Discussion:
Cyber attack
(too old to reply)
Steve Beaver
2017-05-15 23:23:17 UTC
Permalink
Raw Message
I have been seen a lot of emails for what appears to be DocuSign and I have been killing them when I seen them

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Steve Smith
2017-05-15 23:38:51 UTC
Permalink
Raw Message
Well, I've been getting about daily emails from them for a while. After
verifying that htere wasn't any spoofing going on, I replied to say I had
no prior contact, no interest, and please bugger off (I'm not British, but
that sounds cool (and not nearly as vulgar to Americans as its 4-letter
equivalent)). I actually got what appeared to be a reply from a humanoid
of some type that was just trying to do her job (she had some feminine
name, I don't remember what), albeit without engaging any higher function
(if any) in her pretty little head.

Didn't help. Added sender to poop-list. That did.

sas
Post by Steve Beaver
I have been seen a lot of emails for what appears to be DocuSign and I
have been killing them when I seen them
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
--
sas

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Jesse 1 Robinson
2017-05-15 23:39:56 UTC
Permalink
Raw Message
I got one over the weekend with a name I don't recognize. Did not open or pursue because I was suspicious.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
***@sce.com

-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Steve Beaver
Sent: Monday, May 15, 2017 4:24 PM
To: IBM-***@LISTSERV.UA.EDU
Subject: (External):Cyber attack

I have been seen a lot of emails for what appears to be DocuSign and I have been killing them when I seen them


----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Charles Mills
2017-05-16 12:58:19 UTC
Permalink
Raw Message
https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

Charles


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson
Sent: Monday, May 15, 2017 4:38 PM
To: IBM-***@LISTSERV.UA.EDU
Subject: Re: Cyber attack

I got one over the weekend with a name I don't recognize. Did not open or pursue because I was suspicious.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
***@sce.com

-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Steve Beaver
Sent: Monday, May 15, 2017 4:24 PM
To: IBM-***@LISTSERV.UA.EDU
Subject: (External):Cyber attack

I have been seen a lot of emails for what appears to be DocuSign and I have been killing them when I seen them

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Jesse 1 Robinson
2017-05-16 15:24:42 UTC
Permalink
Raw Message
Thanks for this link. I have reported it to our cybersecurity folks.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
***@sce.com


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Charles Mills
Sent: Tuesday, May 16, 2017 5:59 AM
To: IBM-***@LISTSERV.UA.EDU
Subject: (External):Re: Cyber attack

https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

Charles


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson
Sent: Monday, May 15, 2017 4:38 PM
To: IBM-***@LISTSERV.UA.EDU
Subject: Re: Cyber attack

I got one over the weekend with a name I don't recognize. Did not open or pursue because I was suspicious.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
***@sce.com

-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Steve Beaver
Sent: Monday, May 15, 2017 4:24 PM
To: IBM-***@LISTSERV.UA.EDU
Subject: (External):Cyber attack

I have been seen a lot of emails for what appears to be DocuSign and I have been killing them when I seen them


----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Charles Mills
2017-05-16 16:48:47 UTC
Permalink
Raw Message
Brian Krebs is a super reliable source. He has one or two issues that he is over-obsessed with IMHO but he is often a good read. I've never read anything from Brian that I thought based on my knowledge or experience to be wrong.

Not mainframe-oriented at all, of course, but many issues are more or less universal.

Charles


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Jesse 1 Robinson
Sent: Tuesday, May 16, 2017 8:24 AM
To: IBM-***@LISTSERV.UA.EDU
Subject: Re: Cyber attack

Thanks for this link. I have reported it to our cybersecurity folks.

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
***@sce.com


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-***@LISTSERV.UA.EDU] On Behalf Of Charles Mills
Sent: Tuesday, May 16, 2017 5:59 AM
To: IBM-***@LISTSERV.UA.EDU
Subject: (External):Re: Cyber attack

https://krebsonsecurity.com/2017/05/breach-at-docusign-led-to-targeted-email-malware-campaign/

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Edward Finnell
2017-05-16 22:11:07 UTC
Permalink
Raw Message
The CEO of Carbon Black was on Bloomberg yesterday. Sharp guy, guess I came
away with three things.

1)Too soon to tell who did it. There is already a wannacry 2.0

2)NSA data dumpers are threatening to do a dump month.

3)Cartels/Syndicates have their own TOR like networks to move info and $$$
undetected in traditional sense.


In a message dated 5/16/2017 10:25:49 A.M. Central Daylight Time,
***@SCE.COM writes:

Thanks for this link. I have reported it to our cybersecurity folks.



----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to ***@listserv.ua.edu with the message: INFO IBM-MAIN
Loading...