William Friend

Tag: Cybersecurity

  • Building an ATM Defense That Actually Works

    Building an ATM Defense That Actually Works
    ,

    This is Part 4 of a 4-part series on ATM attack risks and defense strategies. In Part 1, we explored the evolving threat landscape. Part 2 covered physical attack vectors. Part 3 examined the cyber threats—from jackpotting malware to state-sponsored backend compromises. Now we bring it all together with a practical framework for building an Read more

  • Jackpotting, Black Boxes, and State-Sponsored Hackers

    Jackpotting, Black Boxes, and State-Sponsored Hackers
    ,

    This is Part 3 of a 4-part series on ATM attack risks and defense strategies. In Part 1, we examined the evolving threat landscape. In Part 2, we covered the physical attack vectors. Now we turn to the logical and cybersecurity attacks that represent the most dangerous and rapidly evolving threats to ATM networks. While Read more

  • From Skimmers to Sledgehammers: Physical ATM Attacks

    From Skimmers to Sledgehammers: Physical ATM Attacks
    ,

    This is Part 2 of a 4-part series on ATM attack risks and defense strategies. In Part 1, we explored the evolving threat landscape and the architecture that makes ATMs vulnerable. Now we turn to the physical attacks that remain a persistent and often devastating threat to ATM operators. Physical attacks on ATMs are as Read more

  • The Evolving ATM Threat Landscape

    The Evolving ATM Threat Landscape
    ,

    This is Part 1 of a 4-part series on ATM attack risks and defense strategies. Based on original research compiled in our comprehensive white paper, this series explores the evolving threat landscape targeting Automated Teller Machines—from physical attacks and card skimming to sophisticated cyber intrusions and state-sponsored heists. Automated Teller Machines remain a cornerstone of Read more

  • Navigating the Transition: A Definitive Analysis of PCI PTS POI v5 and the Strategic Imperative of v6

    Navigating the Transition: A Definitive Analysis of PCI PTS POI v5 and the Strategic Imperative of v6

    William Friend

    , ,

    Introduction to the PCI PTS POI Security Standard In the intricate ecosystem of payment security, the physical point of interaction—where a customer presents their payment card—represents a critical and highly targeted frontier. To secure this environment, the Payment Card Industry Security Standards Council (PCI SSC), a global forum of payment industry stakeholders, develops and maintains Read more

  • Navigating the PCI PTS POI V5 deadline

    Navigating the PCI PTS POI V5 deadline

    William Friend

    , , ,

    Navigating the PCI PTS POI Security Transition An essential guide for understanding the shift from version 5 to version 6 of the Payment Card Industry’s Point of Interaction standard, with a focus on ATM security. The Countdown to Compliance The final deadline for all devices to meet the PCI PTS POI v6 standard has been Read more

  • Anatomy of a Cyber-Physical Heist

    Anatomy of a Cyber-Physical Heist

    William Friend

    ,

    UNC2891 Cyber-Physical Attack: An Interactive Analysis Attack Analysis Overview Attack Flow Threat Actor Defense Anatomy of a Cyber-Physical Heist An interactive deep dive into the sophisticated, multi-stage attack by the threat actor UNC2891, who blended physical intrusion with advanced digital warfare to target a major financial institution. The Attack Flow: From Physical Breach to Digital Read more

  • ATM Security Framework

    ATM Security Framework

    William Friend

    ,

    The modern ATM is not just a cash dispenser; it is a complex, high-risk endpoint running a full-fledged OS like Windows. This reframes the ATM as a specialized PC, requiring a holistic security approach that merges enterprise endpoint security with controls for its unique physical and transactional functions. Read more