Are you a student and want to attend Graz Security Week for free?

Apply for a student stipend until June 28th, 2026! 🤩
https://securityweek.at/

Our annual summer school on cybersecurity will open its doors again in September!
You can look forward to five days of interesting talks, practical lab sessions, and a big social event. 😎☀️

RE: https://mastodon.social/@arstechnica/116648534587357638

Check out this article about ❄️ "FROST: Fingerprinting Remotely using OPFS-based SSD Timing", a paper by our PhD student @hannesweissteiner.com

❄️The paper: https://hannesweissteiner.com/pdfs/frost.pdf

What a fascinating guest lecture and tech demo by our friends at NXP! 🤩

Their highly skilled team of security experts guided our students through a deep dive into the world of Cybersecurity, side-channel and fault attacks, and Post Quantum Cryptography (PQC), highlighting how attackers exploit unintended information leaks to access sensitive data, reinforcing that security is about both algorithms and their implementation.

This guest lecture was organized as part of our Side-Channel Security master’s course.

NXPs work on PQC is partially funded by the RIGOLETTO Chips-JU project (101194371): https://cordis.europa.eu/project/id/101194371

Mobile Network Security: Is standardization fast enough to cope with modern attack vectors? 🤨

Join us for a guest lecture in Mobile Security by Georg Löffelmann, Head of Department Mobile at A1 Telekom!

Mobile networks have security built in starting with 2G. This guest lecture gives an introduction to mobile networks and which security measures are in place. It’s your opportunity to ask anything you’ve ever wanted to know about (the security of) mobile networks!

📅 May 29th, 2026 | 10:00
📍 HS i12 "Dynatrace Hörsaal", Inffeldgasse 16b, Basement

_________________

Speaker bio:

Georg Löffelmann has 25+ years of experience in the telecoms industry, of which 15+ years are in leading large teams with both strategic and operational focus.
As a member of A1 Group, he successfully delivered on large international projects and trusts in a large network of both national and international colleagues and industry partners. He has a deep technical know-how regarding mobile network technologies 2G-6G as well as NFV, SDN,(XG)PON, HFC, DSL, SDH, WDM, IP and MPLS.

photo by Sabine Hauswirth

🎉 Congratulations to Fabian Rauscher! 🎉

He successfully defended his #PhD thesis “Advancing CPU Security through Attack Discovery and Systematization” last week. 🎉

We wish him the best in his future endeavors!

So you encrypted your memory? 🤔

Join us for Jo Van Bulck's talk and meet #BadRAM and #BatteringRAM: a new class of memory aliasing attacks that defeat Intel SGX and AMD SEV-SNP confidential computing through low-cost interposition.

📅 May 7th, 2026 | 14:00
📍 CCG Seminar room, CCGEG002

More information 👇
https://www.isec.tugraz.at/event/past-the-perimeter-low-cost-memory-interposer-attacks-on-confidential-computing/

Check out the attacks:
🦹‍♂️ https://badram.eu/
🐏 https://batteringram.eu/

_________________
Abstract:
As cloud computing adoption grows, so do concerns about trust and data privacy. Confidential computing, powered by innovative hardware technologies like Intel SGX and AMD SEV, promises strong isolation and transparent memory encryption to protect against privileged attackers and physical threats such as bus snooping and cold boot attacks.
This talk overviews our recent work on BadRAM and BatteringRAM, showing that state-of-the-art memory encryption can be reliably bypassed with limited physical access and ~$50 of custom hardware. By introducing a novel form of runtime memory aliasing, we defeat even the firmware defenses deployed in response to our earlier findings; ultimately exposing fundamental limitations in today's scalable confidential computing designs.

Speaker bio:
Jo Van Bulck is a professor in the DistriNet lab at the Department of Computer Science of KU Leuven, Belgium. His research explores attacks and defenses at the hardware-software boundary, with particular attention to privileged side channels in trusted execution environments. Jo's research has uncovered several innovative attack vectors in commodity Intel x86 processors that have led to microcode and silicon mitigations in hardware, as well as software patches in major operating systems and compilers.

Join us for Laura Nenzi’s talk “Formal Verification of Neural Networks: Guarantees Beyond Testing”! 🤩

📅 April 30th, 2026 | 12:00

📍 CCG Seminar room, CCGEG002

More information 👇
https://www.isec.tugraz.at/event/formal-verification-of-neural-networks-guarantees-beyond-testing/
_________________

Abstract:
Neural networks are increasingly deployed in safety-critical domains, where failures can have severe consequences. However, standard evaluation based on testing and validation datasets cannot provide formal guarantees about model behavior under all possible inputs. This talk introduces neural network verification, focusing on methods that provide provable guarantees of safety and robustness. We present the problem as checking whether a model satisfies a given property over a set of inputs, such as robustness to bounded perturbations or compliance with safety constraints. We then survey key approaches, including exact methods based on mixed-integer linear programming (MILP) and SMT solving, as well as more scalable but approximate techniques based on over-approximation and bound propagation. Simple examples illustrate how these methods work and highlight the trade-off between precision and scalability. The talk concludes with a brief overview of current limitations and emerging research directions, including certified robustness and integration with training procedures.

Speaker bio:
Laura Nenzi is an Associate Professor in Computer Science at the University of Trieste. Her research lies in formal methods for complex systems, with a focus on runtime verification,spatio-temporal logics, and the formal analysis of cyber-physical systems. She is also interested in verified and explainable artificial intelligence, aiming to provide rigorous guarantees for modern data-driven models.

Yesterday, we celebrated the official opening of the new Cybersecurity Campus Graz building! 🔑✨

After the celebratory speeches, Verena Schröppel, Edona Fasllija, and Lukas Maar, three of our researchers, shared their academic journeys and research topics.

📸 photos by Lunghammer – TU Graz