SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Heute findet der Security Day – Young Researchers’ Day trifft Kryptostammtisch statt, der im Rahmen des ACM SIGSAC Chapters Vienna und des OCG-Arbeitskreises IT-Sicherheit organisiert wird. Der Security Day findet gemeinsam mit dem Kryptostammtisch des IAIK TU Graz statt und bietet Vorträge von Young und Senior Researchers im Bereich IT… Read More
SBA Research participates with three topics at the European Researchers’ Night: Security on the Internet: Facebook, WhatsApp, Instagramm & Co. Hollywood Hacking: A Reality Check Digital Forensics – CSI in IT… Read More
What is Shellshock? On 24/09/2014, a security vulnerability was published as CVE-2014-6271 (also Shellshock or Bashbleed). The vulnerability is in the command line software bash which is used in practically all Linux systems as the default shell. Due to an error when parsing environment variables, it is possible to execute… Read More
Adrians ACSAC prepublication is picked up by the Washington Post: “There are rare occurrences when all these indicators are present without an IMSI catcher,” Dabrowski said. “But it’s a situation where you might say, ‘Let’s now be careful and not talk about sensitive things on the phone.’ It’s not… Read More
ARES 2014 was held from 8 – 12 September 2014 in Fribourg, Switzerland. Thanks to 133 participants from 30 countries for participating! ARES 2014 Opening Welcome Reception Keynote Bart Preneel Tiny Train through Fribourg ARES 2014 participants… Read More
Die Bedeutung von E-Government als Schnittstelle zwischen öffentlichen Einrichtungen und BürgerInnen im erweiterten Sinn ist bereits heute eine wichtige. Ziel der vorliegenden Studie ist, Sicherheit von E-Government-Anwendungen, Projekten und Einrichtungen durch die Definition eines entsprechenden Standards sowie eines potentiellen Zertifizierungsprozesses in den Mittelpunkt zu rücken und überprüfbar zu machen. Partner:… Read More
Today starts the 9th International Conference on Availability, Reliability and Security (ARES 2014). ARES 2014 is organized by SBA Research in cooperation with the University of Fribourg and takes place from 8 – 12 September 2014 in Fribourg, Switzerland. Website… Read More
The Andrubis app is now available in Google Play Store. The work has been partly funded by uSmile and COMET. The work is part of Martina’s PhD research.
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞