Our 2024 Credential Leak Report for top SaaS products is now available. Gain valuable insights into credential leaks affecting platforms like Jira, GitLab, Salesforce, and more. #Cybersecurity #SaaS #DataBreach #StealerMalware.

If you’ve ever used WhiteIntel, you may have noticed Android application credentials appearing to originate from a Windows device. Here’s a simple explanation of how that can happen:.

Initial assesment: each file contains around 70M lines on avarage. Total estimated lines: 18.200.000.000. Of course large chunk of it will be duplicates.

A threat actor silently dropped 700GB of leak credentials. We are started indexing the data immediately however it might take some time. Data contains 260 seperated txt files.

Threat Intel license holders are still out of captcha verification.

Thanks to some users abusing the system with bots, we’ve had to add CAPTCHA verification when unlocking entries. We know it's annoying blame the spammers, not us.

RT @usetraceix: Free VPS to students and teachers, claim yours now!.

Threat actors are selling all kind of data including scannable IDs, Passports in telegram channels.

Guess who doesn’t have summer PTO because they thought launching a startup was a great idea?

Fun fact: RDWeb Access is more widely used than many realize. When paired with leaked credentials, it becomes a low hanging fruit for ransomware operators.

Telegram is not the only source of information stealer log distrubition. The following screenshot from a discord channel of a custom infostealer malware.

We really appreciate hearing that our name has come up in webinars. We're always happy to join community events and share what we've learned. If you're planning a session, feel free to get in touch with us at info[at]whiteintel[.]io.

We’ve just upgraded our public search!. You can now search email addresses directly from our homepage, no registration required. Curious if an email is exposed?. Give it a try:

We’ve enabled CSV export for Researcher licenses. Current limits: 10 exports per month, with up to 2 months of data per export. If that feels tight, it’s because it is. You should probably get a subscription otherwise, I might actually get fired.

The infostealer malware knows what creds are compromised at all times. It knows this because it knows what isn’t compromised. By subtracting what’s leaked from what isn’t (or vice versa, depending on the EDR bypass method), it derives a difference - an incident. The malware uses.

Fun fact: all our version names are based on real places in Tokyo, as a tribute to our co-founder who is dedicated to bankrupting us there.

WhiteIntel stable version v3.5 “Higashi-ginza” is now live!. Improved API performance, higher rate limits for scaled incident response, and a redesigned UI based on user feedback. Start detecting infostealer credential leaks in seconds across billions of records.

Here it comes 🧐.

We don’t have Cookie pop-up on our website because we don’t know what to do with them except account takeovers. Thx for understanding in this matter.