Dimitris Simos joined the NIST Cryptographic Module Validation Programme and will contribute to the software module testing group. The main goals of the programme are to research and identify best practices for crypto module testing as well as write specifications for automated testing.
Alexander Mitter, nimbusec, and Andreas Tomek, SBA Research, are talking in futurezone.at about the rising number of attacks on company websites, the ideal conditions for current start-ups, and the lacking readiness to assume risks. Nimbusec is last year’s winner of the start-up competition Start Secure which will be held this year under the name Security Rockstars, organized by SBA Research, BM.I and KSÖ.
Read the whole interview here: futurezone.at
Today Peter Kieseberg from SBA Research gives the keynote at the Digital Networked Data Workshop “Big-Data und Security” at the Imagine16. Furthermore, he will present current research results on data leak protection.
Security Rockstars 2016 is the European sequel to the Austrian start-up competition Start Secure 2015.
The competition’s goal is to find and support innovative ideas and solutions in the area of Information Security. Submission deadline for proposals is 15 July 2016. Apply now here: http://www.securityrockstars.com/
The final pitch takes place in the context of the CCS conference on 24 October 2016 in Vienna.
Adrian Dabrowski gives a talk about “Browser History Stealing with Captive Wi-Fi Portals” at the Mobile Security Technologies (MoST) 2016, held as part of the IEEE Computer Society Security and Privacy Workshops, in conjunction with the IEEE Symposium on Security and Privacy in San José.
Abstract: In this paper we show that HSTS headers and long term cookies (such as those used for user tracking) are so prevailing that they allow a malicious Wi-Fi operator to gain significant knowledge about the past browsing history of users. We demonstrate how to combine both into a history stealing attack by including specially crafted references into a captive portal or by injecting them into legitimate HTTP traffic.
More information can be found here.
For more information on relevant project aspects please contact Dimitris Simos.
Damjan Buhov presents today our paper “Pin It! Improving Android Network Security At Runtime” (by Damjan Buhov, Markus Huber, Georg Merzdovnik, and Edgar Weippl) at the IFIP Networking 2016 Conference. IFIP Networking is a CORE A-ranked conference.