BIND-users,
Someone is sending emails from tryisc.com, pretending to be from Internet
Systems Corporation, and offering information about undisclosed BIND software
vulnerabilities. These emails are NOT from ISC, the authors of BIND, and they
are not authorized by ISC.
If you feel you have received illegitimate communications from someone
purporting to be an ISC staff member, please report it
(https://www.isc.org/security-report/). If someone other than ISC.org is
offering to provide software vulnerability information about ISC software, this
is suspicious and probably fraudulent. ISC does offer professional support
services, which includes advance notification of security vulnerabilities in
our software but we have not authorized anyone else to disclose that
information prior to public disclosure.
Be safe out there, and check the domain name if you are not sure about the
sender. ISC.org <http://isc.org/> is signed, so you can also validate it (since
you are all operating resolvers, right?).
Vicky Risk (working at the actual ISC.org <http://isc.org/>)
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
