Re: URL's that have been blocked so far

[Wendell McCarty <wendell () UKY EDU>]

Please ignore the message I mistakenly sent to the educause Security list, it was meant for our internal Security 
Distribution list.

 

-- 

Wendell McCarty

 

ITS Enterprise Security

University of Kentucky

(859)257-2200

 

 

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Wendell McCarty 
<wendell () UKY EDU>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Tuesday, August 22, 2017 at 8:03 AM
To: <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] URL's that have been blocked so far

 

I have found the 3 URLS below so far in the “Emergency” spam emails.

 

All 3 have been blocked in the sonicwall.

 

I suspect that some of the compromised accounts that have been sending the spam fell victim to the spam and in turn 
were/are being used to spam from.

 

That may explain why there have been so many accounts used.

 

If any of you see any new URL’s, let Michael or myself know and we’ll block them in the sonicwall as well.

 

Wendell

 

 

kyschoolsus.myfreesites.net/

helpdesk-uky.myfreesites.net/

helpdeskuky.000webhostapp.com

 

 

-- 

Wendell McCarty

 

ITS Enterprise Security

University of Kentucky

(859)257-2200