Vulnerabilities in German Administrations - Rene Rehme
#neoscon #cybersecurity #germany In this talk, I show how the simplest methods were used to uncover vulnerabilities and data leaks in German municipalities/cities. Over a period of 3 months, I checked servers/applications and found quite a few things. Among them were massive data leaks of emails and attachments, personal documents (e.g. ID cards, applications, etc.), general correspondence with citizens, log files with sensitive data, access to various databases, access to intranet platforms, and many other vulnerabilities, some of which I can't even show (at the moment) because in many cases the Responsible Disclosure is still in progress or has not yet been processed.
April 27, 2023