SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
The Vienna ACM SIGSAC Chapter has been chartered by ACM’s Chief Operating Officer on February 13, 2012. SBA Research is strongly involved in this chapter. … Read More
” (Without meaning to advocate over-reliance on it, penetration tests usually require a certain suite of tools. While standard utilities such as nmap, dirbuster and sqlmap tend to meet the needs of testers in most situations, some tricky assessments call for custom development or at least a skilled combination of… Read More
Ingrid Schaumüller-Bichl and Edgar Weippl cordially invite to the 1st Young Researcher’s Day which will take place during the OCG working group „IT security“ on 01/03/2012. The basic idea behind this event is the desire that every Austrian institution that offers a security course or teaching focus, provides their best… Read More
Journal of Wireless Mobile Networks, Ubiquitous computing, and Dependable Applications. ARES 2011 Special Issue Volume 2, Number 4 (December, 2011), Advances in Applied Security. http://jowua.yolasite.com/vol2no4.php… Read More
Smartphone-Applikationen zum Versenden von kostenlosen Kurznachrichten erfreuen sich auch in Österreich zunehmender Beliebtheit, allen voran WhatsApp, das auf bereits mehr als 180 000 Smartphones in Österreich installiert ist. Die einfache Konfiguration – das Anlegen eines Benutzerkontos ist nicht erforderlich – trägt einerseits zu dieser rasanten Verbreitung bei, andererseits sorgt dieses… Read More
We will present a paper on smartphone message application security at NDSS 2012. You can find a preprint of the paper here: Guess Who’s Texting You? Evaluating the Security of Smartphone Messaging Applications. From the abstract: In recent months a new generation of mobile messaging and VoIP applications… Read More
Semantic Search: New Developments John Tait, Jan 31, 14:30 SBA Research The term Semantic Search is becoming fashionable, but there are a number of problems with the term. 1) There are at least two forms of semantic search. One is based more-or-less hand programmed knowledge sources, like domain ontologies or… Read More
“In a paper they presented at the Usenix Security Symposium in August, Martin Mulazzani and his colleagues at SBA Research [PDF], in Vienna, described several ways in which deduplication could be used to access files uploaded to Dropbox. ” (quoted verbatim from Christian Cachin et al., A Cloud you… Read More
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞