This month, DC612 founder David Bryan (VideoMan) will be giving a preview of his upcoming Thotcon talk titled “Goldilocks and the three ATM attacks”. The abstract reads as follows:
Automated Teller Machines (ATM) attacks are more sophisticated than ever before. Criminals have upped their game, compromising and manipulating ATM networks, software and other connected infrastructure. Between having a third-party manage these machines, and ATMs deployed on low-bandwidth links, it’s an inevitable wild-west environment. In this talk I will review three case studies of ATM attacks, showing how they have become more dangerous than ever before. In this session, I will discuss unknown ATM flaws our pentesting team has uncovered while performing testing, the various ways criminals are attacking ATMs, the many security problems that we have identified with ATM systems, and what can be done to prevent these attacks. I will review three case studies of ATMs. One where the ATM security was extremely poor; One where the security was very good but the ATM still fell victim to an attack because we discovered a zero-day in the management software; And one where the security was just right- but its specific deployment had some major flaws that ultimately led to an ATM compromise. In this last case, the attackers side-loaded an application, and were able to run a criminal ring that led to $7M USD in losses.
Exciting stuff – hope to see you all there!
Where: Wilde Roast Cafe – 65 Main St SE, Mpls.
When: Thursday, May 9th 6PM
We are back on for April!
DC612 is back on an irregular night (third Monday) but at our regular location (Wilde Roast). Minnesota tried its best to keep us away, but we persisted!
This month we get Blue, with POWER-RESPONSE!
— TactiFail (Original post by Kat)
Update: Unfortunately with the coming storm we have decided to cancel the April meeting. We may reschedule if it works out for our speakers (and the weather), so keep an eye on this channel for more.
Annnnnnd, We’re Back!
DC612 is back on our regular night (Second Thursday) and at our regular location (Wilde Roast).
This month we get Blue, with POWER-RESPONSE !
We are happy to announce a SECOND meeting this March – that’s two for the price of none!
Josh More, frequent speaker and resident intern wrangler will be wrangling interns this month. He has invited them to meet with DC612 folk and learn what it is like to work in security. It will be a pretty relaxed session, general Q&A sort of thing, open mic. Feel free to join us and discuss the day-to-day of working in the security field, whether you are on the blue team, the red team, the orange team, Team Edward, Ravenclaw, Next Generation,
or even emacs.
See you all there!
Important Update! The location has changed but the date remains the same from our last announcement (it is the first Thursday this month). Our usual spot is closed for renovations, so we will be returning to our old stomping grounds at Elsie’s! We won’t be in the front room near the entrance it sounds like, but rather in the back room in the dining area. Ask staff if you need directions. There is usually plenty of free parking, and the side road has curbside parking as well.
We will have two Hacker friendly games available for play.
– A competitive card game based on the CIA’s declassified training game: Collection Deck.
Get Loot (https://shop.hak5.org/products/get-loot)
– GET LOOT is a 3-5 player competitive hacking game where your goal is to exfiltrate (steal) loot while sabotaging your rivals with strategic crypto-locks and Hak5 themed cyber attacks!
Don’t forget to bring your lock pick sets! We will have a collection of practice locks to play with through out the evening.