There was a great talk several years back at Blackhat/Defcon by the late Barnaby Jack about hacking ATMs. He targeted the generic ATMs typically seen in gas stations, but some of the same techniques apply.
I'm surprised with how strict PCI compliance rules are for most integrations that a crusty OS with all sorts of holes is allowed to continue as the backbone of so many ATMs. I would think that something *NIX-y would be a solid bet at this point. Can't be worse than XP.
Best tip was that you should be on the look-out for criminals pretending to be security cameras!
"Be on the lookout for social engineering attacks by criminals who may be masquerading as inspectors or security alarms, security cameras or other devices on premises."
[+] [-] amckenna|11 years ago|reply
part 1 of 3 - https://www.youtube.com/watch?v=4QG1A9FuNkw
[+] [-] actionscripted|11 years ago|reply
[+] [-] Tombone5|11 years ago|reply
"Be on the lookout for social engineering attacks by criminals who may be masquerading as inspectors or security alarms, security cameras or other devices on premises."