SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
At this event, organized by the OCG Forum Privacy and the OCG-working group IT-security, the project consortium presents three significant results of the KIRAS project CERT-Komm II. This project, for the federal chancellery of Austria, consists of SBA Research as the consortium leader and the following project partners: University of Vienna,… Read More
At the Software Quality Days 2018, Edgar Weippl gives a talk on Security Challenges in Cyber-Physical Production Systems with a focus on securing the lifecycle of production systems engineering. published by Springer. Read More
IoT4CPS will develop guidelines, methods and tools to enable safe and secure IoT-based applications for automated driving and for smart production. The project will address safety and security aspects in a holistic approach both along the specific value chains and the product life cycles. Click here… Read More
Heise picked up on our recent ACSAC Paper. DerStandard.at also reads Heise. Gamestar.de and Ad-hoc-news.de also published articles. Summary on futurezone.at. The paper “Grid Shock: Coordinated Load-Change Attacks on Power Grids” by Adrian Dabrowski, Johanna Ullrich, and Edgar Weippl was recently presented at the 2017 Annual Computer… Read More
Our new book on empirical research for software security is available. Empirical Research for Software Security: Foundations and Experience, Lotfi ben Othmane, Martin Gilje Jaatun, Edgar Weippl (eds), CRC Press, ISBN 9781498776417. Read More
We are happy to announce that SBA Research is hosting the security track „Private and Secure Development“ of WeAreDevelopers World Congress 2018, the biggest development conference in Europe (Twitter). We are supporting WeAreDevelopers with our information security and secure development experience. Read More
HTTPS is the most commonly used cryptographic protocol on the Internet. It protects communication content and provides endpoint authenticity at scale. However, deploying HTTPS in a truly secure fashion can be a challenging task even for experienced admins. To explore why this is the case and how these challenges can… Read More
Sebastian Schrittwieser (SBA Research) works on faster identification of cyber attacks by making the hacking process more obvious. Schrittwieser and his team are designing highly complex program codes in order to prevent damage. Full article
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞