SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Eine kürzlich bekanntgewordene schwere Windows Lücke betrifft vor allem Windows Webserver. Derzeit (16.04.2015) sind nur Denial-of-Service Angriffe möglich. Es ist relativ wahrscheinlich, dass in naher Zukunft Angriffe mit höherem Risiko entwickelt werden. SBA Research hat alle derzeit verfügbaren Informationen in einem White-Paper zusammengefasst: SBA Whitepaper: Microsoft HTTP.sys Schwachstelle Für… Read More
Das Security Afterworks am 14. April 2015 beschäftigte sich mit dem Thema “Cybercrime – Lessons From The Field & Best Of Troopers15”. Andreas Tomek sprach über Cybercrime-Vorfälle des letzten Jahres und bereitet diese hinsichtlich Identifikation, Incident Response und Prävention auf. Danach fassten Andrian Dabrowski und Peter Kieseberg die Hot Topics der… Read More
Edgar Weippl was invited as expert to the focus group of the European project COURAGE (Cybercrime and Cyberterrorism European Research Agenda) at West Yorkshire Police’s District HQ in Leeds.
The paper “Constructing Orthogonal Designs in Powers of Two: Groebner Bases Meet Equational Unification” by Dimitris E. Simos (SBA Research, Austria), Ilias Kotsireas (Wilfrid Laurier University, Canada), Temur Kutsia (RISC – Johannes Kepler University, Austria) has been accepted for publication in 26th International Conference on Rewriting Techniques and Applications (RTA… Read More
Dimitris Simos gives a talk on April, 13th in the Fourth International Workshop on Combinatorial Testing (IWCT 2015) about an Evaluation of the IPO-Family Algorithms for Test Case Generation in Web Security Testing. The workshop takes place in Graz, Austria and is collocated with ICST2015 (8th… Read More
Katharina Krombholz gives a talk about “Usable Security and Privacy in Mobile and Wearable Computing” at the Vienna University of Technology. Monday, April 13th, 13.00 TU Vienna, Bibliothek 187/2 Details
Students of SBA Research participated as members of the team We0wnY0u of the Vienna University of Technology in the international capture-the-flag contest iCTF. In an 8 hours timeframe, 42 (in words: forty two) services were to exploit from previous iCTF competitions. Overall… Read More
The first joint NIST/ SBA Research Workshop on Combinatorial Security Testing took place today in Vienna where Dr. Raghu Kacker and Prof. Jeff Lei were invited as speakers. The scope of the workshop was to facilitate the cooperation between the Combinatorial Security Testing team of SBA Research and the ACTS project… Read More
Prof. Jeff Lei, Department of Computer Science and Engineering at the University of Texas at Arlington, USA gives a talk about “A Combinatorial Approach to Conformance Testing of Personal Healthcare Devices”. His research interests are in the area of automated software analysis, testing and verification, with a current focus on combinatorial testing. He is… Read More
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞