BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Where’s the Money: Defeating ATM Disk Encryption\n
    When: Friday\, Aug 9\, 10:00 - 10:45 PDT\n   Where: LVCC West/Floor 1/H
 all 1/Track 3 - [1]Map\n\n   Description:\n\n   Holding upwards of $400\,0
 00\, ATMs continue to be a target of\n   opportunity and have seen over a 
 600% increase in crime in just the\n   last few years. During this time\, 
 I led security research with another\n   colleague into the enterprise ATM
  industry resulting in the discovery\n   of 6 zero-day vulnerabilities aff
 ecting Diebold Nixdorf’s Vynamic\n   Security Suite (VSS)\, the most pro
 lific ATM security solution in the\n   market. 10 minutes or less is all t
 hat a malicious actor would need to\n   gain full control of any system ru
 nning VSS via offline code injection\n   and decryption of the primary Win
 dows OS. Diebold Nixdorf is one of\n   three major North American enterpri
 se class ATM manufacturers with a\n   global presence in the financial\, c
 asino/gaming\, and point-of-sale\n   markets. Similar attack surfaces are 
 currently being used in the wild\n   and impact millions of systems across
  the globe. Furthermore\, VSS is\n   known to be present throughout the US
  gaming industry\, including most\n   of the ATM/cash-out systems across V
 egas.\n\n   In this session\, I will publicly disclose this research\, rev
 iew the\n   discovery process\, and dive into the technical intricacies of
  each\n   vulnerability. The Full Disk Encryption module of VSS conducts a
 \n   complex integrity validation process to ensure a trusted system state
 \,\n   performed as a layered approach during system initialization.\n   E
 xamination of the workflow will highlight various deficiencies that I\n   
 will demonstrate through PoC exploitation.\n\n   Each vulnerability presen
 ted in this session has been observed to have\n   a recursive impact acros
 s all major versions of VSS and represents a\n   systemic ongoing risk. We
  will explore the root-cause\, vendor\n   remediation steps\, and short-co
 mings thereof – perpetuating the\n   attack narrative. In conclusion\, p
 roper mitigation techniques and\n   procedures will be covered\, providing
  valuable insights into defending\n   against potential compromise.\n\n   
   * Vynamic Security Suite - Vynamic Security Hard Disk Encryption\n      
  Secure Sensitive Consumer Data: [2]link\n\n     * SEC Consult - Manipulat
 ion of pre-boot authentication in CryptWare\n       CryptoPro Secure Disk 
 for Bitlocker: [3]link\n\n     * Diebold Nixdorf - EULA for Vynamic Securi
 ty Suite 3.0: [4]link\n\n     * Diebold Nixdorf - Product Legal Terms Webs
 ite: [5]link\n\n     * CryptWare Website: [6]link\n\n     * Secure Disk fo
 r BitLocker Website: [7]link\n\n     * CPSD Website: [8]link\n\n     * O'R
 eilly - Essential System Administration\, 3rd Edition by Æleen\n       Fr
 isch: [9]link\n\n     * Flowblok's Blog - Shell Startup Scripts: [10]link\
 n\n     * Red Hat Customer Portal - Enhancing Security with the Kernel\n  
      Integrity Subsystem: [11]link\n\n     * OpenSUSE Wiki - SDB:Ima evm: 
 [12]link\n\n     * ATMIA - ATM Operator Training: [13]link\n\n     * 3SI S
 ystems - Stop Criminals from Cashing in at the ATM: [14]link\n\n     * Die
 bold Nixdorf - Vynamic Security Intrusion Protection Product\n       Card:
  [15]link\n\n     * Diebold Nixdorf - DN Product Card - Vynamic Security H
 ard Disk\n       Encryption: [16]link\n\n     * Everi - Everi to Showcase 
 "Digital Neighborhood" Connecting Guest\n       Loyalty\, Cash Access Expe
 riences\, and Casino Solutions Made\n       Possible by Industry-Leading F
 inancial Technology Portfolio at\n       2019 Global Gaming Expo: [17]link
 \n\n     * GlobeNewswire - NRT Accelerates Growth through Acquisition of\n
        Casino ATM Portfolio: [18]link\n\n     * Northox - How does the TPM
  perform integrity measurements on a\n       system?: [19]link\n\n   Speak
 erBio:  Matt Burch\, Independent Vulnerability Researcher\n\n   Matt Burch
  is an independent vulnerability researcher with 20 years of\n   experienc
 e in the information security industry and 15 years of focus\n   in advers
 arial testing and simulation. He specializes in ATM\, IoT\,\n   mobile app
 lication\, and IP based vulnerability research. With this\n   diverse back
 ground\, he has successfully identified unique deficiencies\n   in high-se
 curity products – awarding him numerous CVE\n   accreditations.\n\n   '\
 n\n   1. #LVCCW_Level1_Hall1\n   2. https://www.dieboldnixdorf.com/-/media
 /diebold/files/banking/software/dn_product-card_vynamic-security-hard-disk
 -encryption.pdf\n   3. https://sec-consult.com/vulnerability-lab/advisory/
 manipulation-of-pre-boot-authentication/\n   4. https://dnlegalterms.com/w
 p-content/uploads/2020/03/2020026_Diebold_Nixdorf_EULA_for_VYNAMIC_SECURIT
 Y_3_0_December_19_2018_022249.pdf\n   5. https://dnlegalterms.com/products
 /\n   6. https://cryptware-it-security.de/\n   7. https://secure-disk-for-
 bitlocker.com/about/\n   8. https://www.cpsd.at/\n   9. https://www.oreill
 y.com/library/view/essential-system-administration/0596003439/ch04s02.html
 \n   10. https://blog.flowblok.id.au/2013-02/shell-startup-scripts.html\n 
   11. https://access.redhat.com/documentation/en-us/red_hat_enterprise_lin
 ux/8/html/managing_monitoring_and_updating_the_kernel/enhancing-security-w
 ith-the-kernel-integrity-subsystem_managing-monitoring-and-updating-the-ke
 rnel?extIdCarryOver=true&sc_cid=701f2000001OH7EAAW\n   12. https://en.open
 suse.org/SDB:Ima_evm\n   13. https://www.atmia.com/training/atm-operators/
 \n   14. https://www.atmia.com/files/whitepapers/2024-atm-crime-trends.pdf
 \n   15. https://www.dieboldnixdorf.com/-/media/diebold/files/banking/soft
 ware/vynamic-security-intrusion-protectionproduct-card.pdf\n   16. https:/
 /www.dieboldnixdorf.com/-/media/diebold/files/banking/software/dn_product-
 card_vynamic-security-harddisk-encryption.pdf\n   17. https://s1.q4cdn.com
 /401000259/files/doc_news/Everi-to-Showcase-Digital-Neighborhood-Connectin
 g-Guest-Loyalty-Cash-Access-Experiences-and-Casino-Solutions-Made-Possible
 -by-Industr-SW9PO.pdf\n   18. https://finance.yahoo.com/news/nrt-accelerat
 es-growth-acquisition-casino-160700070.html\n   19. https://security.stack
 exchange.com/questions/39329/how-does-the-tpm-perform-integrity-measuremen
 tson-a-system\n\n\n
DTEND:20240809T174500Z
DTSTART:20240809T170000Z
LOCATION:DC - LVCC West/Floor 1/Hall 1/Track 3
SUMMARY:Where’s the Money: Defeating ATM Disk Encryption
END:VEVENT
END:VCALENDAR