all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Ultimate ATM Heist: From File System Escape to Remote Code Execution

Add to bookmarks
Sept. 8, 2022, midnight |

SpiderLabs Blog from Trustwave www.trustwave.com

During testing on NCR ATMs, Trustwave SpiderLabs identified vulnerabilities that allowed for the ability to escape into the ATM’s file system and perform arbitrary file read/write. The ability to write files was escalated into arbitrary code execution, and subsequently, a reverse shell was obtained. Then, remote code execution was performed.

atm code code execution escape file system heist remote code execution system

Visit resource

More from www.trustwave.com / SpiderLabs Blog from Trustwave

The Invisible Battleground: Essentials of EASM 4 days, 2 hours ago | www.trustwave.com
attack attack surface attack surface management cyber +13
EDR – The Multi-Tool of Security Defenses 4 days, 2 hours ago | www.trustwave.com
blog blog posts can cybersecurity +10
Fake Dialog Boxes to Make Malware More Convincing 1 week, 2 days ago | www.trustwave.com
dialog engagement fake loader +7
The Secret Cipher: Modern Data Loss Prevention Solutions 1 week, 4 days ago | www.trustwave.com
automated can cipher data +18
CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway 1 week, 6 days ago | www.trustwave.com
alto arbitrary code attacker code +25
CNAPP, CSPM, CIEM, CWPP – Oh My! 2 weeks, 4 days ago | www.trustwave.com
alphabet ciem cnapp cspm +9
Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region 3 weeks ago | www.trustwave.com
american attachment campaign deception +12
Zero Trust Essentials 3 weeks, 4 days ago | www.trustwave.com
blog blog posts can cybersecurity +8
Why We Should Probably Stop Visually Verifying Checksums 4 weeks, 2 days ago | www.trustwave.com
checksums hello start thanks +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Compliance Architect - Experian Health (Can be REMOTE from anywhere in the US)

@ Experian | ., ., United States
View on infosec-jobs.com

IT Security Specialist

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Senior, Cyber Security Analyst

@ Peloton | New York City
View on infosec-jobs.com

Cyber Security Engineer | Perimeter | Firewall

@ Garmin Cluj | Cluj-Napoca, Cluj County, Romania
View on infosec-jobs.com

Pentester / Ethical Hacker Web/API - Vast/Freelance

@ Resillion | Brussels, Belgium
View on infosec-jobs.com
View more jobs