Researcher finds 9 vulnerabilities in ATM security software

SCM feed for Latest

Overview

Matt Burch, a principal security researcher at Atredis Partners, has discovered nine vulnerabilities in the CryptoPro Secure Disk software, which is used in ATM security. These vulnerabilities could potentially allow attackers to bypass security measures and gain unauthorized access to sensitive data stored on ATMs. Burch is set to present his findings at the upcoming Black Hat USA 2026 conference, emphasizing the need for financial institutions to address these weaknesses promptly. The implications are significant as they could affect the integrity of ATM transactions and the security of customer information. As vulnerabilities in ATM systems can lead to financial losses and breaches of personal data, it is crucial for vendors and banks to take immediate action to mitigate these risks.

Key Takeaways

  • Affected Systems: CryptoPro Secure Disk software
  • Action Required: Financial institutions should investigate the vulnerabilities and apply necessary patches or updates to CryptoPro Secure Disk as soon as they are available.
  • Timeline: Newly disclosed

Original Article Summary

Matt Burch, a principal security researcher at Atredis Partners, will present his findings on CryptoPro Secure Disk at Black Hat USA 2026.

Impact

CryptoPro Secure Disk software

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Newly disclosed

Remediation

Financial institutions should investigate the vulnerabilities and apply necessary patches or updates to CryptoPro Secure Disk as soon as they are available.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Coverage

Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here’s What We Know.

Security Affairs

Progress Software has alerted its ShareFile Storage Zone customers to immediately shut down their internet-facing servers due to a credible security threat that is currently under investigation. An email sent on July 10 emphasized the urgency of the situation, indicating that immediate action is necessary to protect sensitive data. This warning affects customers using the Storage Zone feature of ShareFile, which is designed for secure file storage and sharing. The need for prompt action highlights the potential risks associated with exposed servers, especially in an era where cyber threats are increasingly sophisticated. Customers are advised to take this warning seriously to mitigate any possible security breaches.

Jul 12, 2026

RedHook Android malware now uses Wireless ADB for shell access

BleepingComputer

A new version of the RedHook malware for Android has been discovered using a technique that exploits the Wireless Debugging feature, known as Wireless ADB. This allows attackers to gain shell-level access to devices without needing a physical connection to a computer. This development raises concerns because it can enable unauthorized control over affected devices, putting personal data and privacy at risk. Users of Android devices, especially those with Wireless ADB enabled, should be particularly vigilant. Researchers emphasize the need for users to disable this feature when not in use to mitigate potential risks.

Jul 12, 2026

Week in review: Accenture data breach, great open-source cybersecurity tools

Help Net Security

Last week, Accenture experienced a significant data breach that has raised concerns about the security of sensitive information. While specific details about the breach have not been fully disclosed, it is known that the attack may have compromised client data, which could have serious ramifications for businesses relying on Accenture's services. Cybersecurity experts are urging companies to review their security measures and ensure that they are prepared for potential fallout from this incident. Additionally, there was a discussion on the importance of tools like DMARC and BIMI for securing email communications, highlighting the ongoing challenges in protecting digital identities and brand integrity. This breach serves as a reminder of the vulnerabilities that large organizations face and the need for robust security practices.

Jul 12, 2026

Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities catalog. These flaws could allow attackers to compromise systems that utilize these applications, potentially leading to unauthorized access or data breaches. Organizations using these products should assess their systems for the vulnerabilities and apply any available patches or updates. The inclusion of these vulnerabilities in the CISA catalog signals their seriousness and emphasizes the need for organizations to stay vigilant about securing their software. This update is part of ongoing efforts to inform the public about critical vulnerabilities that could be exploited by cybercriminals.

Jul 12, 2026

U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities associated with iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities catalog. iCagenda is an open-source event management extension for Joomla, while Balbooa Forms is a popular form builder for Joomla sites. The inclusion of these flaws in the catalog means that they are recognized as actively exploited vulnerabilities, posing a risk to users of these platforms. It's essential for site administrators using these extensions to take immediate action to secure their systems and protect sensitive data. Ignoring these vulnerabilities could lead to unauthorized access or data breaches, affecting both website operators and their users.

Jul 11, 2026

Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

The Hacker News

Cybersecurity researchers have reported a series of cyber espionage attacks targeting multiple law enforcement agencies in Pakistan, specifically between February 2024 and April 2026. The Balochistan Police's web applications, which manage sensitive police and citizen data, were among the compromised assets. The attackers are believed to be linked to threat actors aligned with either China or India. This incident raises serious concerns about the security of law enforcement data in Pakistan and the potential implications for public safety. Such breaches not only compromise sensitive information but also can undermine trust in law enforcement institutions.

Jul 11, 2026