SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Edgar Weippl was on a panel discussion on new business models, technology and legal constraints. “Cloud solutions allow startups to scale their technical infrastructure quickly, but scaling is hard when it comes to different national legal systems” (OTS, Video statements, Photos). Photos: APA-Fotoservice/Preiss… Read More
The ERCIM News No. 102 has just been published at http://ercim-news.ercim.eu/en102 SBA Research contributed with two articles: CyPhySec: Defending Cyber-Physical Systems by Johanna Ullrich and Edgar Weippl CyberROAD: Developing a Roadmap for Research in Cybercrime and Cyberterrorism by Peter Kieseberg
Ulrich Bayer, Aljosha Judmayer and Edgar Weippl presented how cyber-fraud is conducted and use and misuse of BitCoin at the Vienna Cyber Diplomacy Day organized in Hofburg. Read More
“Die IT-Sicherheitsexperten von SBA Research gehen davon aus, dass derzeit noch rund ein Drittel aller Server auf dem veralteten System laufen – und sehen daher entsprechenden Handlungsbedarf. „E-Mail-Server, Web-Server oder gar Netzwerk-Server können nicht mehr sicher gegen Bedrohungen abgeschirmt werden, wenn es keinen aktuellen Support dafür gibt. Das stellt eine… Read More
Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos of the Combinatorial Security Testing Team of SBA Research found several critical security vulnerabilities in the Koha Library Software. The vulnerabilities involve a variety of serious issues like unauthenticated SQL Injection, Local File Inclusions, XSS and XRFS which allow remote attackers to completely… Read More
Katharina Krombholz and Matthias Gusenbauer served as IT experts on “Supernowak”, produced by Puls4 and broadcasted on June 11, 2015. Together with Rainhard Nowak they showed how many data one is unknowingly releasing while shopping, running or googling. Read More
At the Event ‘The Future of Cloud’ organized by AIT and Eurocloud Edgar Weippl gave a presentation on cloud security and was on the panel on discussing research challenges in cloud computing.
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞