7 Sins of ATM Protection Against Logical Attacks

Explore the seven critical vulnerabilities in ATM protection against logical attacks in this conference talk from nullcon Goa 2017. Delve into Windows kiosk mode bypass, privilege escalation techniques, security software vulnerabilities, bootkit and BIOS issues, physical network security concerns, software/hardware update challenges, and device management flaws. Learn from senior banking systems security expert Timur Yunusov as he shares insights on ATM security weaknesses, covering topics such as local security policy bypass, file system restrictions, industrial GSM modems, and more. Gain valuable knowledge on ATM security vulnerabilities and potential attack vectors to better understand and address these critical issues in the banking industry.

Introduction
Hotkeys
Always on top
ATM activation window
Application control tools
Network
Disable
Device Management
Logical vulnerabilities
File system API
File delivery
ATM with Windows XP
Thoughts
Thanks