SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Heute (1. Februar) um 19 Uhr bietet Manuel Leithner im Rahmen des Web Salon 2012, veranstaltet von saferinternet.at, in Form eines Webinars praktische Tips und Informationen zum Thema Sicherheit auch für Computerunvertraute an. Die Teilnahme ist frei, Anmeldung jedoch erforderlich.
At BSidesVienna 2012, Manuel Leithner gave a talk on public transport titled “Hackers on a train – Toying with transportation”, detailing equipment and possible flaws in the on-board network infrastructure and ticketing system of WESTbahn.
The team of the Technical University of Vienna “We_0wn_Y0u” could achieve victory at the iCTF 2011 under the direction of Adrian Dabrowski. In a very exciting, nine-hour competition against 85 international competing teams, also Martin Mulazzani, Peter Frühwirt and Manuel Leithner… Read More
Severin Winkler is holding several lessons on secure development of web-applications in cooperation with CON•ECT. The core components of these talks are the top ten security leaks of web applications in 2010 identified by OWASP. The lessons include advanced security topics necessary for the development of modern web-applications and offer a focus on… Read More
In August we will present our work on cloud storage security at the 20th USENIX Security Symposium in San Francisco. The paper, in essence, outlines new attacks on cloud storage services that use server-side data deduplication. It includes a security analysis of Dropbox, a popular cloud storage service. By… Read More
While performing traffic analysis on the current development version of Orbot, the official Android for Tor app, Manuel Leithner (Junior Researcher, SBA Research gGmbH) discovered that certain types of traffic (including VPN, GPS and videos) were not tunnelled through Tor. He subsequently developed a patch that enables full and… Read More
Our manuscript “Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam” has been accepted for the upcoming special issue on Security and Privacy in Social Networks in the IEEE Journal of Internet Computing in May/Jun 2011. Preprint is available here. In this article we have introduced… Read More
We kindly ask you to participate in our information security knowledge management survey. The survey is conducted by publicly-funded research institutions SBA Research (AT), Newcastle University (UK), and Vienna University of Technology (AT). We conduct the survey to explore potential ways of enabling companies and professionals to share information security… Read More
The SBA FIT-IT proposal “INFORM” (Internet Forensic Framework) has been awarded the 2nd place in the competition for the best proposal among all proposals for “Trust in IT-Systems” in 2009. The goal of “INFORM” is to study current challenges in computer forensics and to produce tools that enricht the toolset… Read More
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞