POPULARITY
3 episodes with jackpotting
4 episodes with jackpotting
2 episodes with jackpotting
3 episodes with jackpotting
2 episodes with jackpotting
2 episodes with jackpotting
The Crosspod that no one asked for is here! @arttakesnote of Jackpotting around makes the High Notes debut
Millions of dollars are stolen from ATMs at the same time in 28 countries. An army of money mules stuff the cash into bags. Do they know who they are really working for? In just over two hours, the thieves take nearly $14 million - all from the accounts of Cosmos Bank in India. The hackers are back! #LazarusHeist
Term #1- Recall Recall is interchangeable with 'come when called'. So basically, recall refers to your dog's ability to come back to you when you call him/her. Recall is one of the most important behaviors you can teach your dog! Term #2- Marking/Clicker If you hear the term 'mark the behavior' that simply means to give your dog a distinct indicator of exactly when the correct behavior occurred. So for example, if you are teaching your dog to sit you would 'mark' that behavior the instant your dog's butt hits the ground. Marking can be done by using a 'marker word' like "yes" or "good" or by using a training clicker. A clicker is a simple tool that gives a distinct "click" noise when pressed. By using a marker word or clicker while training, you can more clearly help your dog identify the exact moment they did a behavior correctly. And when they understand the timing of when they did something right, the more likely they'll be to do it again in the future! Term #3- Zoomies While this isn't a "technical" term, it's one you will hear quite often. The zoomies are essentially when your pup gets a burst of energy and runs wildly around. It can involve running back and forth, spinning in circles, overall just acting a little wild. It often happens right before your dog is getting ready for bed, when you come home, and/or after a bath. The only cure for the zoomies is letting your dog zoom around
A splendid Wednesday crossword, almost right at 50% on the crossword difficulty scale (expressed in FBPM, Furrowed Brows Per Minute). The theme was intriguing, it had the word IMAGINEER in the grid (Mike's aspirational career choice), and it had the word "Jackpotting" among the clues. To find out what that means, and much, much more, hit the ol' download button to your left(?) right(?) It's sure to be around there somewhere ...
- www.bleepingcomputer.com: New destructive Meteor wiper malware used in Iranian railway attack - www.europol.europa.eu: Russian-Speaking Hackers Arrested in Poland Over ATM Jackpotting Attacks - threatpost.com: UC San Diego Health Breach Tied to Phishing Attack - www.darkreading.com: Florida DEO Discloses Data Breach Affecting 58,000 Accounts - www.govinfosecurity.com: What Can Be Done to Enhance Electrical Grid Security? Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support
Desde hace unos años, se han crackeado cajeros automáticos para robar grandes cantidades de dinero ¿Se repetirá en este Buen Fin? Apóyanos en Patreon: https://www.patreon.com/edc8 Página de Facebook: https://www.facebook.com/EDC8Podcast/ Canal en YouTube: https://www.youtube.com/channel/UC90u-S5fyDm3GObgpon8hUg --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app
This episode was recorded on: September 10, 2020 This week, Jonas and Aamir dive into the growing popularity of Ransomaware-as-a-Service and discuss the new North Korean threat actor, BeagleBoyz, who keep attacking ATM’s (cause that’s where the money is).
The new hardware-based attack, which has targeted machines across Europe, can yield a stream of cash for the attacker.
Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities, Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware, 8 Cybersecurity Themes to Expect at Black Hat USA 2020, Twitter says hackers viewed 36 accounts' private messages, and how Thieves Are Emptying ATMs Using a New Form of Jackpotting! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw659
This week, we welcome back Zane Lackey, Chief Security Officer at Signal Sciences, to talk about the Affects Of COVID-19 On Web Applications! In our second segment, we welcome back Sumedh Thakar, President and Chief Product Officer at Qualys, to discuss The Power of the Cloud Platform, One Single Agent, One Global View! In the Security News, Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities, Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware, 8 Cybersecurity Themes to Expect at Black Hat USA 2020, Twitter says hackers viewed 36 accounts' private messages, and how Thieves Are Emptying ATMs Using a New Form of Jackpotting! Show Notes: https://wiki.securityweekly.com/psw659 Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities, Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware, 8 Cybersecurity Themes to Expect at Black Hat USA 2020, Twitter says hackers viewed 36 accounts' private messages, and how Thieves Are Emptying ATMs Using a New Form of Jackpotting! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/psw659
This week, we welcome back Zane Lackey, Chief Security Officer at Signal Sciences, to talk about the Affects Of COVID-19 On Web Applications! In our second segment, we welcome back Sumedh Thakar, President and Chief Product Officer at Qualys, to discuss The Power of the Cloud Platform, One Single Agent, One Global View! In the Security News, Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities, Fugitive Wirecard Executive Jan Marsalek Was Involved In Attempt to Purchase Hacking Team Spyware, 8 Cybersecurity Themes to Expect at Black Hat USA 2020, Twitter says hackers viewed 36 accounts' private messages, and how Thieves Are Emptying ATMs Using a New Form of Jackpotting! Show Notes: https://wiki.securityweekly.com/psw659 Visit https://securityweekly.com/signalsciences to learn more about them! Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
In today's podcast we cover four crucial cyber and technology topics, including: 1. ATM vendor warns of new attack in Belgium 2. Emotet is back with global campaign 3. UK drivers push UBER for GDRP compliance, data retention rights 4. DNS caused Internet issues for many 17 July I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
Kolton Schmidt is back with another roping lesson on The Score. Schmidt shares a personal struggle that he has encountered during his COVID-19 rodeo break. There have been more jackpots than ever and Schmidt has taken this break to practice more than ever and enter a few extra jackpots. He has found challenges between separating his practice sessions and his jackpotting. In this roping lesson, Schmidt discusses how he has to work at separating practice sessions from jackpotting by learning to react. See acast.com/privacy for privacy and opt-out information.
In this special podcast we will focus on cyber attacks known as ATM jackpotting. This type of attacks is gaining popularity and worth taking the time to get to know it better and understands. You probably seen movies where the ATM starts to spit out cash to the street with no reason, listen to the podcast or read the full blog to learn more about this type of cyber attacks. read the full transcript at: https://blog.cybercure.ai/?p=528
SICUREZZA - La storia del bancomat che sparava soldiQuesta è la storia di un bancomat impazzito che ad un tratto si è messo a sparare banconote. Il povero bancomat era malato: aveva il jackpotting.E' quello il nome della truffa che, grazie a un malware, fa sì che gli sportelli vadano fuori controllo. Uno dei paesi più colpiti in Europa è la Germania, ma gli episodi crescono un po' ovunque.Come funziona il jackpotting, altro terreno di gioco della cybersecurity? Scoprilo nel podcast. Buon ascolto!Altri contenuti su www.radioit.
After a two-week hiatus from the podcast, Dave returns for the 114th installment of the Transatlantic Cable Podcast. We open the episode looking at the latest news on the Facebook front. Unlike most of our podcasts, the focus won’t be on privacy snafus, instead, we will look at the latest news with Facebook’s Libra. Following up on that, we head across California to Google. In this week’s story, the focus is on the privacy surrounding smart speakers and whether or not owners should disclose their presence to guests in the house. The third story has us jumping to a more global scale where ATM jackpotting is once again in the spotlight, this time it is Cutlet Maker. For the fourth story, we discuss the latest scam tied to jailbreaking iPhone. To wrap up the podcast, we discuss discount phone protectors and how you may get what you pay for.
SICUREZZA - La storia del bancomat che sparava soldi Questa è la storia di un bancomat impazzito che ad un tratto si è messo a sparare banconote. Il povero bancomat era malato: aveva il jackpotting. E' quello il nome della truffa che, grazie a un malware, fa sì che gli sportelli vadano fuori controllo. Uno dei paesi più colpiti in Europa è la Germania, ma gli episodi crescono un po' ovunque. Come funziona il jackpotting, altro terreno di gioco della cybersecurity? Scoprilo nel podcast. Buon ascolto! Altri contenuti su www.radioit.
Overview: As the tax against self service endpoints evolve to be more complex, and many financial institutions struggle to keep up, there's a growing demand for security management services in the industry. In this podcast, you will hear about this trend and what it means for financial institutions. Resources: Blog: A look at how ATM security has changed … and how it hasn’t ATM Security Management: Know Your Options COMMERCE NOW (Diebold Nixdorf Podcast) Diebold Nixdorf Website Transcription: Amy Lombardo: 00:00 Hello again, and thank you for joining us on this episode of Commerce Now. As the tax against self service endpoints evolve to be more complex, and many financial institutions struggle to keep up, there's a growing demand for security management services in the industry. Today I have the pleasure of being joined by Julie Osborne, our Global Vice President of Diebold Nixdorf's Service Portfolio, and Martin Nearhos, Principal Security Architect for the Global Services Portfolio Division as well. We're going to hear about this trend and what it means for financial institutions. So, hello Julie and Martin. Thanks for being with me here today. Julie Osborne: 00:38 Thanks Amy, it's a pleasure. Thanks for having me. Martin Nearhos: 00:41 Yeah, thanks Amy. Happy to be here. Amy Lombardo: 00:44 Okay. I'm really excited here, because I'm based here in the US, but I'm talking to two subject matter experts who are in our Singapore office. It's great to just have this global view on this security topic. So, let's dive in here. Let's start with just a high level question on why do you think financial institutions are having difficulty managing their self service security? Martin Nearhos: 01:10 That's a good question. Maintaining the security of the customers' assets and information has always been a high priority for the industry, but threats against the self service banking channel have evolved. It's now much harder to keep up. A tax against ATMs have traditionally been isolated to geographic regions, and slow moving out of those regions, but this is no longer the case. We're now seeing increasingly complex attacks, such as various forms of jackpotting, taking place across the globe, and at the same time the threat of traditional physical attacks hasn't really gone away. It's a lot to combat. Julie Osborne: 01:47 If I might just add to what Martin said, financial institutions usually don't have the time or in-house expertise to keep security measures up to date. As retail banking paradigms shift, banks and credit unions are under a lot of pressure to do more with less, and even if financial institutions wanted to hire in-house security specialists, as businesses and governments fight cyber security threats, these resources tend to be really expensive and in high demand. Also, as we all know, this constant pressure to stay compliant with security regulations and industry standards, ATM security service providers can help relieve the burden of staying on top of changes and staying protected against attacks. Amy Lombardo: 02:28 Okay. Got it. Martin, if I can ask this to you before we jump into this whole idea of doing more with less, since you're located in the Asia Pacific region, are there certain types of attacks that you're seeing on the rise today? We talked a lot about jackpotting in the Americas, but could you give us an idea of maybe what you're seeing over in your region? Martin Nearhos: 02:51 The Asia Pacific region is quite diverse. You've got many different markets at many levels of maturity, so it varies. Locally you won't get, say Singapore, there's a certain limit to attacks, whereas in other countries very close by, you've got a much broader range of attacks. It's complex and it doesn't move. Amy Lombardo: 03:15 Got it. Yeah. It sounds like no matter where you are, just keeping on top of that security is always going to be top of mind here. Martin Nearhos: 03:22 Yep. Amy Lombardo: 03:23 Okay. Let's talk about this idea of doing a little more with less. When we're looking at it from a financial institution standpoint, can we talk a little bit about why they should be looking into outsourcing their ATM service and management? Julie Osborne: 03:37 Oh, absolutely Amy. I might take that one. It's becoming increasingly popular for FIs to work with organizations that have intimate knowledge of the ATM channel, and offer specialized security services as part of ATM fleet management arrangements. They will want someone who can offer 24/7 secure operation centers for monitoring, and who can also take care of all necessary maintenance, hardware and software upgrades, and updates for them. Some FIs don't have the capability in house to reliably maintain secure ATM environments, and others would just simply rather have someone else handle it because it is a specialist capability, as I said. So, if FIs are looking to take the burden off themselves and effectively manage the security services of the ATM fleet, with an ATM security service provider such as Diebold Nixdorf, they should look for a provider who can deliver the following three things. First, you'd want optimized security through 24/7 monitoring, proactive threat elimination, and an in depth understanding of emerging threats, to try and protect against attackers. Second, you'd want increased efficiency, freeing the FI from day to day ATM security management responsibilities, or streamlining processes. Third, you want a service that will effectively manage operational risk, to provide real time threat insights, and offer remote troubleshooting, and has a deep understanding of the industry requirements. Ultimately, I think the best approach is a multilayered security protection approach that offers real time information to ensure ATM networks are protected and available, whilst also providing the information FIs need for a [inaudible 00:05:17] ATM security audits. Amy Lombardo: 05:19 Okay, got it. Those three points were really helpful here, especially in looking to determine your outsourcing, your Managed Security Services, but what does an engagement actually look like for an financial institution? What are some of the specific options, and what would it take to get a program like this up and running? Martin Nearhos: 05:41 I can take that. If you're an existing customer, and you're already ready using sort of self service fleet management, which is just a suite of services designed to run multi-vendor self service devices cost effectively, the customer can sort of decide what level of protection makes sense for their organization, based on their risk profile and their operational risk. If you're a new customer, we'd look at all the fleet details that required. The ATM make, the model, physical location, that would all be analyzed. Then the customer would select the appropriate security service, and again, it's based on their business and operational risk. We suggest that whatever FIs choose is a core security service. The services offered should, at the very least, provide everything needed to comply with industry standards and requirements such as those developed by the Payment Card Industry Security Standards Council. It should also include the hardening of various aspects of the ATM with remote monitoring and software patch deployment. It would also include things like device monitoring, secure connectivity, managed firewall, peripheral device control, anti malware, antivirus, and of course intrusion detection and prevention. Then the FI can have the option to build upon that basic level of services for such things as protection against complex logical system attacks. Although I would recommend this sort of protection to everyone, we know that financial institutions want to prioritize their investments in advanced security, and they just can't do it all at once. With these types of services, FIs can then rely on the security service provider to proactively monitor the ATM for suspicious activity, protecting terminals more effectively in real time, responding quickly when attacks are detected, and engage with customers to resolve the incident, and take the burden of managing the self service fleet off the FI, who, as we've already said, may be stretched pretty thin on resources. Amy Lombardo: 07:42 So Martin, if I can ask you a question here just based off of the compliance portion, the regulation portion of what you mentioned, I would think that's pretty important, almost as a value added services as well, that your security partner could provide you almost with the consultation, the education, on what all these requirements might mean for your institution. Am I thinking about that the right way? Martin Nearhos: 08:11 You are. There's some industry standards that, across everywhere, but what happens is you get into regional areas. Some have slightly different requirements, so as a global offering, it's quite difficult, but we have specialists in all the major regions that could offer that service. Amy Lombardo: 08:29 Okay. Thank you. Okay, so to close out this topic, have you heard how customers are responding to these types of Managed Security Services in the industry today? Are they able to focus more on their customers without the burden of managing their own ATM security services then internally? Julie, how about you take that one? Julie Osborne: 08:51 Thanks Amy. Actually we have. We've seen some very positive results from the financial industry. Threats against the self service channel aren't going away anytime soon, but with Managed Security Services, financial institutions can spend less time trying to prevent attacks, and spend more time with their customers growing their businesses, and ultimately that's where we want them to be. Martin Nearhos: 09:11 And, just as the FI is focusing on on their customer, the security service provider, but it's got to focus on continuing to evolve and develop, because the expectations will continue to rise, and FIs will expect to be offered more value in the future as well. Amy Lombardo: 09:29 Well great. This sounds like a no-brainer to me. I would want to stay protected and just not have that burden internally. Thanks Julia and Martin for being with me here today, and to our listeners for tuning into this episode of Commerce Now to learn more about Managed Security Services, and how FIs can better protect themselves. Log Onto DieboldNixdorf.com. Until next time, keep checking back on iTunes or your favorite podcast listening channel for new topics on Commerce Now.
Podcast Summary: No other crime is more romanticized by pop culture than the bank robbery, and no type of criminal more than the thief. Think Bonnie and Clyde, John Dillinger, the Sundance Kid and Butch Cassidy. What comes to mind? Tunneling under the bank, cracking safes, elaborate escapes, and adrenaline-filled action. However you feel about them, one thing is certain; those type of heists, no matter how notorious and exciting, are slipping in to antiquity. We’ll probably never have another fated criminal couple like Bonnie and Clyde, or another escape artist and thief like John Dillinger, for the simple fact that their methods are outdated. Today’s criminal is more apt to attack from their home computer than at the teller window. They crack codes, not safes, and the only mining they’re doing involves data. In this episode, Scott Harroff and Dave Phister talk about cyber security, cyber criminals, and how industries can protect their data, their software, and overall – their cash. Resources: Blog: https://blog.dieboldnixdorf.com/our-commitment-to-you-as-your-security-partner/. DN website: www.dieboldnixdorf.com COMMERCE NOW website: www.commercenow.libsyn.com Transcription: Amy Lombardo: 00:00 No other crime is more romanticized by pop culture than the bank robbery, and no type of criminal, more than the thief. Think Bonnie and Clyde, John Dillinger, the Sundance Kid, and Butch Cassidy. What comes to mind? Tunneling under the bank, cracking safes, elaborate escapes, and adrenaline filled action. However you feel about them, one thing is certain: those types of heists, no matter how notorious and exciting, are slipping into antiquity. We'll probably never have another fated criminal couple like Bonnie and Clyde, or another escape artist and thief like John Dillinger, for the simple fact that their methods are outdated. Today's criminal is more apt to attack from their home computer than at the teller window. They crack codes, not safes, and the only mining they're doing involves data. In this episode Scott Harroff and Dave Phister talk about cyber security, cyber criminals, and how industries can protect their data, their software, and overall, their cash. I'm Amy Lombardo, and this is COMMERCE NOW. Scott Harroff: 01:19 Hello again. This is Scott Harroff, your host for this episode of Commerce Now. The last time I was on this podcast I spoke with Bernd Redecker on what jackpotting could teach us. You'll find that episode on www.commercenow.libsyn.com iTunes or however else you listen to your podcasts. Today, I'm joined by Dave Phister, Director and product manager responsible for security at Diebold Nixdorf. Today we're going to talk about cyber security and touch on exactly what cyber security is from our perspective and how criminals are turning to digital means to acquire things like money and data. Hello, Dave, and welcome. Thanks for joining today. Dave Phister: 01:56 It's a pleasure, Scott. Thanks for having me. I've been honored here since you're becoming a bit of a podcast regular, for you. Scott Harroff: 02:04 Well, thank you very much. I never knew being a podcast star was in my history, but I'm happy to roll with it. As I said, today our focus is on cyber security, and when you and I hear this term, we have a pretty good understanding of what it means between you and I, but a lot of times people think that it's all about foreign hackers stealing secrets. Can you give a little bit of color around our definition of cyber security. Dave Phister: 02:29 Yeah, I sure can. It's a great question, Scott, and a great point. I think simply stated, cyber is anything related to computers or computer networks. That could of course, include the internet, so then cyber security would be the measures taken to protect the computer or computer system against unauthorized access or attack. In our industry, that's typically been referred to as logical attacks, but they're really just attacks on the digital components of the ATM. As you know, the ATM contains a computer, a hard drive, uses a Windows operating system, has USB ports. It's a, amongst other things, a computer client hanging off of a network, much like a desktop computer at work. It just happens to be controlling a safe full of cash. Strictly from a computing standpoint, the security controls required to defend the computing aspect are really no different than any other network, whether it's a national security system protecting those secrets, or essential server in a fortune 500 retail data center. The tools, tactics, techniques, and procedures to compromise, or hack, the components, are the same everywhere we look. So additional to a firewall, it needs other cyber security like encrypted hard drives, digital signatures, access controls, proper patch management. I think this is where the industry has let down their defenses a bit. OEMs and financial institutions haven't taken enough care to maintain current technology and protect the software and computing assets of the ATM. In addition to protecting the cash, as you mentioned, data must be equally protected, specifically the computing components that process that data, else compromise is a matter of when, not if. I think one perception is that cyber security defends against a hack originating from cyber space, which would mean something remote. Though ATM networks are not connected to the internet, they still connect to a bank network somewhere, and I would remind our listeners that as recently as 2016, we witnessed an ATM attack. It was launched solely from a remote network, in this case the voice recording network was breached in Europe, the hackers navigated their way to the ATM segment, pushed malware down to the ATMs, and the mules were waiting for cash to dispense. Anything is possible as commerce, payments, and channels connect, Scott. More and more every day. Scott Harroff: 04:40 Great. Now that our listeners understand what cyber security is when we use that word, what sort of cyber security threats do our customers face, and what do you think the biggest risks are? Dave Phister: 04:50 As you discussed, Scott, with our colleague Bernd Redecker in the previous podcast, the jackpotting attacks we've seen recently in the Americas, they can all be categorized as cyber attacks. The January jackpot attack where they removed the hard disk, loaded malware, and replaced it was possible because the customer didn't employ hard disk encryption. It's a fundamental cyber control. Earlier attack took advantage of a weakness in a very old USB security protocol and would have not have been possible had the customer deployed the latest AAES USB security encryption. Then as I mentioned, 2016 attack in the AP regions clearly executed remotely. There was no behavioral monitoring software installed, like a McAfee or Symantec or Bit 9, Binamic, so finally, one point here, Scott, financial institutions are continuing to see cyber attacks in the internet and the mobile arena as well. The mobile device is now a connected component to the ATM and now we're seeing financial institutions have cyber attacks against the mobile wallets in the internet banking services. Though the fraud redemption's occurring at the ATM, there's nothing the ATM can do to prevent it. It looks like a valid mobile EMV NFC connection, but the transaction is actually fraudulent. What are the risks? Systems mostly in unattended operating environments. Systems that don't improve their top hat security with better locks, intrusion sensors. Anything with outdated hardware and software, old unpatched operating systems are the biggest risks. The example I like to give is there are so many ATMs out there running Windows XP. That's a very old, outdated operating system. Systems with no sign or encrypted software, or hard disk encryption, or just encryption in general. Anything that lacks access control and authentication enabled to protect the internal computing system. Lastly, as Bernd mentioned in the previous conversation you had with him, Scott, behavioral monitoring software. If it's not on systems today, systems certainly can be at risk. I think, Scott, you'd agree that a branch lobby system that's mostly attended may not need the same protections as a lesser attended system at convenience store, but on average we're simply not making it hard enough on the criminals, regardless. Scott Harroff: 06:59 Yeah, I completely agree with you on the thought of a lobby ATM being different than an ATM on a remote location, and since financial institutions don't have unlimited funds, the idea of I have to do all my security the same everywhere on every ATM is probably not the right approach. There's probably ways to do a better job of allocating resources. You've talked a lot about ATMs and ATM security, but at the same time, I look at it more of an ecosystem where the ATM is interacting with other things, especially as we move into the world of ATMs connecting into not only the ATM transaction processing system, but now they're connecting into cores and they're connecting into web servers and interacting with databases on a customer's network, and just as recently as last week I saw an alert coming out from the FBI where they're talking about now there's cyber attacks against financial institutions where the hackers are not really attacking the ATM in any way, shape or form. They're going in, they're attacking the core system, they're changing account balances, they're changing daily withdraw limits, and they're just using the ATM as a mechanism to get the cash out. That's a cyber attack against something completely different that impacts the ATM, so I'm kind of wondering about your thoughts on how do you protect the end to end channel? Dave Phister: 08:18 Yeah. It's a great question. Certainly, as you indicated, there are many end points, or there are many attack points in the chain of the transaction sequence. You really have to identify the critical components, categorize those assets, and identify the risks, and then deploy the appropriate controls. Ideally, end to end security would protect the connection from the host all the way down to the ATM, as you know Scott, end to end security is certainly complex in itself. Requires additional support and resources from not only the ATM but from the host itself in the way of key management. I think ideally, in that world, we'll get to one day, but right now I think we have to focus on setting controls on the operating system, setting controls on the system software, setting application security software, setting the firewalls, and doing all the fundamental components at the ATM to protect the endpoint as we then focus on how the network now begins to converge into this world of connected commerce introducing mobile devices and other components in the ecosystem. Scott Harroff: 09:32 Completely agree with you, Dave. I think one of the other things that a lot of customers should look at, is not only their protective controls, and not only their detective controls, but what do I do when something does happen? What's my instant response plan. I've talked to a lot of customers in the last couple weeks where they're relying on something to protect them, but when they notice something bad going on, and I say, "Well, what's your instant response plan? How are you going to turn that account off? Who's going to do it at two in the morning? How quickly can you turn it off?" All of a sudden I'm getting customers that are saying, "Wow, I really haven't thought about how we're going to handle everything after the event starts." I think having an instant response plan is also a really important part of this. Now that we now what the threats are facing our customers, let's touch on how FIs can combat those risks over all. Can you expand a little bit on this and talk about how FIs should be protecting them against physical, cyber, and fraud threats this year and next? Dave Phister: 10:29 Yeah, absolutely. I think certainly the comments you just offered with regard to having an incident response plan in place is certainly critical, by every stretch of the imagination. FIs certainly need to be focusing on that in the ATM space. At it's highest level, I think it starts in the boardroom, Scott. Security is a foundational part of the customer's user experience, and the trust in the brand, so an investment strategy must include security [inaudible 00:10:59] component. On average, that hasn't necessarily been the strategy. Don't get me wrong. We have plenty of customers, as you know, that do have progressive security investment strategies, but they're the minority by far, so it has to become a recurring percentage of revenue operation. Second, technology refresh, it must become a normal recurring commitment. It changes to rapidly. We have to do a better job of deploying the latest software and hardware, because it's this software and hardware that enables the latest security features with the latest technology that the hackers, as you know, are definitely taking advantage of the latest technology, so we have to put ourselves in a position to defend against that pace. I think we need to recognize that from a funding and a budget perspective, criminals do have access to the funds, so we can no longer make that argument. We have to provide the funds and we have to maintain configurations in a current fashion. Third, customers need to embrace a zero trust model and deploy layers of security. Prevent physical access to the top hat with proper intrusion prevention. That's layer one. Then deploy access controls to reduce privileges and force authentication. Layer two. Then encrypt communications and data that's flowing within the system. Then finally, as Bernd suggested, start deploying behavioral based security software that could detect abnormal behavior and respond appropriately in the event that one of those three earlier layers was circumvented and malware may be running on the machine. I think in the end, these three components are how we can get the customers to improve their protections in the future, Scott. Scott Harroff: 12:50 Yeah. I agree completely. That's a lot of great information on how the financial institutions can protect themselves from attack. To wrap up our conversation Dave, let's talk about what's next. What developments have you excited on the security front? Dave Phister: 13:05 I believe there is an emphasis now on analytics in the industry. I think it's a long time coming. I think financial institutions can harness this ATM data sensing and respond to not only operational aspects of the ATM, but security risks as well. I think this working in accommodation with an ATM behavioral monitoring capability as an example, could certainly transform security at the ATM. There's a movement on the mobile security front. We talk a lot about mobile interaction with the ATM. This is the next big user interface and the component to the ATM, certainly PCI has posted guidance, and deployments using mobile devices are happening today. We're seeing a lot of that usage increase, so we certainly need to focus on security around mobile devices. Then, the standards bodies are doing work as well, which I think is important. PCI is pressing for stronger cryptography to be used, like TLS instead of SSL, AES instead of Triple DES. I think maintaining current cryptography certainly will help defend the systems of the future, certainly when we consider that the attackers have access to the technology that could be used against it. Biometrics is slowly making it's way to the conversation. I think we expect more in that space in the future, especially as it pertains to data privacy controls, so again, a lot of areas where I'm excited with regard to the industry, and then areas where security is a vital component in the industry as well. Scott Harroff: 14:47 Yeah, I agree, and I look forward to a time when the security controls and mechanisms are widely supported across all the platforms. Some of the networks that we work with are outstanding at security, and they have TLS implemented, and they have great fraud systems, and some of the others aren't quite there yet. I look forward to having a nice common platform where everybody's really on the same playing field and everybody's working together against fraud versus maybe institutions one, two, and three are doing their own thing, institutions four, five and six are doing something different. That's one of the things I look forward to seeing. Is there anything else that our listeners should take away with today, regarding our conversation? Dave Phister: 15:28 Yeah, a couple final thoughts, Scott. First and foremost is communicate and share. We're in a global fight against crime, whether it's communication with PCI, East, ATMIA, secret service or the FBI, certainly we can talk about the latest FBI alert that we've seen in the news here in the last week or so. I think that's just another indication of sharing from the government side to the private side. This information, if shared, can be used in the global fight against fraud. Then, secondly, I'm a big fan of the National Institutes of Standards and Technology. Many believe work like the NIST risk management framework applies only to federal systems, but that's not true. This work translates into the critical infrastructure in the banking industry, and their cyber security framework is the policy framework of computer security guidance for how private sector can asses and improve their abilities to prevent, detect and respond to cyber attacks. Again, there's a lot of great work being done that can be embraced in the private industry by financial institutions. Then, I also encourage our listeners to visit the East security page and take a look at the cyber attack mitigation link. Very insightful information and guidance on cyber security beyond just the firewalls. Scott Harroff: 16:51 Again, thank you Dave for being here today, and to our listeners for tuning in to this episode of COMMERCE NOW. To learn more about cyber security and how financial institutions can protect themselves against these types of attacks on digital systems, log into DieboldNixdorf.com. Until next time, keep checking back on iTunes or your podcast listening channel, for new topics on COMMERCE NOW.
In today's podcast we hear that Tehran seems ready to follow Pyongyang into state-sponsored theft to redress financial shortfalls: cryptocurrency ransomware looks like Iran's preferred approach. DarkHydrus uses commodity tool Phishery in Middle Eastern campaign. Jackpotting cryptocurrency ATMs. The US imposes sanctions on Russia. Reality Winner's sentencing date announced. IBM looks at artificially intelligent malware. The mob's role in the cyber black market. What's the bigger gaming threat, sideloading apps or the Fortnite dance? We're asking for a friend. Awais Rashid from Bristol University on issues with software warranties. Guest is Cheryl Biswas from the Diana Initiative, a conference in Las Vegas celebrating diversity, women in security, and how to pursue a career in information security and technology.
Podcast Summary: Black box attacks. Cyber attacks. Malware. Manipulation of the hard drive. There are so many factors and variations when it comes to jackpotting attacks that it can make your head spin. These attacks are constantly evolving in their sophistication, but that doesn’t mean you should give up the security ghost. Every attack teaches us something new – from the preferred ATM target to the preferred type of malware. Studying these attacks and closely scrutinizing every aspect of a jackpotting attempt allows us to get ahead of the attacks and become proactive instead of reactive. In this episode, our security gurus Scott Harroff and Bernd Redecker will discuss the lessons and takeaways banks can learn from jackpotting and security, and how they can get ahead of the problem BEFORE it costs them. Resources: Blog: https://blog.dieboldnixdorf.com/what-recent-jackpotting-attacks-can-teach-us/ Sign-up for Security Alerts: http://pages.e.dieboldnixdorf.com/ATM-Alert-Subscription?_ga=2.241321483.882907520.1533304320-1846737074.1524590636 DN website: www.dieboldnixdorf.com COMMERCE NOW website: www.commercenow.libsyn.com Transcription: Amy Lombardo: 00:01 Black box attacks, cyber-attacks, malware, manipulation of the hard drive, there are so many factors and variations when it comes to jackpotting attacks that can make your head spin. These attacks are constantly evolving in their sophistication. But that doesn't mean you should give up the security ghost. Every attack teaches us something new, from the preferred ATM target to the preferred type of malware. Studying these attacks and closely scrutinizing every aspect of a jackpotting attempt allows us to get ahead of the attacks and become proactive instead of being reactive. In this episode, you'll hear from two security gurus, Scott Harroff and Bernd Redecker. They'll discuss the lessons and takeaways banks can learn from jackpotting and how they can get ahead of the problem. I am Amy Lombardo and this is COMMERCE NOW. Scott Harroff: 01:05 Hello again, and I'm Scott Harroff, your host for this episode of COMMERCE NOW. If you recall, Amy Lombardo and I had a great conversation on jackpotting a few weeks ago. And today I'm joined by Bernd Redecker, Diebold Nixdorf's Director of Corporate Product and Solution Security, and we will take a deeper dive into what recent jackpotting attacks can teach all of us and the best ways to protect against them. Thanks for joining me today Bernd. Bernd Redecker: 01:29 Scott, it's a pleasure to be here. And thanks for the opportunity. Scott Harroff: 01:32 Okay, so let's recap a little from the last jackpotting podcast. First, we've seen an expansion of jackpotting attacks in 2018, especially in the Americas. Secondly, while these attacks don't feature brut force, they combine aspects of physical and logical manipulation of ATMs. And then looking back at four ATM security alerts from this year, it's clear that protecting yourself requires a holistic security approach. So, diving right in Bernd, can you remind our audience that although there is no one type of jackpotting attack, what are some of the major types of jackpotting that can occur. Bernd Redecker: 02:07 Scott, thank you very much. The term jackpotting, first of all, basically refers to getting money out of an ATM. And jackpotting is coming from the gambling machines, basically you win the jackpot. Jackpotting as such, the term has been defined or it has been created already some years ago. There is a general distinction between different verines. One is called a black box jackpotting and black box simply means that the attacker brings his own electronics. As you already said, jackpotting is always a combination of a physical and a logical breach. When this is done on-sight, like with a black box, the attacker has to open the machine, he brings his own processor, his own CPU, connects the cash hunting device of the ATM with his box and then has the machine paying out money. Of course it's not as easy as it sounds at the moment. They will have to circle then security measurements. They will have to break security measures which are there, which are in place or which should better be in place. But I guess we'll talk about that a little bit later. There's another attack vector. And that comes with all the equipment which is already present at the machine. So the second one would be attacking the hard disk drive of the existing CPU in the ATM. We see several cases where they rip off the disk of the ATM, take it back to their car, infect it with malicious software, put it back in again and then jackpot the machine. And that, again, has different verines. Some of them have malware, some of them have even modified legal applications. And we can go through that as we touch the different alerts. And especially this year we have seen a [inaudible 00:04:04] of that. I guess we are going to touch now, right? Scott Harroff: 04:08 Yeah. And these attacks are really only across the four alerts that we just talked about. And I know there's other types of jackpotting. And as we've seen recently, these attacks continue to evolve very quickly. So it really is crucial to stay up to date and know what's going on. Can you talk about the January 25 alert and give us some specific takeaways? Bernd Redecker: 04:29 Yeah, the January 25 alert ... And by the way, if you would like to, please register for our security alerts, can find them on our home page. Alert from January 25th refers to, again, a combination of both attacks. It was HD a replacement attack. However, it was also using physical manipulation in the ATM, which means they did a combination of both to be able to get to the cash. And the challenge here is looking at outdated stuff, looking at outdated protections may open potential attack factor which the attackers then exploit, which means we definitely have to take care that protection is checked and verified over the time, machines are updated in a timely manner, and policies which are on the machine get updated. Scott Harroff: 05:22 Yeah. And I'll tell you, as I keep looking at what goes on, our original alerts on the Diebold side having XFS 4139 and then 4141, then 4146 and 4148, it just seems like these guys ... You close one door and turn the lock so they can't open it, and they turn right around and they start looking for the next door as soon as you finish turning the lock on the first door. So help us understand a little bit about how the May alert is different than the January alert. Bernd Redecker: 05:53 In that case, the attackers brought their own laptop. So the difference there is January it was disk infected, in May they brought their own computer in case it was infected. It was a small notebook. They disconnected the original PC, which means all of a sudden all logical countermeasures are completely obsolete, they can't help any longer. They connected directly to the dispenser and then they have been using physical measurements to trick the whole machine into communicating with a second notebook. That's the bad thing about it, we are seeing these combinations of physical and logical attacks more and more, taking advantage of processes. The bad thing is it doesn't help any longer to build another fence, to build another protection mechanism, which they are then starting to re-engineer. We have to change completely the way we protect the machines. And what has shown good progress is going to a model where we have more behavioral situation. And basically that's what we did in the May topic. However, please keep in mind, of course you will have to update the machines. We have machines out there, we just have been involved in an investigation with a customer with the average age of the machine, was 17 years unpatched, never updated. These machines are liable for attacks or can fall into attacks just because they are that old and that outdated. If we update them regularly, if we maintain them regularly, on a regular base, we can protect them. But of course the attackers, as soon as we close a door, are going to try and find another one. Scott Harroff: 07:45 Yeah, and there's something I really want to drill in on there a little bit, Bernd, because I'm in front of a lot of customers here in the US and I get this perception, especially from some of our larger financial institutions, that they've got the opinion that I'm running, I won't mention product names, but I'm running Vendor X antivirus product or I'm running Vendor Y whitelisting product or I'm running Vendor Z super security product on my hard drive, and because I've got all these products protecting me from a security standpoint, from the yellow vendor and the red vendor and the blue vendor and everybody else, because I've got all this security on my hard drive I don't need to do software updates. And what I think I just heard you clearly say is that's not the case. If you've got the greatest security running on your hard drive but you're missing this firmware update, you're vulnerable, right? Bernd Redecker: 08:42 It depends. Of course it depends. You are right, there is no silver bullet. There is no bulletproof solution. What we have to take into consideration is protection on let's call it three layers, interconnected layers or interconnected levels. One is against what we would refer to as IT or cyber attacks, like malware trying to reach the ATM PC or we have to provide protection against malicious users and we have to think about protection when the machine is being switched off. That is very often forgotten. That would cover attacks directly against the devices. There is no difference, from a logical point of view there is no difference, whether I switch off the machine, the PC, or whether I directly connect to the dispenser. But if we do not offer protection or if we do not consider protection on all of these layers, then there is room for attacks. If there is a gap somewhere, there is room for attacks. If we don't encompass, and that's what I see as upcoming attacks, processes, there is room for attacks. What is also a little bit misleading, and again, like you Scott, I don't want to talk about product X, Y or Zed, the ATM in most cases is running a little bit specialized but more or less standard PC, which means we are looking at a standard operating system which you know from your office environment. So why the heck don't we deploy office protection tools? The biggest difference is, think about your computer, when you switch it on, well maybe not in your home environment but definitely in your office environment, the first thing you will have to do is you will have to enter a password, even before the operating system starts. Well, here, with ATMs or with POS systems, we are looking at machines, and especially with ATMs, we are looking at machines which are out in the wild 24/7, there is no dedicated user on it who would be able to put in a password when you boot it, which means you will need dedicated security measurements for exactly these environments. If you start deploying standard office environments to these areas, you can think about that, in reality from my experience it has never been a very good solution because there has to be a trade off. When you look at standard antivirus, for instance, your machines or your pattern on your home PC gets updated, well at least hourly. You can't do that with an ATM. It will spoil the bandwidth, it will spoil potentially availability of the machine. So you have to think about other measurements dedicated for self-service machines, dedicated for 24/7, machines running unattended. So we have to take a different perspective on this to be able to offer protection. Scott Harroff: 11:46 Yeah, I agree. I think that when you look at an ATM environment there's a lot of different aspects that you need to look at relative to jackpotting. If you've got an ATM that's sitting in the middle of your lobby, maybe you haven't updated the software for 17 years. With it sitting in the middle of your lobby and the doors are only open from eight in the morning until five at night and people are paying attention to what's happening at the ATM, you've got a lot of vulnerabilities on that ATM possibly but what's the likelihood, if you will, of somebody walking into that branch and opening up the ATM and standing there for the next hour taking notes out of the front of the machine and putting it into a great big bag they have on the floor? It's just not likely to happen. It could. But it's just not really likely. And then you move from there and do a drive-up lane, and depending on how it's configured you got a little bit more risk. It's out there 27 by 7 and maybe the lighting's not as great as it could be. And then you go to the other extreme, maybe I've got an ATM at a gas station or an off-site government building or in a college campus and now you've got an ATM that from a physical standpoint's very exposed. Your likelihood goes up. So I think the other thing, in addition to the tools running on the ATM itself, I think customers really need to look at the physical environment and the risk factors around each ATM and use that as a way to help model what their total exposure is and figure out what to do there and not overlook physical security. I can't tell you the number of customers I've talked to where all their remote ATMs have exactly the same key that they were shipped with from the factory and they have no alarms on the top hat and no one's monitoring to see if the ATMs up or down. So I really agree with you, it's a comprehensive solution that really you've got to look at everything together all at once. Bernd Redecker: 13:33 Like you said, having something like the same key in all machines is never a good solution. Normally security does not come from obscurity, it comes from secrets you have and you possess and you can use in the field, but not from having just something which you think the other one doesn't have. That's impossible. Just one comment on the environment. You're absolutely right, especially when we look at not only the logical attacks, when we look at attacks in total, there are different areas, there are different regions where attacks, some kind of attacks, are more likely than others. Unfortunately, this also applies vice versa. And just because your ATM is in a lobby may help if you think about a bank environment, may help when you're, for instance, in Europe or in North America. We have also seen attacks especially in Latin America where it's not especially a lobby but it's supermarket scenarios where there are ATMs and they have been jackpotted while the store was open. So the crooks have developed patterns where they really don't care who's looking at them, again, depending on the region, depending on the environment, where they simply don't care whether they are being seen, where they try to disguise. We have seen full operations where they even come with their own protection, not armored but in terms of distracting anybody who goes out there and tries to talk with the one who's currently jackpotting the machine. And of course it never looks like what you would expect jackpotting. It's not cloak and daggers, it's not people with raincoats and black hats. It's always people looking absolutely, in these scenarios, it's always people looking absolutely normal, pretending to do normal transactions. And you can tell from the lock files of the ATM and you can tell from the videos that in fact they were cashing out money instead of really doing a normal withdrawal. Scott Harroff: 15:29 Yeah, and we've seen the same thing here in the US. We've had big box retailers with ATMs very close to the main entrances and you've got all those people walking in and out of the big box retailer and your point of sale line is right over there. And of course you've got all those surveillance cameras. And right there in the middle of it for an hour they're jackpotting. Hey, let's talk a little bit about the difference between the May alert and the July alert. So they're both black box attacks. Why don't you give our audience a little bit of information around the differences between the July and May alert just to clarify that. Bernd Redecker: 16:06 Well, the main reason we published another alert on jackpotting and black boxing in July was, first of all it was a wave over here in Germany and with also seeing something similar happening in Latin, but what was really astonishing and what was new at that point and time was a way of organization. So we know that the majority of the jackpotting cases, we do have organized crime, we do have organizations in place who do the jackpotting. In that case the biggest difference was that the guys who were in front of the machines, the guys who did the transport, had absolutely no idea what they were doing. They have been hired completely, well, underground style. So they had no clue why they were transporting a notebook from one country to another one. They didn't have a clue what to do with that in front of the machine other than the description, "Okay, open the machine or break the machine here, there and there. Connect this and then here you go". So that was basically the biggest difference we saw in that. And that it hit in two regions in parallel led us to issue this warning. Again, if the machines are properly updated this should have not been possible. And we have also seen attacks which were unsuccessful due to full protection, at least against known attack vectors. So this proves to help. In this case, the machines were not upgraded. But the main reason for this was the organization grate behind that. Scott Harroff: 17:48 When we look at these attacks, sometimes when we do our forensics it's a very complicated multi-step process that requires ... You have this version of this and this version of that and you're missing this countermeasure and you're missing that countermeasure. And it's really perfect storm of all these things coming together in conjunction with a technical person at the ATM that's really, really smart. What I think I just heard you say is we can go all the way to the other extreme of you have a not sophisticated person that sort of, kind of just pulls out a hard drive and you're missing a patch and they use that as a way to impact the hard drive and put it back in. That's kind of what happened in the July alert, right? Could you elaborate on that a little bit? Bernd Redecker: 18:36 Basically, the guys who are in front of the machine, in that case, are not really aware of that there is a missing patch. What they have is they have typically a device or an instruction or a USB stick or whatever it is for this given attack plus a description. Again, breaks machine here, unlocks a hook there, plugs this in there, and then press a button. And that's all they know and all they need to do. They have no clue that a Microsoft patch was missing or the firmware wasn't on the latest release whatsoever. And that's the world we are moving into where the money mules have absolutely no idea on why they are doing what they are doing. They just know it works. You can also tell that from the controls which are getting embedded into the malware, which is used either in the disk replacement scenarios or in notebooks if we get into re-engineering of them, most of them if we talk about notebooks, most of them have remote connection. If we talk about software and substitution, there is a control embedded where these guys are remotely controlled in terms of the brain who gave them the notebook knows exactly, knows later on exactly how much money is in the machine and how much the mule would have to deliver. But the person on-site does not know that there is a, again, a patch missing. He's not the brains. And they simply hire them and they have reached a level now where they hire them completely anonymously. Scott Harroff: 20:13 Well, I think the good news here and the bad news here are all wrapped up in the same sentence. We build ATMs to last. They are not something that you put out there and in a year or two or three you replace with a brand new ATM. There's ATMs that have been out there for 10, 20 plus years. And, at the same time, that's a good thing because the customer has a piece of hardware that is very reliable and it's out there running. But on the other side of the coin, a lot of these older ATMs are in an environment where the customer really hasn't done the things that you talked about, Bernd, to keep it up to date. They haven't kept the operating system up to date, they don't have signatures up to date, they don't have whitelisting in place, they don't have encryption in place. They might not have the physical security around the ATM. So you've got a combination of older units with not enough security being one of the main drivers of why organized crime has focused in on that. These attacks, also they're evolving really, really quickly. So you can't just take the defenses that you've got today and make the assumption that those same exact defenses are going to be perfect for protecting you tomorrow. You've got to keep up on top of this stuff, you've got to keep up with updates and upgrades. And if you don't, then the criminals will find a vulnerability somewhere in a platform and try to target it. Bernd, is there anything else you want our listeners to take away with today regarding our conversation? Bernd Redecker: 21:34 Yeah, just perfect statement, Scott, just to emphasize on that. Even if the customers don't get attacked, leaving the machine on the old state makes it even more difficult to upgrade them if something happens. So maintenance is nothing you should do only when something happens, you should do it on a regular base. And you can even do that for the old machines. Of course there is an end of life at some time, but until then ... Typical lifespan, when we look at life cycles of machines of software, that is clearly above seven years to some extent. So that shouldn't be a problem to patch and update them over the lifetime. The other thing I would like to point out or I would like to hint to is we've been talking a little bit about physical protection, we've been talking a lot about logical protection. As we mentioned one or two times, the attacks we are seeing at the moment are also a combination of logical and physical. And what we are seeing, and again on a global scale, it simply doesn't matter where you're looking, to which geography you're looking to. Some are more advanced in the negative way than other regions. But, nevertheless, what we are seeing is that the crooks are also starting to take advantage of banks processes. There is an attack called transaction reversal. There are other attacks where the crooks know exactly that the bank will, in one or the other case for instance, refund cash. And while this is not literally jackpotting but the result is the same, they trick the whole process in a way where it refunds any withdrawals immediately meaning they can withdraw until the machine is empty. And the result of that is very near to a jackpotting again. So if we think about protecting the machines, it is the physical protection, it's the logical protection, protection when the machine is switched off, we have to consider processes. And of course, if we do all these things, we also have to properly monitor the machines. Because it doesn't help at all if the machine sits out there, and again 24/7, lobby, drive-ups, remote locations, whatever we have, it doesn't make any sense if the machine sits out there, it's protected to some effect, knows that it's currently being attacked, cries for help and nobody's listening. Scott Harroff: 24:06 Yeah, that's a great example Bernd. We're talking about jackpotting and so many times you think about it, and to your point of the outcome is all the cash is gone and the method had nothing to do with a black box or malware, it was just that reversal attack that just kept right on going. So I think one of the things that a lot of our financial institutions should do is really sit down with an expert on security and really walk through all the different things that you and I talked about today and really put a plan together for where are we today, ideally where do we want to be, and what are all the steps that we need to put in place to go from where we are to where we need to be, and then how do we keep up to date once we get to where we want to be? So Bernd, thanks so much for being here today. It's always great to have someone of your level of expertise and knowledge available to talk to the financial institutions about what's going on in the channel. I want to thank the listeners today for tuning into this episode of Commerce Now. To learn more about jackpotting and how you can better defend your ATM fleet against these evolving attacks, please log on to dieboldnixdorf.com. And, until next time, keep checking back on iTunes or your podcast listening channel for new topics on COMMERCE NOW. And thank you very much again for everybody's attendance today.
Podcast Summary: Jackpotting, a sophisticated cyber-attack combined with the physical manipulation of an ATM machine, has been sweeping across Europe, Asia, and Central America for the past decade. It recently made its way onto US soil in early 2018. In fact, these hackers swept up 1 million before anyone caught on, and they’ve continued targeting banks and credit unions in small towns with lax security and outdated software. In January, two men were arrested for a jackpotting attacks in Rhode Island and Connecticut. Other attempts and attacks have been reported in the Pacific Northwest, New England, and along the Gulf. While it’s unclear just how much money has been taken in total, these attacks are still occurring, and they won’t stop any time soon. In this episode, we’ll be talking the “what, where, when, and how” of jackpotting, as well as how financial institutions can protect their ATM fleet - and their brand image - from damage. Resources: Blog: https://blog.dieboldnixdorf.com/dont-be-the-jackpot-protect-your-atms-against-evolving-attacks/ DN website: www.dieboldnixdorf.com COMMERCE NOW website: www.commercenow.libsyn.com Transcription: Amy Lombardo: 00:01 It's early evening and a standalone ATM sits in the middle of a mostly deserted strip mall. A man in a technician's uniform approaches the machine. He pops the top hat without hesitation and fiddles with the hard drive, swapping it out for a new one. When his job is done, he replaces the components and walks away. A few minutes later, someone else walks up to the ATM. He mimes the usual actions of an ATM customer, punching in numbers on the keypad, inserting a card and then he waits. Within the next few seconds the ATM begins to spin. The machine spits out wads of cash, up to 40 bills every 23 seconds. Anyone bothering to pay attention might think it's this guy's lucky day. Others might think he's withdrawing his life savings. But anyone with security expertise will recognize this as exactly what it is, a jackpotting attack. Jackpotting, a sophisticated cyber attack, combined with the physical manipulation of an ATM machine has been sweeping across Europe, Asia, and Central America for the past decade. It made its way onto U.S. soil in early 2018. In fact, these hackers swept up one million before anyone caught on and they've continued targeting banks and credit unions in small towns with lax security and outdated software. In January only two men were arrested for a jackpotting attack in Rhode Island and Connecticut. Other attacks and attempts have been reported in the Pacific Northwest, New England, and along the Gulf. While it's unclear just how much money has been taken in total, these attacks are still occurring. And they won't stop any time soon. In this episode, we'll talk about what, when, where, and how of jackpotting as well as how financial institutions can protect their ATM fleet and maybe even important, their brand image. I'm Amy Lombardo and this is Commerce Now. Hello and welcome to Commerce Now, your source for fin tech conversations along with emerging trends in the banking and retail industries. Today I'm joined by Scott Harroff, Chief Information Security Architect with Diebold Nixdorf. So, hey Scott. Thanks for joining me today. Scott Harroff: 02:26 Good morning, thanks for inviting me. Amy Lombardo: 02:28 It's always great to talk to you. So, today we're going to talk a lot about jackpotting and I want to start the conversation with just where did the term jackpotting come from. The only meaning I know of the word is something good, usually when someone wins the lottery. So what does jackpotting mean here in terms of security references? Scott Harroff: 02:51 Jackpotting came about back in the 2010 timeline from a conference that's called DefCon. Once a year hackers and white hats and gray hats all get together and they present to each other for several days over a week in Las Vegas and one of the presentations was delivered by a speaker by the name of Barnaby Jack. And what Barnaby essentially did is he took an ATM and he brought it up on stage and after doing a whole bunch of research before the conference he found several vulnerabilities inside the ATM software stack. And by exploiting those vulnerabilities, he was able to make the ATM essentially jackpot itself and dispense all of its cash on the stage in front of the audience members. So, it really is kind of a term for ATMs dispensing all of their cash that came about as a result of Barnaby Jack's jackpotting speech during the DefCon Conference. Amy Lombardo: 03:46 Ah, so there you go folks. If you're ever watching Jeopardy or some other trivia show and you're asked who originated the term jackpotting, now you'll know, courtesy of Scott Harroff himself. So, when a jackpotting attack occurs, is it something that happens immediately? You're giving this example of Barnaby up on stage and he did it real time but do these attackers carry out their mission immediately or is it something that maybe happens hours, days later? Scott Harroff: 04:24 What we're seeing in the United States is the attacks are occurring very soon after the software or the tool is deployed at the ATM. Although they could visit the ATM and they could set the ATM up hours or days or weeks in advance, in the U.S. what we're seeing is they set the machine up and then very quickly after that they go through the process of making the ATM dispense all of its cash and then they leave. Amy Lombardo: 04:53 Got it, and it's usually with another individual, right? It's not a one person attack because someone's probably monitoring some software in some remote location and then there's said attacker who's walking up and taking out the cash, right? Scott Harroff: 05:13 Well, it theoretically could be just one person if the one individual had the right tool and they understood how to use the tool and they were working all by themselves, a lone wolf, if you will. Then, yeah, absolutely one person could do it but what we're typically seeing is this is an organized crime ring activity. These are individuals that come in from Venezuela and Mexico and they work in groups. So, we typically have two or three individuals working together in any one attack. We have what we call the cash mule and that's the person that shows up at the ATM and their job is simply to be at the ATM and to take the cash out of the ATM, put it in a bag and then leave. We have another individual called the tech and the tech is the technical person who arrives at the ATM prior to the cash mule. And what their job is, is to analyze the ATM to determine how the ATM's configured and then determine what the appropriate tool or technique is to use to jackpot that particular ATM. We also have what we call the operator. The operator is the person that, in some of the attacks, needs to authorize the software prior to it being able to be used at the ATM. They're typically remote and typically they're called on a cell phone to give the access codes to activate the software. And then what we've been seeing recently is we have what we call a surveillance team. In much the same way that you would think about spies and counterspies working with or against each other, these are individuals that show up and while the people are physically at the ATM doing whatever they're doing, they're a little bit away from the actual scene and they're watching what's going on at the scene. They're watching what's happening around it. So if a consumer were to drive up to the ATM or if a police car were to pull in the parking lot, it's this person's responsibility to tell the other people that are at the ATM, hey, there's a police car coming, hey there's a customer coming, you need to leave and then they're watching the scene once they're gone. They say okay, the coast is clear, come on back, you can continue your job. Amy Lombardo: 07:33 Wow, that sounds quite complicated just to get notes out of an ATM here. Is a jackpot attack, is it a one and done or could you go and, based on the amount of notes that the ATM can dispense at a time, or is that the way it's hacked, so it just that threshold is completely removed, and it'll just empty the ATM at once? Scott Harroff: 08:03 Again, there's a variety of different techniques that we've seen used. One of the techniques would require the person to use what we call a black box and if they were using a black box they'd physically gain access to the inside of the ATM to disconnect the dispenser from the CPU in the ATM then connect it up to the black box and the black box would send some commands to the dispenser and if the dispenser wasn't configured correctly, that would start the dispenser into a cycle of continuously dispensing notes. So, you have the ATM physically opened, out of service, with a black box connected and it's pretty much go as quickly as you can, get as much as you can and if somebody's interrupting you, you just take your black box and cash and you leave. The ATM is left in an out of service situation so that would be one approach in one extreme, if you will. The other side of it would be where software is used to actually put the ATM into a mode where it can be switched into and out of service. So, the software would be able to be controlled remotely. You'd use something like a wireless USB dongle that would provide keyboard and mouse functionality and then the tech would be somewhere in the parking lot or in near proximity of the ATM and they'd be sending commands ... okay, dispense your cash and that would start. The cash mule would start taking all the cash out of the ATM and then the technician would see somebody pulling up behind the cash mule and then send commands to the ATM ... go back in service and now the in service screen would appear, the consumer would use the ATM, it'd look completely normal, it would provide them exactly the transactions that the consumer wanted and then the consumer drives away. The cash mule comes back and then the technician remotely says, okay, I want you to start dispensing cash again. And again it starts dispensing. And we've actually had video from customers where the person that's at the ATM doing the cash removal had been interrupted three or four times and as consumers came up and used it, it looked normal. Cash mule came back, did their thing, another consumer came up, the cash mule left and again, the consumer comes back. We've actually seen it go through cycles where they'll spend over an hour being interrupted and getting the cash out of the ATM while other people are there using the ATM. Amy Lombardo: 10:24 Wow. So these criminals are pretty daring in those types of examples that they're going back and forth there. Scott Harroff: 10:32 Actually they're really, really daring. We've got one example out in California where the folks jackpotting the ATM were actually in a big box retailer. So, imagine that, you're right at the ATM, right in front of the entrance, and right over your shoulder to the right hand side is all those cash registers, all those customers checking out, all the store people operating the cash registers and you know, somewhere there's all these cameras that are watching for shoplifters and things and in the middle of all that, we had a group of individuals literally jackpot the ATM while the store was open and all that was going on. So, yeah, really bold and daring. Amy Lombardo: 11:15 All right, I don't know if I can say this on this podcast but that's a little [inaudible 00:11:20] there. I mean, my goodness. Scott Harroff: 11:24 Yeah. And you know they're not wearing masks, they're not wearing disguises. It's like you and I just walk up to an ATM and pretend we're technicians servicing the ATM and take all the cash right there in front of all these people and all those video surveillance things going on so, yeah, it's pretty aggressive sometimes. Amy Lombardo: 11:44 All right, so listeners, just for the record, don't look up Scott and I and look what we look like on LinkedIn, and think we're going to be jackpotting ATMs. All right, let me get back to my questions here. I've got a lot here for you. You mentioned some examples here in the U.S., but are we finding these attacks all over the world because I could have sworn a colleague mentioned to me once that maybe jackpotting even started in Russia or am I just thinking of something totally not related? Scott Harroff: 12:18 No, you're actually correct. No, you're spot on. It's a global thing. It's been going on for many, many years. It's relatively new to the U.S. We actually have a security alert from one of our competitors that they published in the 2016 timeframe warning their customers that their ATMs were vulnerable to these attacks. Our first record is competitors ATMs being attacked in 2016. We actually didn't see anything happening on our equipment until the 2017 timeframe and then they were in the U.S. hitting large ISO, an ISO is a deployer of ATMs for a third party. So, if you didn't want to own and operate your own ATM, but you wanted to have your logos on the ATM so your consumers could use them, that's what an ISO is. They deploy ATMs on behalf of somebody else. They focused in on this ISO pretty heavily from the spring to the fall of 2017 and then once that ISO did a good job of counteracting the vulnerabilities on their fleet, the bad guys were forced to expand out and go after other folks' ATMs. So, that's when we started seeing it move off that ISO on to other customer's ATMs and at that point we started sending out security alerts, doing customer awareness training and letting them know, hey, if you haven't done A, B, C, D, F, G to protect your ATMs, it's a really good idea to start working on that right now. Amy Lombardo: 13:45 Got it. Are there certain types of ATMs or maybe even locations that they're at that seem to be more vulnerable than others? Scott Harroff: 13:56 You know, that's a really good question. The commonality here is ATMs need to have up to date firmware, up to date software, up to date configuration settings and good physical security. So, theoretically any ATM running what's called XFS, XFS is the middle ware layer that sits at the operating system level and it kind of acts as the intermediary between whatever your terminal software stack is like Agilis or Vista or pick your software stack and the operating system. It kind of translates what the terminal software stack wants to do and the commands for the devices. And that's an open standard, it's published on the internet. So, if you could use this uncommon tool called Google and you did a search for XFS specifications ... Amy Lombardo: 14:51 What's that? Scott Harroff: 14:52 Never been there. You could actually Google for the XFS specifications for the dispenser and you could find out what you need to do in order to tell XFS how to operate the dispenser. Or, if you're a little bit more lazy and a little bit less creative, you could actually Google for applications that do test dispenses on the internet and then that would actually give you the actual software itself to interact with XFS and to make the machine dispense cash. Any ATM running a common software layer called XFS is theoretically vulnerable to this. Now, if you've got XFS up to date, firmware up to date, and configuration setting up to date, again, you add layers of defense to protect you and slow the attacker down. But, really almost any ATM running that layer is vulnerable. Then again, you move on to ATMs that might not run XFS, some really low end cash dispensers that you might see in gas stations or maybe convenience stores, they don't run XFS but, again, the attackers have stolen ATMs and have analyzed how they work and then found attacks that work against non-XFS ATMs as well. I would pretty much say any ATM is vulnerable but then we gotta talk about the likelihood of attacking an ATM successfully is. So, if you've got an ATM that's sitting in the middle of a branch and you've got all these branch people around the ATM, the doors are locked from 5:00 at night to 8:00 in the morning, the chance of somebody walking into that branch while all those employees are there and spending an hour jackpotting the ATM and removing handfuls of cash, time and time and time again, really low probability. Could it happen? Yeah. Is it likely? Not so much. So, we'd put those into what we call a low risk category. An ATM that's in a drive up configuration where the key to the ATM's computer is exposed to general public, we'd put that into a medium risk category. An ATM that is on premise, maybe in a vestibule, maybe in a corner of a branch parking lot, again, without good security would be a medium risk. And then a high risk ATM would be an ATM that's off site. So let's say it's in a university, let's say it's in a public building somewhere, maybe it's in a college campus, maybe it's in a gas station or a convenience store. Those are high risk and, again, the highest risk would be an ATM that would, believe it or not, be in a shopping mall. We had a lot of attacks occur where an ATM was literally on site in a shopping mall with all those people moving around the ATM, the jackpotters right there jackpotting the ATM. So, from lowest risk to highest risk, that's kind of what we've seen here in the U.S. Amy Lombardo: 17:44 Huh. Okay. Yeah, you would think it would be the other way around with the shopping mall example but in reality you're not, as a consumer, looking for that. You're going on with your day to day activities. Are ATMs the only system or device that can get jackpotted? Could a kiosk that dispenses money be vulnerable to this? And I'm thinking back to the grocery store example that you gave me earlier on. Scott Harroff: 18:17 Absolutely. Any device that has a reward whether that reward is I get cash or whether that reward is I get credit card data that I can then sell on the dark web or I can use myself to clone cards and go redeem by using a stolen pin and a stolen card number somewhere else, any device that has value to organized crime or an attacker would be subject to these attacks. Amy Lombardo: 18:44 So, jackpotting is not just getting some sort of notes out of an ATM, it ... to your point here, it could be data as well. Am I understanding that right? Or did I just take you down a rabbit hole? Scott Harroff: 19:01 No, so jackpotting, in the way we're talking about it, typically occurs at ATMs. That's the way that the media has been presenting this. This is the way all of the experts have been talking about it. When they say jackpotting these days, what they typically mean is somebody at an ATM stealing cash from an ATM but you could take the concept and extend it. You'd have to be pretty brazen but what if I were to somehow put malware onto a casino's gaming machine. What if, as opposed to getting cash out, what I do is I get a jackpot on my casino machine and it just gives me all the coins that are in there. What if somehow I manipulate that into sending the signal back to the main system that says person at this machine just hit the jackpot and they won the $5 million dollar grand prize. You could extend this concept into a lot of other areas but typically it's around ATMs. Amy Lombardo: 20:01 And in that instance, consumers, anyone who's listening Scott Harroff will be visiting Las Vegas in two weeks. Just kidding, just kidding. All right, let's shift the conversation into talking a little bit about preventative measures and what a financial institution can do to be the most prepared for these types of vulnerabilities. Can you just walk us through steps a bank should take and really that process, how complicated it could be or maybe not? Scott Harroff: 20:41 Sure, absolutely. The first thing I want to bring about is that there's a lot of different scenarios that can lead up to a jackpot, a lot of different techniques, a lot of different tools. One of the biggest misconceptions is some institutions that haven't had an in depth discussion, they kind of think a jackpot is a jackpot. It really, really isn't. There's many different vectors that could lead up to a jackpot scenario. You could remotely get into an unprotected ATM across the network and jackpot it, for example. But most of the time it involves being physically close to the ATM. Again, we have some attacks called man in the middle attacks and what that means is somebody gets between the ATM and the host and they, on the network, change the traffic, so the ATM thinks that the host is telling it to do things that the host really didn't tell it to do. So, that's a remote attack as well. It could happen at the host, it could happen between the host and the ATM or it could actually happen on the network cable that goes right into the ATM itself so, that's an attack that has a proximity kind of affect to it. But the most common attack is an attack that involves getting into the computer area of the ATM. If you have an ATM that is, again, in a branch lobby chances are no one's going to go in there and try to jackpot that machine. They're going to look for something's that's maybe a little easier, maybe a little less risk. An ATM that has a lock that's exposed to the general public, if you will, is really the first main indicator of an ATM you should be concerned about and especially if that lock hasn't been changed from the factory configuration. So, if your ATM has exactly the same lock as your bank, or your credit union down the street who's a competitor, you know, you're probably vulnerable because, well, if the key that opens your ATM opens 20 or 50 or 100 or 1,000 other ATMs from competitors around you in the state, that's really the first major weakness that they look for. Today if they show up and they put the key in and the key doesn't turn, you know maybe they could pick it, maybe they could force it open but what they're really looking for most of the time in the U.S. attacks we've seen so far is an ATM where the lock is just in the factory configuration. You put a key in you can buy off of eBay, for example, you turn it and it opens. That's the first step. The second step is really, what if when I open that door an alarm goes off. What if I now think that for whatever reason, I've just tripped something, am I going to stay there when an alarm's going off and try to perform this jackpot? Probably not. Maybe I'm really, really aggressive and I do but chances are, if the top hat were to open and an alarm were to go off, the bad guy's probably going to leave quickly. Having that alarm there, if you open the door and if you don't put in, for example, a four digit disarm code to turn off the alarm and the alarm starts going off, that's another layer of protection that would prevent the bad guy from probably staying there and jackpotting it. And then the next step is making sure that the ATM software stack is up to date. Making sure that the communications between the CPU and the dispenser are appropriately configured. Making sure that all of the different details around the software security and the configuration of the ATM are up to date, those things all added together can either significantly slow down the attacker to the point where they're probably not going to get any cash or only a little bit before somebody shows up to intercept them or maybe prevents them all together. Those are the kind of things you really want to do is adding these layers of physical security and information security controls to the ATM to make sure that you've really slowed somebody down or you've stopped them all together. That would be what I would be looking at doing. Amy Lombardo: 24:48 Got it. And is there a way that a financial institution can actually tell when this might be happening? Is it just as simply as what you were talking about, an alarm going off? Or is there some sort of software that they can actually tell? Scott Harroff: 25:07 Actually the physical security of the top hat area and the chest, having sensors that noticed that somebody's doing something they shouldn't be doing is a really good first layer of defense but as you pointed out there's also software on the ATM that could notice that something's occurring that's not normal. For example, my dispenser was unplugged from my CPU. Well, how many times does a dispenser disconnect itself from a CPU in a normal ATM? It really doesn't so if you have software that watches for that, that could be a detection mechanism that says hey, I want to now respond to this or another good example might be how often does your hard drive physically unplug itself from an ATM while it's up and running normally? Well, the answer is it doesn't ever disconnect itself while the ATM is up and running normally. So, again, having software that watches for something like that would aid you in detecting that something unusual is occurring and you probably want to have your physical security people log into their cameras or DVR's, look to see what's going on or maybe even send an alert to a security monitoring system so that a third party could actually respond on behalf of the bank and send somebody out to check out the ATM. Amy Lombardo: 26:23 Got it. As we close out the topic for today, what did I miss, Scott? Is there other recommendations that you would give here or, really, I didn't miss anything. It's really you. Anything else that you would just add to this conversation of just kind of in closing here? Scott Harroff: 26:42 Absolutely, I think one of the things that most financial institutions in the United States haven't really done a thorough job of yet is assessing their fleet and really looking at them from the perspective of which of my ATMs are at the highest risk. Which of my ATMs are not at risk at all? And then looking at those ATMs and saying okay, this is a high risk ATM, which vectors would work at my ATM and basically doing an internal analysis of how could my highest risk ATMs be attacked. What do I need to do with my ATM vendor to try to now counter these different attack vectors and make my highest risk ATMs as secure as they can be from these attacks? I really think that we've got some financial institutions that have done a very good job of assessing their fleets. They've done a good job of remediating their open vulnerabilities but I think there's far, far too many customers out there that haven't gone through and done that work and they're actually still vulnerable to these attacks when the bad guys come back next time. Amy Lombardo: 27:52 Okay, okay. So, obviously that would be our plug there to talk to someone like yourself or an account rep at Diebold Nixdorf to get more information. Scott Harroff: 28:04 Yeah and again, this isn't really a Diebold Nixdorf problem although our ATMs, if they're not properly set up and configured and protected, they are vulnerable. NCRs are vulnerable, your Tritons, your Tranaxs, those other ATMs are vulnerable as well. Again, I just want to make sure we close with this, this isn't really a Diebold Nixdorf problem although this is a Diebold Nixdorf doing the podcast. It's really an industry challenge and everybody needs to be diligent. As long as you own a machine, that's loaded with cash, you need to be concerned about this risk. Amy Lombardo: 28:37 Yeah, that's a great point and a great way to close this. So thanks, Scott, for being with me here today and to our listening for tuning into this episode of Commerce Now. To learn more about jackpotting or how you can better defend your ATM fleet against evolving attacks, log onto DieboldNixdorf.com. Until next time, keep checking back on iTunes or your favorite podcast listening channel for new topics on Commerce Now.
Anytime you swipe your credit or debit card, you are putting your money at risk. Hackers and scammers have gotten more sophisticated. In this free Komando on Demand podcast, I will tell you how to spot the skimmers and shimmers.
On this episode, we welcome on Joe Panettieri, Content Czar at ChannelE2E and MSSP Alert, to discuss the difference between an MSP and MSSP, how the market is converging and what you need to do to prepare. We also talk through details of a new cyber attack called Jackpotting, share statistics about the future managed security services market, and close with 5th of 7 habits of highly successful IT service providers. Tune in now!
Blue Yeti Microphone: http://www.bluemic.com/products/yeti/Spreaker (where my podcasts are stored): http://spreaker.comPodcast Page: http://passpodcast.comHere I was thinking that it was already time for the All-Star weekend. Despite that being the case, there were some trades that went down, a little tampering, Snapchat displeasing its fans, and The Roots join the artist spotlight. All of this and much more on this week's episode of #thePASS #podcast #talker #PASSPodcast #alwaysTalking #PodcastAboutSportsNStuff #AssOfTheDay #Radio #Web #Show #Sports #Music #Artists #Gaming #Gamer #Videogames #HotTopic #Popular #Richmond #WorldWide #Spreaker #trends #rva804 #branding #blueyeti #richmond804 #podcastLife #blymibt Domestic Violence (2:25) https://ncadv.org/assets/2497/domestic_violence.pdfA Taste of Heaven RVA (3:53) https://www.yelp.com/biz/a-taste-of-heaven-rva-glen-allenFantasy League NBA Update (5:25) http://games.espn.com/fba/clubhouse?leagueId=141038&teamId=2&seasonId=2018First in the LeagueWeekly tradingWinning despite injured playersTwo teams a threatDream TeamTeam KillbrewLosing this Week (oddly)Lakers Fined for Tampering AGAIN (12:41) http://www.espn.com/nba/story/_/id/22347434/los-angeles-lakers-fined-50000-magic-johnson-violates-league-anti-tampering-ruleGiannis Antetokounmpo50kFine lower?NBA Trade Deadline Updates (17:04) http://www.nba.com/article/2018/02/08/nba-trade-deadline-buzz-feb-8-2018#/Isaiah Thomas only played 15 games with CavsRockets pick up Joe Johnson & Brandan Wright off waiversDerrick Rose on waivers (as of now)No one jumping into the pit of fireThose expected to move (DeAndre Jordan, Marcus Smart, & Tyreke Evans to name a few) weren't tradedBellinelli reached buyoutWent to 76ersBrings veteran qualityElfrid Payton to Suns helps for future & takes pressure off Devin BookerWade goes back home (Miami)Jameer Nelson adds veteran depth to PistonsNew Look CavsWinter Olympic fascination (36:55) https://www.olympic.org/Curling fascinationChloe KimBiathlonSkiing & rifle shootingSkeleton fearSnapchat Update (44:50) http://www.independent.co.uk/life-style/gadgets-and-tech/news/snapchat-new-update-redesign-stories-page-android-ios-complaints-app-change-a8200301.htmlPeople don't like the changeForced to watch your snaps from friends in it's order of how they're postedTwitter Snapchat Support has been BUSYStill has 60 second feature with multi-snapThe Overwatch League (54:31) https://overwatchleague.com/en-us/standingsShanghai Dragons STRUGGLEDMap Count ExplanationStage 2 starts next WednesdayLeague of Legend eSports (58:41) http://www.lolesports.com/en_US/NA LCS (League Championship Series)Continues Saturday & SundayMy favorite (Echo Fox)Europe LCSWeek 5 matches are Friday & SaturdayArtist Spotlight: The Roots (1:02:01) https://www.allmusic.com/artist/the-roots-mn0000415906/biographyAsses of the Week:Rose's Adidas Contract (1:13:44) http://bleacherreport.com/articles/2758029-derrick-roses-brother-friends-salaries-revealed-in-leaked-adidas-contractBrother makes between 250k and 300k per year as a consultantBest friend makes between 50k and 74k per year for “consulting”Two Men involved in “jackpotting” heist (1:23:02) https://www.engadget.com/2018/02/06/two-men-charged-bank-fraud-jackpotting/
This week on Cyber Frontiers we jump into and update on the public disclosures of the meltdown and spectre vulnerabilities. We also chat about the latest hardware hacking efforts with ATMs and JackPotting as well as get Christian’s take on Crypto Currency and the coin market. Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future! Christian Johnson will bring fresh and relevant topics to the show based on the current work he does. Support the Average Guy: https://www.patreon.com/theaverageguy WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at
This week on Cyber Frontiers we jump into and update on the public disclosures of the meltdown and spectre vulnerabilities. We also chat about the latest hardware hacking efforts with ATMs and JackPotting as well as get Christian’s take on Crypto Currency and the coin market. Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future! Christian Johnson will bring fresh and relevant topics to the show based on the current work he does. Support the Average Guy: https://www.patreon.com/theaverageguy WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at
This week on Cyber Frontiers we jump into and update on the public disclosures of the meltdown and spectre vulnerabilities. We also chat about the latest hardware hacking efforts with ATMs and JackPotting as well as get Christian’s take on Crypto Currency and the coin market. Cyber Frontiers is all about Exploring Cyber security, Big Data, and the Technologies Shaping the Future! Christian Johnson will bring fresh and relevant topics to the show based on the current work he does. Support the Average Guy: https://www.patreon.com/theaverageguy WANT TO SUBSCRIBE? We now have Video Large / Small and Video iTunes options at
Bitcoin exchange robbed, Deepfakes AI celebrity porn channel shut down by Discord, NSA Exploit Use On Rise For Crypto Currency Mining, First Jackpotting Attacks Hit U.S. ATMs, and more! Full Show Notes: https://wiki.securityweekly.com/Episode546 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Bitcoin exchange robbed, Deepfakes AI celebrity porn channel shut down by Discord, NSA Exploit Use On Rise For Crypto Currency Mining, First Jackpotting Attacks Hit U.S. ATMs, and more! Full Show Notes: https://wiki.securityweekly.com/Episode546 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
This is the Shared Security Weekly Blaze for February 5, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston. Show Transcript This is your Shared Security Weekly Blaze for February 5th 2018…with your host…Tom Eston In this week’s episode: ICE license plate tracking database, […] The post The Shared Security Weekly Blaze – License Plate Tracking, Jackpotting ATMs, Strava Global Heatmap Controversy appeared first on The Shared Security Show.
Show notes – http://heytechiesshow.com/shows/hts117/ Michael and Bruce discuss when our show will air, new devices and issues with them, a Watch story, Musk sells flame throwers, Specter and Meltdown, Jackpotting, Gaming, Google removing apps, Superbowl LII security, Dell trying to see itself, What everyone should know about Apple’s sales, Get your taxes done, What Apple […]
Jon's roof doesn't collapse. Eric talks about a moon and snow caving. Then they actually talk about security stuff. Sorta. Thoughts on Chronicle, Alphabet's now named security company. Then, is there a solution for the AWS IAM permissions? And "Jackpotting" ATMs is the new thing in the US (Yay! WinXP!). Finally, Eric wants to know the first thing you bought on Amazon and Jon is looking to get stung. Links: Alphabet announces Chronicle: https://chronicle.security PolySwarm.io: https://polyswarm.io/ Using AWS X-Ray to achieve Least Privilege: https://medium.com/@glicht/using-aws-x-ray-to-achieve-least-privilege-permissions-93dfd6701318 Snyk.io: https://snyk.io/ Functional One - AWS Least Privilege: https://github.com/functionalone/aws-least-privilege Jackpotting: https://krebsonsecurity.com/2018/01/first-jackpotting-attacks-hit-u-s-atms/
Bitcoin exchange robbed, Deepfakes AI celebrity porn channel shut down by Discord, NSA Exploit Use On Rise For Crypto Currency Mining, First Jackpotting Attacks Hit U.S. ATMs, and more! Full Show Notes: https://wiki.securityweekly.com/Episode546 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Ep. 284 | ATM Jackpotting; Lebal; Fake Ethereum Wallet; Internet Weather | AT&T ThreatTraq
In today's podcast we discuss constitutional crisis, Russia sanctions, Trump, Paul Ryan, Nixon, Congress, House, Senate, FBI, Justice Department, investigation, Watergate, Stormy Daniels, Detroit Pistons, LA Clippers, Blake Griffin, Tobias Harris, Avery Bradley, Shinsuke Nakamura, SD Live, Braun Strowman, RAW, Trish Stratus, Mickie James, V Lick, Royal Rumble, Tom Hanks, Mr Rogers, Doug Ford, Conservative Leadership, Ontario, John Cena, Philadelphia, Patreon, subscribers, YouTube, Jackpotting, ATMs, Dudley Boyz, San Francisco, shit app, Washington Wizards, John Wall, Jeremy Borash, Spud, 205 Live GM, Brexit, UK, Verizon, Huawei, free market capitalism, big government, republicans, Toronto Blue Jays, Grichuk, Kevin Owens, Sami Zayn, Kevin Love, Cleveland Cavaliers, Samsung, foldable displaysIf you'd like to create your own Patreon page to raise funds for yourself as an artist or creator use this referral link to help out the podcast: https://patreon.com/invite/nrjznzIf you'd like to get rewarded and help support the show, please visit https://www.patreon.com/PJBDPodcastAlso, we are on iTunes! Subscribe, download and review at https://itunes.apple.com/ca/podcast/papa-johns-brain-droppings/id1278787736Subscribe on Google Play for Android users! https://playmusic.app.goo.gl/?ibi=com.google.PlayMusic&isi=691797987&ius=googleplaymusic&apn=com.google.android.music&link=https://play.google.com/music/m/I3x3bb4pw2yxs6mtkindo2povjq?t%3DPapa_Johns_Brain_Droppings%26pcampaignid%3DMKT-na-all-co-pr-mu-pod-16Listen to the Papa John's Brain Droppings Podcast on Stitcher at http://www.stitcher.com/s?fid=149731&refid=stprFollow us on http://www.Twitter.com/TheJohnDNewton or https://www.facebook.com/PJBDPodcast for the latest updates. Favorite us on TuneIn at https://tunein.com/radio/Papa-Johns-Brain-Droppings-Podcast-p1026907/For video of the podcasts subscribe to https://www.youtube.com/JFWRTVOR on Dailymotion at https://www.dailymotion.com/PJBDPodcast
DC Hits on an Oakland restaurants' employees are speaking out about Chef's ongoing sexual harassment, Rae Sremmurd announces they're going to take a different approach to new album.. but is it the right one, and thieves are hacking into ATM's with a new scheme called 'Jackpotting' that has banks & stores shook...
DC Hits on an Oakland restaurants' employees are speaking out about Chef's ongoing sexual harassment, Rae Sremmurd announces they're going to take a different approach to new album.. but is it the right one, and thieves are hacking into ATM's with a new scheme called 'Jackpotting' that has banks & stores shook...
In today's podcast we discuss constitutional crisis, Russia sanctions, Trump, Paul Ryan, Nixon, Congress, House, Senate, FBI, Justice Department, investigation, Watergate, Stormy Daniels, Detroit Pistons, LA Clippers, Blake Griffin, Tobias Harris, Avery Bradley, Shinsuke Nakamura, SD Live, Braun Strowman, RAW, Trish Stratus, Mickie James, V Lick, Royal Rumble, Tom Hanks, Mr Rogers, Doug Ford, Conservative Leadership, Ontario, John Cena, Philadelphia, Patreon, subscribers, YouTube, Jackpotting, ATMs, Dudley Boyz, San Francisco, shit app, Washington Wizards, John Wall, Jeremy Borash, Spud, 205 Live GM, Brexit, UK, Verizon, Huawei, free market capitalism, big government, republicans, Toronto Blue Jays, Grichuk, Kevin Owens, Sami Zayn, Kevin Love, Cleveland Cavaliers, Samsung, foldable displaysIf you'd like to create your own Patreon page to raise funds for yourself as an artist or creator use this referral link to help out the podcast: https://patreon.com/invite/nrjznzIf you'd like to get rewarded and help support the show, please visit https://www.patreon.com/PJBDPodcastAlso, we are on iTunes! Subscribe, download and review at https://itunes.apple.com/ca/podcast/papa-johns-brain-droppings/id1278787736Subscribe on Google Play for Android users! https://playmusic.app.goo.gl/?ibi=com.google.PlayMusic&isi=691797987&ius=googleplaymusic&apn=com.google.android.music&link=https://play.google.com/music/m/I3x3bb4pw2yxs6mtkindo2povjq?t%3DPapa_Johns_Brain_Droppings%26pcampaignid%3DMKT-na-all-co-pr-mu-pod-16Listen to the Papa John's Brain Droppings Podcast on Stitcher at http://www.stitcher.com/s?fid=149731&refid=stprFollow us on http://www.Twitter.com/TheJohnDNewton or https://www.facebook.com/PJBDPodcast for the latest updates. Favorite us on TuneIn at https://tunein.com/radio/Papa-Johns-Brain-Droppings-Podcast-p1026907/For video of the podcasts subscribe to https://www.youtube.com/JFWRTVOR on Dailymotion at https://www.dailymotion.com/PJBDPodcast
West Coast Cookbook & Speakeasy is Now Open! 8am-9am PT/ 11am-Noon ET for our especially special Daily Specials; Tarrytown Chowder Tuesdays!Starting off in the Bistro Cafe, even Trump's friends say he is a jerk.Then, on the rest of the menu, Jackpotting hackers steal over $1 million from ATMs across the US; a federal judge halts the deportation of prominent immigrant rights activist, Ravi Ragbir; and, Fusion GPS accused U.S. Senate Judiciary Committee Chairman Chuck Grassley, of endangering its employees by ignoring “multiple” requests not to publicly disclose their names.After the break, we move to the Chef's Table where Trump's pick for Chile ambassador has deep financial ties to the Kushner family that the White House did not announce earlier this month; and, Andrew McCabe's replacement, David Bowditch, is now next to face the Trump firing squad.All that and more, on West Coast Cookbook & Speakeasy with Chef de Cuisine Justice Putnam.Bon Appetit!~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~“As I ate the oysters with their strong taste of the sea and their faint metallic taste that the cold white wine washed away, leaving only the sea taste and the succulent texture, and as I drank their cold liquid from each shell and washed it down with the crisp taste of the wine, I lost the empty feeling and began to be happy and to make plans.” ― Ernest Hemingway "A Moveable Feast"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Show Notes & Links: https://www.dailykos.com/stories/2018/1/30/1737088/-West-Coast-Cookbook-amp-Speakeasy-Daily-Special-Tarrytown-Chowder-Tuesdays
Microsoft issued an emergency update to their softwares after Intel’s buggy Spectre fix caused spontaneous rebooting, data loss, and complete PC failure. In their search to find the perfect location for HQ2, Amazon has narrowed the list of cities to 20. But, many are concerned about the e-commerce giant coming to their city and growing the housing crisis, increasing income inequality, and changing the real estate and affordable housing market. Jackpotting, the hacking scheme that spits out money from an ATMs as you walk by, is a growing trend in the United States. Financial institutions using outdated Windows XP software are being targeted. This is a growing concern since some banking companies are neglecting to upgrade their information technology infrastructure.
In today's podcast, we hear that hackers have looted cryptocurrency exchange Coincheck to the tune of about $530 million. Experty's ICO speculators get phished by crooks. Jackpotting hits American ATMs. The Dridex banking Trojan apparently has a ransomware sibling: FriedEx. Transduction attacks could hit IoT sensors. Steganographic app "Muslim Crypt" is designed for jihadist communication. North Korea tells Britain to mind its own business about WannaCry. Zulfikar Ramzan from RSA with his perspective on Spectre and Meltdown. Strava fitness app reveals locations of user activity.
This week, we discuss a jackpotting malware attack that caused cash machines across Europe to spit out cash, a WordPress RCE vulnerability affecting 27% of the web, and a data breach affecting more than 133,000 Three customers.
In today's podcast, we hear about how ISIS is making its way, quietly, back into the cyber news (and how the Australian Signals Directorate is on the case). The Broadband Internet Technology Advisory Group wants the IoT industry to face some unpleasant facts, and the security industry calls for standards. Europol finishes its second sweep of money mules. ATM jackpotting spreads in Europe and Asia. India suffers a wave of carding. Joe Carrigan from the Johns Hopkins University Information Security Institute reports back from the NICE Conference. BBC Journalist and Author Gordon Corera is our guest, discussing his latest book, "Cyber Spies - The secret history of surveillance, hacking and digital espionage." And security experts warn us all to be cyber savvy on Black Friday.
© 2020-2025 Ivy Podcast Discovery LLC
