Timur Yunusov

Expert in Banking and Application Security, Positive Technologies

About speaker

Timur Yunusov is an expert in banking and application security. He has authored multiple research in these areas including ‘Apple Pay replay attacks’ (Black Hat USA 2017), ‘7 sins of ATM protection against logical attacks’ (PacSec, POC), ‘Bruteforce of PHPSESSID’, ‘XML Out-Of-Band’ (Black Hat EU), and is rated in the Top Ten Web Hacking Techniques by WhiteHat Security. He regularly speaks at conferences and has previously spoken at CanSecWest, Black Hat USA, Black Hat Europe, HackInTheBox, Nullcon, NoSuchCon, Hack In Paris, ZeroNights, and Positive Hack Days.

November 16

11:00 — 13:00

For the sake of money. Payment endpoint's vulnerabilities

FINANCE.ZONE

Russian

Hackers all around the world use vulnerabilities of payment terminals and cards for money laundering and fraudulent payments. However, the actual amount of available information is quite small, it is fragmentary and incomplete.
How do hackers get access to the terminals, and what happens next?
How and where do hackers use stolen data?
How to make payments with the chip without knowledge of a PIN code?
How are payments with magnetic stripe made (despite the fact that in Russia, cards should only use a chip)?