from various sources, including stealer logs and credential stuffing lists.
• The data includes 183 million unique email addresses, with 14 million previously unseen in any data breach, posing a risk of credential theft and account takeovers across multiple services.
• Organizations should verify the legitimacy of their users' credentials and implement strong password policies to mitigate risks associated with credential stuffing attacks.

Technical Details: The data includes stealer logs generated by infostealers capturing credentials from infected machines and credential stuffing lists derived from previous breaches where passwords were inadequately protected.

MITRE ATT&CK Techniques:

• T1078 - Valid Accounts (Credential Access)
• T1003.001 - OS Credential Dumping: LSASS Memory (Credential Access)

IOCs Mentioned: None mentioned