Additional News for ThreatWire this week! (Patreon)

Published:

2021-06-29 17:53:44

Imported:

2022-07

Content

There were a ton of good stories I wanted to mention this week (this is why I'm starting an audio podcast!), so here's some additional stuff you should know:

A security researcher found a series of flaws that would allow him to use NFC to exploit an ATM. The technical details are under NDA with the ATM makers but the scenario laid out in this article is pretty interesting.

https://arstechnica.com/information-technology/2021/06/nfc-flaws-let-researchers-hack-an-atm-by-waving-a-phone/

ACTION ALERT: Lexmark printers can be exploited using a vulnerability that can allow for arbitrary code execution. No patch is available yet, but Lexmark is working on it.

https://threatpost.com/lexmark-printers-code-execution-zero-day/167111/

The Illinois Supreme Court ruled in favor of a class action settlement against Six Flags for their practice of scanning guests fingerprints upon entrance to parks. The amusement park will owe $36 million.

https://threatpost.com/six-flags-to-pay-36m-over-collection-of-fingerprints/167103/

Files

NFC flaws let researchers hack an ATM by waving a phone

For years, security researchers and cybercriminals have hacked ATMs by using all possible avenues to their innards, from opening a front panel and sticking a thumb drive into a USB port to drilling a hole that exposes internal wiring.