SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Johanna Ullrich and Edgar Weippl contributed a chapter to the The Cloud Security Ecosystem edited by Ryan Ko and Raymond Choo. The book comprehensively discusses a range of cloud security topics from multi-disciplinary and international perspectives, aligning technical security implementations with the most recent developments in business, legal, and international… Read More
SBA Research organized an internal event in Wetzlas to discuss and work on the COMET proposal on Friday and Saturday morning. The rest of the time we also had some non-research fun. Read More
At the IMAGINE 2015 meeting Edgar Weippl gave an overview of international activities that SBA Research organizes in cooperation with IFIP WG 8.4. The next business meeting for the WG is planned for August in Toulouse, co-located with the ARES conference. Moreover, we presented the support that SBA research… Read More
SBA Research was part of the “OCG Jahrestagung 2015”. On Wednesday, June 10, Adrian Dabrowski and Aljosha Judmayer entertained the participants with our “Myth-Busters” session “Hollywood Hacking by SBA Research”. Afterwards we participated in the workshop “Privacy & Security” which was organized and led by Egdar Weippl. Read More
UberGrape is the first Start-Up company to become part of the SBA Research Accelerator Program. The cooperation was officially announced during the yearly “IMPACT” event on May 28th. Their primary product is ChatGrape, an innovative communication solution for companies that intends to displace e-mail for inter-company communication. The solution uses semantic… Read More
„Akzeptanz und Legitimität im Umfeld von Online-Partizipation” Heute fand die Veranstaltung “Diskurs Digital|Keine einsamen Entscheidungen mehr!”, unterstützt von SBA Research und organisiert von Liquid Participation, statt. Organisationen stehen immer wieder vor der Herausforderung: Wie entwickle ich programmatische Positionen? Was legitimiert und qualifiziert Personen zur Beteiligung? Diese und weitere Fragen sollen in… Read More
Just recently the third edition of “MySQL 5.7 – Das umfassende Handbuch” was published. The book is a comprehensive guide to MySQL 5.7, written by our employee Stefan Pröll in collaboration with Eva Zangerle and Wolfgang Gassler, both employed at University of Innsbruck. Admins and users from novice to… Read More
Martin Mulazzani held a talk today at the first is4is summit (http://summit.is4is.org/about), organized by Prof. Wolfgang Hofkirchner. The topic was “Ethics in IT Security Research”: Research in IT security often comes with decisions and possibilities that may or may not be considered ethical. However, it is often hard for… Read More
The Association for Computing Machinery (ACM) awarded Artemios G. Voyiatzis the Senior Member Grade. The Senior Member Grade recognizes those ACM members with at least 10 years of professional experience and five years of continuous professional membership who have demonstrated performance that sets them apart from their peers. Read More
Bei der IMPACT 2015 haben wir gemeinsam mit hochkarätigen Vortragenden aus den Bereichen Wissenschaft und Wirtschaft, u.a. Andreas Moser, Google Switzerland und Mario de Boer, Security Analyst Gartner, die Brücke von der Forschung zum Markt gebaut und aufgezeigt, wie wir bei SBA Research Wissen und Wissenschaft anwendbar machen. Beim anschließenden Jahresfest blieb ausreichend Zeit für… Read More
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞