SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Aaron Zauner will present our findings on the usage of TLS in the email ecosystem and counter-measures for secure mail transport at Real World Crypto 2016 in January. You can find the detailed results here, while the program of RWC’16 is already available online.
Yet another paper was accepted at the International Conference of Financial Cryptography and Data Security (FC’16): “CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes” by Patrick Carter, Collin Mulliner, Martina Lindorfer, William Robertson, and Engin Kirda. CuriousDroid was developed in collaboration with Northeastern University in Boston and provides… Read More
Katharina Krombholz, Aljosha Judmayer, Matthias Gusenbauer and Edgar Weippl got their paper “The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy” accepted at the International Conference of Financial Cryptography and Data Security (FC’16) which will be held in February 2016 in Christ… Read More
Last Friday, students and faculty of SBA Research and the Vienna University of Technology participated as members of the team We_0wn_Y0u in the 2015 edition of the international capture-the-flag contest iCTF. Within 8 hours we managed to exploit 15 services, and finished 8th place with a very thrilling last-minute… Read More
Today Peter Kieseberg is presenting recent research on the topic of “Fingerprinting for data leak detection“ at the Workshop on “Machine learning for health informatics” at the TU-Wien, EI 8, organized by the Holzinger Group. Further information can be found here.
Johanna Ullrich als Softwareexpertin in einer Folge von Newton über “Die Tricks der Motorenbauer”. Im Mittelpunkt der Sendung steht die Affäre um manipulierte VW-Motoren. Johanna erklärt unter anderem wie man sich Softwaremanipulation bei Autos vorstellen kann. Watch: (ab 10:58) Newton vom 21.11.2015… Read More
Today BsidesVienna took place, a great community-driven event on computer security. The badge this year was a USB condom, to enforce secure charging of USB devices on-the-go. We were proud to support them by giving numerous presentations and as a sponsor. Read More
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞