Successfully reported this slideshow.
Your SlideShare is downloading. ×

Open Directories: Sensitive data (not) hiding in plain sight

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 13 Ad
Advertisement

More Related Content

More from DefCamp (20)

Recently uploaded (20)

Advertisement

Open Directories: Sensitive data (not) hiding in plain sight

  1. 1. Open Directories Sensitive data (not) hiding in plain sight TLP: GREEN Jan Kopřiva ALEF CSIRT jan.kopriva@alef.com
  2. 2. Open Directories
  3. 3. • Timeframe: Q3 2018 • Thousands of open directories analysed (mostly manually) • Sensitive data found on 185 domains Analysis of .CZ a .SK
  4. 4. 22% Personal Data 15% Highly Sensitive Data Personal and Highly Sensitive Data
  5. 5. 18% SW/Warez 14% Audiovisual Content SW/Warez and Audiovisual Content
  6. 6. 23% Music 9% e-Books/Audiobooks Music and e-Books
  7. 7. Photography and Pornography 16% Photos 5% Pornography
  8. 8. Passwords and Databases 3% Passwords 1% Databases
  9. 9. Hic sunt leones
  10. 10. Results 0,00 5,00 10,00 15,00 20,00 25,00 %
  11. 11. Results • Contact of affected subjects – Help from CZ.NIC (and others) • Quite a lot of sensitive data found • Good research opportunity for junior analysts
  12. 12. Q&A
  13. 13. Thank you for your attention TLP: GREEN

×