SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
CERT.at released the report about internet security in Austria in 2015. Andreas Tomek contributed to the report with the article “Spoofed Invoice Fraud – Cyber Vorfälle treffen Österreichs Industrie”. The article can be found here. The complete CERT.at annual report 2015 can be found here. See also the news article… Read More
The kick off meeting of the SPLIT (Security Protocol Interaction Testing in Practice) project took place on February 10th, 2016 at SBA Research. SPLIT is funded under the Bridge Early Phase programme of the Austrian Research Promotion Agency (FFG). The project aims to provide quality assurance of security protocols… Read More
This week, Aaron and Wilfried presented the latest results of our ongoing scanning activities at the monthly cert.at Stammtisch. Have a look at the slides on slideshare.
The ITEA2-project DIAMONDS (“Development and Industrial Application of Multi-Domain Security Testing Technologies”) has been selected as winner of the prestigious EUREKA Innovation Award 2015/2016 in the category ‘Added Value’. SBA Research participated in this ITEA2-action via the Bridge –project MoBseTIP (“Model-Based Security Testing In Practice”), in which Dimitris Simos served… Read More
Today the 13th international Safer Internet Day took place. The focus of this day lies on “a better Internet for children and teenagers”. Security Experts from SBA Research together with the Austrian Computer Society (OCG) arranged one day for students from elementary school to high school and… Read More
The Austrian newspaper “Der Standard” released an interesting article about the monetary system Bitcoin and how it is often used in connection with crimes such as ransomware and money laundering. The German-Austrian project BITCRIME, with SBA Research as project partner, explores strategies against this kind of abuse. The project focuses on researching… Read More
Engin Kirda, Professor of Computer Science and Engineering at Northeastern University in Boston, and the director of the Northeastern Information Assurance Institute, gives a talk about “Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces”. Abstract Tuesday, 02.025.2016, 11.00-12.00 This event… Read More
Sebastian Schrittwieser, Stefan Katzenbeisser, Johannes Kinder, Georg Merzdovnik and Edgar Weippl. Protecting software through obfuscation: Can it keep pace with progress in code analysis? ACM Computing Surveys (CSUR), accepted for publication, 2016.
Rudolf Mayer and Andreas Rauber are currently participating in the prestigious Dagstuhl Seminar series, together with around 35 research fellows from Europe, Australia, Japan, Brazil and the USA. The seminar deals with the challenges in making experimental research in e-Science reproducible. Many issues concern the lack of proper documentation of… Read More
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞