Share |

InfoSec News

Marvell Technology today announced that it plans to release a storage I/O accelerator card for commodity servers that could deliver a tenfold reduction in storage network traffic caused by virtual machine activity.
GE Healthcare and Airstrip Technologies announced a new app for iPhones and iPads that allows physicians to see near-real-time readouts from electrocardiographs to remotely diagnose and treat heart patients.

There is a trend in vigilant disclosure by some companies and service providers. A reader wrote in with a great example of an email disclosure. U.S. Bank informed it's customers of a breach in a partners system. It went on to disclose that the partner system had been accessed by unauthorized users and that customer email addresses had been exposed.
What stuck out for myself and other handlers that commented, was the way the disclosure was handled. U.S. Bank then clearly identified it's information disclosure policy. They followed on to inform customers that at no time was financial data disclosed and that only Epsilon's systems had been accessed.
If you have had any disclosures from vendors please send them in to us. Packets are better but we take disclosures as well!
color: #134fae}
span.s1 {text-decoration: underline}

As a valued U.S. Bank customer, we want to make you aware of a situation that has occurred related to your email address.

We have been informed by Epsilon Interactive, a vendor based in Dallas, Texas, that files containing your email address were accessed by unauthorized entry into their computer system. Epsilon helps us send you emails about products and services that may be of interest to you.

We want to assure you that U.S. Bank has never provided Epsilon with financial information about you. For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails.

Please remember that U.S. Bank will never request information such as your personal ID, password, social security number, PIN or account number via email. For your safety, never share this or similar information in response to an email request at any time. To learn more about recognizing online fraud issues, visit:

In addition, if you receive any suspicious looking emails, please tell us immediately.

Call U.S. Bank Customer Service at 800-US-BANKS (800-872-2657).

The security of your information is important to us, and we apologize for any inconvenience this may have caused you. As always, if you have any questions, or need any additional information, please do not hesitate to contact us.

Richard Porter
--- ISC Handler on Duty
Can be reached:
Twitter: packetalien
Email: richard at isc dot sans dot edu (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Selling technology to cops: 3 ways to make them interested
IDG News Service
When I was working with banks and businesses, I'd see infosec people firing up their keyboards to take on a range of threats that ranged from pedestrian annoyances to break-the-bank intellectual property thefts. The similarities in personality are ...

and more »
Last month's hack of RSA Security began with an exploit of a then-unpatched vulnerability in Adobe Flash Player.

Internet Storm Center Infocon Status