SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
CloudLinux CageFS Token Disclosure (CVE-2020-36771) CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user. Full security advisory… Read More
Sebastian Raubitzek and Kevin Mallinger have been invited for a special research seminar in CGIAR (Consultative Group on International Agricultural Research) about the application of complexity science in Artificial Intelligence. The talk focused on the possibility to enhance AI capacities for sustainability and productivity… Read More
Christopher Kruegel, a longtime collaborator, will chair our Scientific Advisory Board. He has published more than 89 papers at the 4 major security conferences and founded Lastline (later acquired by VMware) by building on the results of… Read More
We are pleased to announce that Maria Christakis joined SBA’s new COMET proposal Next Generation Cybersecurity (SBA-K1 NGC) as member of the scientific and innovation board, Laura Kovacs and Matteo Maffei joined as key researchers. Maria Christakis’s ERC grant focuses on improving software testing,… Read More
Anastasia Pustozerova is researcher at SBA Research and gave an interesting talk on Differential Privacy for Machine Learning. Talk Abstract Machine Learning requires a lot of data to train effective models. Data owners might not be willing to share the data because of its private nature. Differential Privacy can… Read More
In the paper, we explore privacy attacks via linkage of samples of human microbiome, and extend on the current threat landscape by a more effective linkage attack. We further discuss mitigation actions. Our paper was published in “Computers & Security“, a Q1 ranked journal by… Read More
MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device. Full security advisory Credits… Read More
Be part of the Quantum Revolution! AIT Austrian Institute of Technology invites you to the first National Quantum Communication and Information (QCI) Day. Join them at the House of Industry (Industriellenvereinigung) in Vienna. From January 24-26, 2024, at the Federation of Austrian Industry, Vienna. Dive… Read More
On November 30, Tomasz Miksa presented a compelling talk with the title “More Automation, More Machine-Actionability: Less Bureaucracy,” at the Bio-IT World Europe Conference & Expo. Focusing on the escalating need for computing power in life sciences, Miksa highlighted the challenges of… Read More