Word of the Day & Pop Quiz: ATM jackpotting

Word of the Day: Daily updates on the latest technology terms

Word of the Day & Pop Quiz Daily updates on the latest technology terms | September 1, 2020 jackpotting Jackpotting is a security attack in which a malicious actor exploits a vulnerability in an automated teller machine (ATM) in order to make the machine dispense cash.    Unlike card skimming exploits that seek to steal bank account numbers and passwords from ATMs, the vast majority of jackpot attacks target the machine's cash reserves, which are not tied to the balance of any particular bank account.   In order to carry out this type of exploit, a jackpotter must physically break into the target ATM by removing a panel and exposing the machine's components, including its USB port.   Once the criminals gain physical access, they can connect their own computing device to the ATM and infect the machine with malware to make it dispense cash. Jackpotters often dress up as bank maintenance staff and use social engineering techniques to avoid being arrested.   Older stand-alone ATMs, especially those in retail and service outlets, are currently the most popular targets for jackpotting exploits. In some countries, this type of exploit may also be referred to as an ATM cash-out attack. Continue reading...     Take today's Pop Quiz!   1. An attack __________ is a path or means by which a malicious actor can gain access to a computer or network server in order to deliver a payload. Answer   2. _______________ is the use of direct observation to capture a victim's PIN when they use an ATM machine. a. Direct telnet b. Shoulder surfing Answer 3. What do you call a program or file that is harmful to a computer user? a. malware b. crapware Answer 4. USB is a plug-and-play interface that can be used to connect a computer with an external flash drive. What does USB stand for? Answer 5. Social _________ is an attack vector that relies heavily on human interaction and peoples' willingness to be helpful. a. engineering b. sourcing Answer Today's Takeaway "The U.S. Government issued a joint alert for an ATM cash-out scheme run by a newly identified North Korean nation-state hacking group known as BeagleBoyz." - Alexander Culafi Watch and Learn   There are a variety of different cybercrimes and cyberattacks, each of which has its own ways to defend and prevent. However, social engineering plays a large role in many kinds of cybercrime. Watch to learn about cybercrime motives and prevention. Continue Learning North Korea's 'BeagleBoyz' target banks with ATM cash-out attacks The U.S. Government issued a joint alert for an ATM cash-out scheme run by a newly identified North Korean nation-state hacking group known as 'BeagleBoyz.' 'Secure by Design' principles include failures, exceptions Using design principles with built-in security, along with properly defining exceptions, can help developers not only build safe code, but do so while meeting deadlines. MSPs expand into managed physical security services Companies such as Deep Sentinel and Viakoo are tapping partners to deliver physical security services. Learn how MSPs are incorporating physical security into their offerings. Huge rise in rogue banking apps driving fraud attacks Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA. Advanced AI in financial services boosts fraud detection, efficiency Financial firms plan to invest more into R&D on AI and plan to deploy advanced AI, like deep learning, within the next two years, according to a new survey. Pop Quiz Answer Key 1. attack vector 2. shoulder surfing 3. malware 4. Universal Serial Bus 5. social engineering Stay in Touch Thank you for reading! For feedback about any of our definitions or to suggest a new definition (or learning resource) please contact me at mrouse@techtarget.com FOLLOW US About This E-Newsletter The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List