SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Manuel Leitner is holding a lesson about UCC Privacy & Security in cooperation with CON.ECT. The talk is centered on multidimensional communication including audio, video, text and files. Threats endangering the privacy of the transmitted data are shown and defense strategies are presented in this talk.
Internetsicherheit, Hacker und Datenschutz Der weltweite freie Datenverkehr hat auch seine Schattenseiten: Unbekümmerte Internetuser gehen viel zu unvorsichtig mit ihren Daten um, wichtige Webseiten weisen oft ernste Schwachstellen auf, Hacker finden immer wieder neue Methoden, in Computersysteme einzudringen. Edgar Weippl (Institut für Softwaretechnik und Interaktive Systeme, TU… Read More
A Bird’s-Eye View of Optimal Codes and Symmetric Cryptography from Combinatorial Designs Dimitris E. Simos, Department of Mathematics, National Technical University of Athens, Abstract: In the past few decades, combinatorial design theory has grown to encompass a wider variety of investigations, many… Read More
Ulrich Bayer did hold a lesson on secure development of web applications at the “IKT-Zentren Akademie” of 2011. The talk included a theoretical and practical introduction to secure web application development and the most common attack vectors. (mehr…)
Cloud Speicherdienste als Angriffsvektoren. based on our Usenix Security 2011 Paper (Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space), we will present some recent updates at the Sicherheitskonferenz Krems
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞