ATM manufacturers Hantle and Triton have released new versions of their firmware that fix the vulnerability. IOActive researcher Barnaby Jack demonstrated the vulnerability at the Black Hat conference last month. Jack was able to bypass the authentication mechanism on the ATMs and then load a small rootkit that he wrote. Both manufacturers are recommending that ATM owners install the updates immediately. Jack: Many ATMs are protected by a master key that can be bought for $10.78 on hundreds of web sites.
Source: https://threatpost.com/atm-makers-release-fixes-jackpotting-flaw-082310/74365/

