Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

Anastasia Pustozerova @Vienna Deep Learning Meetup

January 17, 2024

Anastasia Pustozerova is researcher at SBA Research and gave an interesting talk on Differential Privacy for Machine Learning. Talk Abstract Machine Learning requires a lot of data to train effective models. Data owners might not be willing to share the data because of its private nature. Differential Privacy can… Read More

SBA Security Advisory – MOKOSmart MKGW1 Gateway – Improper Session Management (CVE-2023-51059)

December 21, 2023

MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device. Read More

Bernhard Garn @COST Action NERO

October 20, 2023

On Oct 17, 2023, Bernhard Garn joined as MC member of Austria the meeting MC1 of the COST Action NERO (CA22164 – european Network on Extreme fiRe behaviOr). Copyright: MATRIS This meeting marks the start of this COST Action, which focuses… Read More

ARES 2023 Recap: Where Availability, Reliability, and Security Converged in Benevento, Italy

September 29, 2023

The 18th International Conference on Availability, Reliability, and Security (ARES 2023) took center stage in Benevento, Italy, from August 29 to September 1, 2023, offering a platform for experts and enthusiasts to explore the latest developments in the field. Co-located with ARES 2023 was the International IFIP Cross Domain Conference… Read More

SBA Research hosted Mutual Leaning Exercise EU Delegation on “Knowledge Valorisation”

June 21, 2023

We had the great pleasure of hosting the first policy dialogue and study visit within the Mutual Learning Exercise on Knowledge Valorisation from June 19-20, 2023 in Vienna. Over the course of two days, the participants engaged in extensive discussions on incentives and skills for research… Read More

SBA Research hosted Mutual Leaning Exercise EU Delegation on “Knowledge Valorisation”

SBA Security Advisory – Vtiger CRM – Stored Cross-Site Scripting (CVE-2022-38335)

September 28, 2022

Vtiger CRM 7.4.0 or below is prone to a stored cross-site scripting vulnerability in the email templates module due to insufficient sanitizing. Read More

sec4dev Conference & Bootcamp 2022 – It was a blast!

September 21, 2022

sec4dev 2022 is over and wow wow wow - we are more than happy after having 4 days of great bootcamps, interesting talks and more than 170 participants, making the sec4dev Conference & Bootcamp a fantastic event!! From September 6-9, 2022 the TU Wien was turned into THE place to be for developers and everybody interested in security. Read More

sec4dev Conference & Bootcamp 2022 – It was a blast!

ARES & CD-MAKE 2022 – Vienna calling!

August 29, 2022

The 17th International Conference on Availability, Reliability and Security (ARES 2022), was held from August 23 to August 26, 2022 in SBA Research’ home town, Vienna. Co-located with ARES for the sixth time was the International IFIP Cross Domain Conference for Machine Learning & Knowledge Extraction –… Read More

Safer Internet Day 2022 – Together for a better internet

February 7, 2022

Today is Safer Internet Day! To raise awareness on the significance of how to navigate the web safely two excellent projects tackle the problem of security training and awareness from a different angle. Cyber Security Quiz Breaking down essential security topics applying the concepts of microlearning, gamification ,and… Read More

SBA Security Advisory – Shibboleth Identity Provider OIDC OP Plugin – Server-Side Request Forgery (CVE-2022-24129)

February 1, 2022

Shibboleth Identity Provider OIDC OP plugin 3.0.3 or below is prone to a server-side request forgery (SSRF) vulnerability due to an insufficient restriction of the request_uri parameter. This allows unauthenticated attackers to interact with arbitrary third-party HTTP services. We recommend to update Shibboleth Identity Provider OIDC OP plugin to version 3.0.4 or later. For further details, see the full security advisory. Read More

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

News