SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Rails 3.0.5 doesn’t validate the input for the X-Forwarded-For field in the header sent by clients with a class C remote-addr. (see: TRUSTED_PROXIES). (Security Focus, more details…)
We are happy to have Gilbert Wondracek as a senior researcher on our team. His last two IEEE S&P papers: Gilbert Wondracek, Thorsten Holz, Engin Kirda, and Christopher Kruegel. 2010. A Practical Attack to De-anonymize Social Network Users. In Proceedings of the 2010 IEEE Symposium on Security and Privacy… Read More
Interdependencies among Critical Infrastructures, both inside the ICT domain and between ICT and other sectors (e.g. Oil&Gas and Transport), are complex to be understood. Critical Infrastructures risks always change due to new threats, interdependencies and possible scenarios. Read More
Markus Huber received a grant from the Vienna University of Technology to attend the Einsteins in the City 2011 conference in New York. He will present our latest research results on social network forensic.
“Gilbert Wondracek at the Vienna University of Technology in Austria and his colleagues built a history-stealing website aimed at groups on Xing, a business-orientated social network. Mr Wondracek’s analysis of over 6,500 Xing groups, containing a total of more than 1.8m users, suggested that his rogue site would be able… Read More
Edgar Weippl gives an invited talk at NII. Whenever data is being processed, there are many places where parts of the data are temporarily stored; thus forensic analysis can reveal past activities, create a (partial) timeline and restore deleted data. While this fact is well known for computer forensic and… Read More
Our manuscript “Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam” has been accepted for the upcoming special issue on Security and Privacy in Social Networks in the IEEE Journal of Internet Computing in May/Jun 2011. Preprint is available here. In this article we have introduced… Read More
SBA Research was delighted to welcome FFG Managing Director Karin Tausz and Head of Division Structural Programmes Silvia Laimgruber to the SBA-K1 NGC COMET Center in Vienna. ... ∞
Our colleague Nicholas Stifter, researcher and security analyst at SBA Research, presented his conference paper titled Reuse of Public Keys Across UTXO and Account-Based Cryptocurrencies at the Financial Cryptography and Data Security 2026 in St. Kitts, USA. ... ∞
Tanja Sarcevic, Daryna Olyinyk, and Yelyzaveta Klysa, all MLDM research group members, and Sabina Khazari participated in the European Cybersecurity & AI Hackathon Championship organized by CISPA, one of Europe’s leading research centers in cybersecurity and artificial intelligence. Congratulations to them, they won 2nd place and qualified themselves to the grand finale that will be held in St. Ingbert, Germany, in June 2026. ... ∞