ATM security is an obscure topic for most people since access to such technology is limited, even skilled technical folks don’t have a clear picture of how an ATM works and is abused. This presentation walks you through the anatomy of an ATM (Automated Teller Machine), describing the most relevant parts, physical security aspects and communication standards. Even with a globally used standard, in real life, an attacker could find an ATM with custom solutions and consequently preventing some of the previous discussed attacks. This talk will describe alternatives to attack these implementations.
Each aspect of ATM security world could be an entire presentation, starting from locks up to understanding these communication standards to obtain the so wanted jackpot $(ړײ)$
Are you ready to be guided for a deep dive into this fascinating world?
Wendel Guglielmeti Henrique has over 25 years of experience in the IT field, 20 of which have been dedicated to offensive security. He has performed countless physical, social engineering, network, wireless, application and ATM penetration tests on organizations around the world, including Fortune 500, government and financial sector.
In 2002 he developed a tool to detect and remove the infamous BugBear virus, before most antivirus companies worldwide.
During his career he has identified vulnerabilities in several technologies, including webmail services, wireless access points, remote access systems, WAFs, IP cameras, VOIP systems, in addition to co-authoring a patent (offensive security) in the United States. He has given presentations at conferences such RSA Conference (US), ToorCon (US), Defcon (US), Black Hat Arsenal (US), OWASP AppSec Research (Sweden), Black Hat Europe (Spain), Troopers (Germany), OWASP AppSecEU09 (Poland), YSTS (Brazil), Defcon (USA) and H2HC (Brazil).
Filipe Balestra is director and founder of PRIDE Security. He has been working in the information security field for over 20 years, focusing on the offensive part. He is one of the organizers of the Hackers to Hackers Conference (H2HC), as well as co-author of articles referenced in numerous conferences and books around the world.
He has published several security vulnerabilities in important software such as FreeBSD, NetBSD, QNX RTOS, Sun Solaris, among others. One of the vulnerabilities was used as a reference in the book "A Guide to Kernel Exploitation - Attacking the Core", published by Syngress.