[PLUG] ATM Security (fwd)

Rich Shepard rshepard at appl-ecosys.com
Wed Nov 17 16:07:06 UTC 2004


   Just in case you were feeling good this Wednesday morning.

Rich

-- 
Dr. Richard B. Shepard, President
Applied Ecosystem Services, Inc. (TM)
<http://www.appl-ecosys.com>   Voice: 503-667-4517   Fax: 503-667-8863

---------- Forwarded message ----------
This just in from SANS:

  --Alliance Publishes ATM Cyber Security Guide
(10 November 2004)
The Global ATM Security Alliance has published a guide to cash machine
cyber security as a proactive measure; ATMs are increasingly moving to
Windows and other commonly used platforms.  Though ATMs are generally
on private networks or VPNs, the possibility of undocumented Internet
connections always exists, as does the possibility of malicious code
sneaking in via laptops connected to the system.  Last year, the Nachi
worm exploited the RPC DCOM vulnerability in Windows to compromise ATMs
at two different financial institutions.
http://www.securityfocus.com/printable/news/9903

I don't know about you, but the idea that my bank account(s) can be
reached from an ATM network based on Windows makes me woozy.

- Bill




More information about the PLUG mailing list