Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Open Directories: Sensitive data (not) hiding in plain sight

7 views

Published on

Jan Kopriva in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.

The videos and other presentations can be found on https://def.camp/archive

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Open Directories: Sensitive data (not) hiding in plain sight

  1. 1. Open Directories Sensitive data (not) hiding in plain sight TLP: GREEN Jan Kopřiva ALEF CSIRT jan.kopriva@alef.com
  2. 2. Open Directories
  3. 3. • Timeframe: Q3 2018 • Thousands of open directories analysed (mostly manually) • Sensitive data found on 185 domains Analysis of .CZ a .SK
  4. 4. 22% Personal Data 15% Highly Sensitive Data Personal and Highly Sensitive Data
  5. 5. 18% SW/Warez 14% Audiovisual Content SW/Warez and Audiovisual Content
  6. 6. 23% Music 9% e-Books/Audiobooks Music and e-Books
  7. 7. Photography and Pornography 16% Photos 5% Pornography
  8. 8. Passwords and Databases 3% Passwords 1% Databases
  9. 9. Hic sunt leones
  10. 10. Results 0,00 5,00 10,00 15,00 20,00 25,00 %
  11. 11. Results • Contact of affected subjects – Help from CZ.NIC (and others) • Quite a lot of sensitive data found • Good research opportunity for junior analysts
  12. 12. Q&A
  13. 13. Thank you for your attention TLP: GREEN

×