Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

Upcoming Events:

SHECURITY – Hackerinnen Training

15.01.2026

OWASP Chapter Vienna Meetup x SBA Security Meetup

28.01.2026

Kubernetes Attack and Defense Wizardry with Stormcenter

03.03.2026 - 06.03.2026

Impressions of the 4th Blockchain Networking Meeting

October 16, 2018

Stephanie Jakoubi represented SBA at the 4th blockchain networking meeting hosted by Digital City Wien and Accenture. Read More

SBA Security Advisory – Teltonika RUT9XX – Unauthenticated OS Command Injection (CVE-2018-17533)

October 12, 2018

Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross-site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization. We recommend to update Teltonika RUT9XX routers to version RUT9XX_R_00.04.233 or later. For further details, see the full security advisory. Read More

SBA Security Advisory – Teltonika RUT9XX – Missing Access Control to UART Root Terminal (CVE-2018-17534)

October 12, 2018

Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges. We recommend to update Teltonika RUT9XX routers to version RUT9XX_R_00.04.233 or later. For further details, see the full security advisory. Read More

SBA Security Advisory – Teltonika RUT9XX – Reflected Cross-Site Scripting (XSS) (CVE-2018-17532)

October 12, 2018

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges. We recommend to update Teltonika RUT9XX routers to version RUT9XX_R_00.05.01.1 or later. For further details, see the full security advisory. Read More

(ISC)2 / ISACA Conference 2018 at TU Wien

October 11, 2018

Security & Safety: 2 schools of thought – 1 goal? The (ISC)2 / ISACA Conference hosted in TU Wien´s dome hall on October 11, 2018 counted a total of 170 participants and 9 talks contributing experience and knowledge from different fields. The agenda addressed… Read More

Edgar Weippl holds Keynote at SST

October 11, 2018

Edgar Weippl gave a keynote on Research Methods and Examples of Research in Distributed Systems Security at the SST 2018 in Osijek, Croatia. Abstract: Over the past few years an increasing number of descriptive works have helped explain complex phenomena in the area of distributed systems… Read More

Aljosha Judmayer gives talk on “No IT-Security -> no Blockchain”

October 10, 2018

Aljosha Judmayer talked about the latest Security fails and the role of IT-Security in Blockchain at the Blockchain in corporate practice event hosted by the Austrian Innovation Forum. Read More

Martina Lindorfer is awarded the 2018 Cor Baayen Award.

October 10, 2018

Martina Lindorfer was selected as the winner of the 2018 Cor Baayen Young Researcher Award. The award committee recognises Martina's impressive achievements and outstanding quality of her research in the field of systems security, especially the analysis of malicious software and mobile operating system vulnerabilities. The ceremony takes place on Oct 10 in Goteburg. Edgar Weippl was her supervisor and we are happy that after some time as a PostDoc at UC Santa Barbara she returns to Vienna on a tenure track position. Read More

Alexei Zamyatin at Scaling Bitcoins 2018

October 8, 2018

Alexei Zamyatin and Dominik Harz (Imperail College London) gave an invited talk entitled „Interoperability with Cryptocurrency-backed Tokens“ at Scaling Bitcoins 2018 in Tokyo. Slides Paper

There is no such thing as 100% security

October 8, 2018

Markus Klemen participated in the third round table (hosted by Brutkasten and A1) discussing the role of cyber security within startups. Details… Read More

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

Impressions of the 4th Blockchain Networking Meeting

SBA Security Advisory – Teltonika RUT9XX – Unauthenticated OS Command Injection (CVE-2018-17533)

SBA Security Advisory – Teltonika RUT9XX – Missing Access Control to UART Root Terminal (CVE-2018-17534)

SBA Security Advisory – Teltonika RUT9XX – Reflected Cross-Site Scripting (XSS) (CVE-2018-17532)

(ISC)2 / ISACA Conference 2018 at TU Wien

Edgar Weippl holds Keynote at SST

Aljosha Judmayer gives talk on “No IT-Security -> no Blockchain”

Martina Lindorfer is awarded the 2018 Cor Baayen Award.

Alexei Zamyatin at Scaling Bitcoins 2018

There is no such thing as 100% security

Upcoming events @ SBA

SBA Research at a glance

Highlights of the past years:

Privacy settings

SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

Highlights of the past years:

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.