A big thanks to Axel Thoß from PWC for presenting the topic: Cyberangriffe – Haftung von Unternehmen und deren Repräsentanten. We will announce our next Meetup in the days to come!
Stefan Jakoubi speaks about detection, response and recovery, common sense, regulations and standards at “Situational Awareness in IT – Compulsory or Secondary?” on June 26, 2019.
Jovan Zivanovic from SBA’s MaTRIS research group (https://matris.sba-research.org/) attended the 14th International Workshop on Automation of Software Test (http://ast2019.isti.cnr.it), in conjunction with ICSE 2019.
Jovan Zivanovic presents the paper ‘Automated Combinatorial Testing for Detecting SQL Vulnerabilities in Web Applications (Dimitris E. Simos (SBA Research), Jovan Zivanovic (SBA Research) and Manuel Leithner (SBA Research))’
Contributions from this paper include three new attack grammars used for exploiting SQL Injections, a fully automated web application vulnerability scanner (for SQL Injections). This research lead to reproduction of known vulnerabilities in real world web applications.
SBA hosted the Kaspersky Cyber Day at TU Wien on May 28. After a revealing lecture on some of the history´s most famous hacks participants challenged each other in the battle for the KIPS champion title. In addition to the cyber day Kaspersky conducted a deeply technical workshop on machine learning at SBA. The group of 20 participants was composed of SBA staff as well as various partners.
Kaspersky Interactive Protection Simulation (KIPS) is an exercise that places business decision makers IT security teams from corporations and government departments into a simulated business environment facing a series of unexpected cyber threats, while trying to maximize profit and maintain confidence
The Austrian Computer Science Day (ACSD)  is an annual assembly that brings together computer scientists across Austria from different universities and research centers to improve visibility of the field and foster collaboration in research and teaching. For the first time, a selected group of “Young Experts” was invited to hold short talks about their research and present posters about their dissertation. With financial support of SBA Research and the Information & Software Engineering Group (IFS) of TU Wien, Adrian Dabrowski presented his work from SBA on security an privacy in large-scale infrastructure. He has recently started as a Post-Doc at University of California, Irvine.
Philipp Reisinger will give a talk on pitfalls in cyber-risk management at “Digitization and AI”, hosted by CONECT and SBA on June 4, 2019.
Risk management plays a key role in both law and security standards. It aims to identify and assess risks and provides a baseline for decisions and actions in the field of information security.
Episode 712 @ 41:53 (https://www.youtube.com/watch?v=lB_FoFZot50&t=2513) of “Security Now” podcast by Steve Gibson and Leo Laporte featured the recent joint research achievements of NIST and SBA Research on Combinatorial Testing (CT), which have been officially been announced at https://www.sba-research.org/2019/05/02/combinatorial-testing-methods-can-increase-confidence-in-high-risk-software/
Steve highlights the recently achieved results not only as a result of NIST long-term investment into CT, but also specifically points to SBA Research having been the major contributor by having developed the algorithmic primitives upon which these results were achieved.
Steve continues to comment on combinatorial testing and its connection to fuzzing and also acknowledges our software testing research efforts; and while we don’t agree a 100% on the technical details of his presentation, we are very happy and honored to be featured in his podcast.
Something draws near, I can feel it: An analysis of human and bot emotion-exchange motifs on Twitter
Researchers analyzed data of over 1.3 million anonymized twitter users.