subject:"tryisc.com is not an isc.org domain"

Re: tryisc.com is not an isc.org domain

2024-06-28 Thread JW ,\ John Woodworth

Hi Vicky,I received one of these and it felt "phishy."  Particularly since they 
didn't know the "C" in ISC was for "consortium."Thanks for clarifying./John
 Original message From: Victoria Risk Update: 
This was not the fraud we thought it was We have learned that emails we 
originally identified as abuse were sent by an external contractor engaged by 
ISC to conduct a focussed and short-term lead generation campaign. We have 
instructed the vendor to halt that campaign.We clearly suffered some 
communications failures here. Our communication with the vendor should have 
made it clear that we would not be comfortable with the approach they adopted. 
Plus, our internal communication failed as we lacked sufficient awareness of 
the campaign to respond in a more appropriate fashion when we received 
questions about the emails.We have been assured by the vendor that this was not 
a bulk unsolicited email campaign. We affirm our stance that bulk unsolicited 
email is counter to our mission in support of Internet infrastructure.We 
apologize for any inconvenience or disruption this event may have caused. We 
promptly canceled our abuse complaint concerning the domain name, and we ask 
any of you who have taken any filtering or blocking or complaint action against 
the domain name or the originating IP addresses to do the same. We appreciate 
the outpouring of sympathy from our community, many of whom have emailed us 
with helpful suggestions. We thank you for your continued support.On Jun 25, 
2024, at 10:42 AM, Victoria Risk  wrote:BIND-users,Someone is 
sending emails from tryisc.com, pretending to be from Internet Systems 
Corporation, and offering information about undisclosed BIND software 
vulnerabilities. These emails are NOT from ISC, the authors of BIND, and they 
are not authorized by ISC.If you feel you have received illegitimate 
communications from someone purporting to be an ISC staff member, please report 
it (https://www.isc.org/security-report/). If someone other than ISC.org is 
offering to provide software vulnerability information about ISC software, this 
is suspicious and probably fraudulent. ISC does offer professional support 
services, which includes advance notification of security vulnerabilities in 
our software but we have not authorized anyone else to disclose that 
information prior to public disclosure.Be safe out there, and check the domain 
name if you are not sure about the sender. ISC.org is signed, so you can also 
validate it (since you are all operating resolvers, right?).Vicky Risk (working 
at the actual ISC.org)-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: tryisc.com is not an isc.org domain

2024-06-27 Thread Victoria Risk

Update: 

This was not the fraud we thought it was 

We have learned that emails we originally identified as abuse were sent by an 
external contractor engaged by ISC to conduct a focussed and short-term lead 
generation campaign. We have instructed the vendor to halt that campaign.

We clearly suffered some communications failures here. Our communication with 
the vendor should have made it clear that we would not be comfortable with the 
approach they adopted. Plus, our internal communication failed as we lacked 
sufficient awareness of the campaign to respond in a more appropriate fashion 
when we received questions about the emails.

We have been assured by the vendor that this was not a bulk unsolicited email 
campaign. We affirm our stance that bulk unsolicited email is counter to our 
mission in support of Internet infrastructure.

We apologize for any inconvenience or disruption this event may have caused. We 
promptly canceled our abuse complaint concerning the domain name, and we ask 
any of you who have taken any filtering or blocking or complaint action against 
the domain name or the originating IP addresses to do the same. We appreciate 
the outpouring of sympathy from our community, many of whom have emailed us 
with helpful suggestions. We thank you for your continued support.

> On Jun 25, 2024, at 10:42 AM, Victoria Risk  wrote:
> 
> BIND-users,
> 
> Someone is sending emails from tryisc.com, pretending to be from Internet 
> Systems Corporation, and offering information about undisclosed BIND software 
> vulnerabilities. These emails are NOT from ISC, the authors of BIND, and they 
> are not authorized by ISC.
> 
> If you feel you have received illegitimate communications from someone 
> purporting to be an ISC staff member, please report it 
> (https://www.isc.org/security-report/). If someone other than ISC.org is 
> offering to provide software vulnerability information about ISC software, 
> this is suspicious and probably fraudulent. ISC does offer professional 
> support services, which includes advance notification of security 
> vulnerabilities in our software but we have not authorized anyone else to 
> disclose that information prior to public disclosure.
> 
> Be safe out there, and check the domain name if you are not sure about the 
> sender. ISC.org  is signed, so you can also validate it 
> (since you are all operating resolvers, right?).
> 
> Vicky Risk (working at the actual ISC.org )
> 

-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

tryisc.com is not an isc.org domain

2024-06-25 Thread Victoria Risk

BIND-users,

Someone is sending emails from tryisc.com, pretending to be from Internet 
Systems Corporation, and offering information about undisclosed BIND software 
vulnerabilities. These emails are NOT from ISC, the authors of BIND, and they 
are not authorized by ISC.

If you feel you have received illegitimate communications from someone 
purporting to be an ISC staff member, please report it 
(https://www.isc.org/security-report/). If someone other than ISC.org is 
offering to provide software vulnerability information about ISC software, this 
is suspicious and probably fraudulent. ISC does offer professional support 
services, which includes advance notification of security vulnerabilities in 
our software but we have not authorized anyone else to disclose that 
information prior to public disclosure.

Be safe out there, and check the domain name if you are not sure about the 
sender. ISC.org  is signed, so you can also validate it (since 
you are all operating resolvers, right?).

Vicky Risk (working at the actual ISC.org )-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: tryisc.com is not an isc.org domain

Re: tryisc.com is not an isc.org domain

tryisc.com is not an isc.org domain

3 matches

Site Navigation

Mail list logo

Footer information