MIS Redaktion

Neuer Artikel: Efail and other Failures with Encryption and E-Mail: Outdated Crypto Standards and HTML Mails as a Security Risk

Efail and other Failures with Encryption and E-Mail: Outdated Crypto Standards and HTML Mails as a Security Risk by: Hanno Böck The Efail bug against encrypted e-mails showed a variety of problems with the interaction of outdated cryptography and HTML e-mails. This talk will give an overview of the flaws that led to Efail and some other fun attacks that followed it.

Weiterlesen

Neuer Artikel: New Attack Vectors for Mobile Core Networks

New Attack Vectors for Mobile Core Networks by: Silke Holtmanns Mobile network operators connect towards each other through the private interconnection network (IPX). This closed private network enables international calls, data, messages and many other services across network and country borders. It connects billions of users and Internet of Things devices.

Weiterlesen

Neuer Artikel: Without a Trace: Cybercrime, who are the Defendants?

Without a Trace: Cybercrime, who are the Defendants? by: Edith Huber and Bettina Pospisil and Walter Seböck Since 2006, cases of computer crime in Austria have been recorded in official crime statistics under the collective term »Cybercrime«. While the authors also analysed the solved cybercrime cases of the last ten years (2006 - 2016) this article focuses on the unsolved cases which occurred during this period.

Weiterlesen

Neuer Artikel: XFLTReaT: Unified Tunneling

XFLTReaT: Unified Tunneling by: Balazs Bucsay This paper aims to recognize the similarities between existing tunneling solutions and gives advice on possible framework implementation. The reference implementation can be found on Github under the name of XFLTReaT. With this framework it is possible to use only one tunneling program to use different transport protocols to tunnel data.

Weiterlesen

Neuer Artikel: Web Application Firewall Bypassing: An Approach for Penetration Testers

Web Application Firewall Bypassing: An Approach for Penetration Testers by: Khalil Bijjou Security experts perform security assessments of web applications in order to identify vulnerabilities that could be exploited by malicious users. Web Application Firewalls add a second layer of protection to web applications in order to mitigate these vulnerabilities. The attempt to bypass Web Application Firewalls is an important aspect of a security assessment and is necessary to ensure accurate results.

Weiterlesen