SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Sebastian Schrittwieser and Peter Kieseberg gave invited talks at Troopers13. You can watch the recording of Peter’s talk on QR code security here. Read More
With respect to open science and reproducibility of scientific results, we are releasing our first public data set today. It is the XML output of fiwalk for 18 versions of Microsoft Windows, and was used to quantify file slack space capacity and stability with regards to system updates in digital forensics. You… Read More
In an advertisement of bmvit and FFG in the newspaper “Heute” Katharina’s internship is listed as a successful example for the promotion of women. Subsequent to the internship her employment continued on a permanent basis and she began working on her dissertation. Within the cooperation with the NII Katharina is… Read More
In der aktuellen Ausgabe der “Computerwelt” spricht Gernot Goluch über die Notwendigkeit nach mehr Sicherheit in der IT sowie den momentan herrschenden Expertenmangel in Österreich – der vollständige Artikel “Unterbesetzte IT-Sicherheits-Abteilungen” ist online hier verfügbar. Read More
Heute geht das IKT-Sicherheitsportal online: www.onlinesicherheit.gv.at. Das IKT-Sicherheitsportal ist eine interministerielle Initiative in Kooperation mit der österreichischen Wirtschaft und stellt ein auf elektronischem Wege abrufbares Internetportal für Themen rund um die Sicherheit der Informations- und Kommunikationstechnologie (IKT) dar. – mehr lesen
Edgar Weippl präsentiert im Rahmen der IRIS 2013 technische Aspekte zu Cloud-Security am UBIT-Abend zum Thema: Recht und Datensicherheit in cloudbasierten Systemen (Programm)
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞