BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Contactless Overflow: Code execution in payment term inals and\n ATM’s over NFC\n When: Saturday\, Aug 12\, 14:30 - 15:15 PDT\n Where: Caesars Forum - Forum - 130-134 - Track 3 - [1]Map\n\n S peakerBio:Josep Pi Rodriguez \, Principal Security Consultant at\n IOAct ive\n Josep Pi Rodriguez is experienced in network penetration and web\n application testing\, reverse engineering\, industrial control systems\ ,\n transportation\, RF\, embedded systems\, AMI\, vulnerability researc h\,\n exploit development\, and malware analysis. As a principal consult ant\n at IOActive\, Mr. Pi Rodriguez performs penetration testing\, iden tifies\n system vulnerabilities\, and researches cutting-edge technologi es. Mr.\n Pi Rodriguez has performed security services and penetration t ests for\n numerous global organizations and a wide range of financial\, \n technical\, and educational institutions. He has presented at\n int ernational conferences including Defcon\, Immunity infiltrate\, Hack\n i n Paris\, Japan CCDS and Confidence Conference.\n Twitter: [2]@Josep_pi\ n\n Description:\n We conducted a research to assess the current secur ity of NFC payment\n readers that are present in most of the major ATM b rands\, portable\n point of sales\, gas stations\, vending machines\, tr ansportation and\n other kind of point of sales in the US\, Europe and w orldwide. In\n particular\, we found code execution vulnerabilities expl oitable\n through NFC when handling a special application protocol data unit\n (APDU) that affect most NFC payment vendors. The vulnerabilities\ n affect baremetal firmware devices and Android/Linux devices as well.\n \n After waiting more than 1 year and a half once we disclosed it to all \n the affected vendors\, we are ready to disclose all the technical\n details to the public. This research was covered in the media by\n wire d.com but without the technical details that we can share now [3]https://w ww.wired.com/story/atm-hack-nfc-bugs-point-of-sale/\n\n Some of the affe cted vendors are:\n IDtech - [4]https://idtechproducts.com/\n Ingenico - [5]https://www.ingenico.com/\n Verifone - [6]https://www.verifone.com /\n CPI - [7]https://www.cranepi.com/\n BBPOS - [8]https://www.bbpos.c om/\n Wiseasy - [9]https://www.wiseasy.com/\n Nexgo - [10]https://www. nexgoglobal.com/\n\n In this presentation we will describe the vulnerabi lities and also\n demo how the readers can be compromised\, using a spec ial Android app\n we created\, by just tapping an Android phone to the r eader. We will\n discuss the consequences such as financial impact in re ader’s\n users/owners and card data stealing once the firmware is comp romised.\n Also\, we will show how to compromise the host that is connec ted to the\n reader through USB by manipulating the reader’s firmware\ , chaining\n stack buffer overflow vulnerabilities in the SDK provided b y the\n vendor that is running in the host machine.\n\n Finally\, sinc e one of the affected vendors (IDtech) is present in most\n ATM brands i n the world\, the talk will cover different scenarios of\n how possible can be jackpotting ATMs just tapping a smartphone into\n the reader of t he ATM. We have many years of experience jackpotting\n all brands of ATM s in multiple different ways and we will show how\n this is technically possible.\n\n '\n\n 1. #CaesarsForumBR\n 2. https://twitter.com/Jose p_pi\n 3. https://www.wired.com/story/atm-hack-nfc-bugs-point-of-sale/\n 4. https://idtechproducts.com/\n 5. https://www.ingenico.com/\n 6. https://www.verifone.com/\n 7. https://www.cranepi.com/\n 8. https://w ww.bbpos.com/\n 9. https://www.wiseasy.com/\n 10. https://www.nexgoglo bal.com/\n\n\n DTEND:20230812T221500Z DTSTART:20230812T213000Z LOCATION:DC - Caesars Forum - Forum - 130-134 - Track 3 SUMMARY:Contactless Overflow: Code execution in payment terminals and ATM†™s over NFC END:VEVENT END:VCALENDAR