Educause Security Discussion mailing list archives
Looking for Next Gen Firewall RFP
From: "Carroll, Tim" <Carrolltd () ROANESTATE EDU>
Date: Tue, 24 Nov 2015 17:31:43 +0000
Good Afternoon, I am looking for someone who may have developed an RFP for Next Generation Firewalls. We are in the process of developing one and would prefer to not start from scratch. If you have one and would be willing to share, please contact me directly. Thanks. Regards, Timothy D. Carroll Assistant Vice President and Chief Information Officer Information Technology Roane State Community College carrolltd () roanestate edu 865-882-4560 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Scott Finlon Sent: Monday, November 23, 2015 11:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] iPhone contacting a sinkhole -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Normally when we are contacted back about these notifications we make the same comments that have been said here and reference that it's likely XcodeGhost. We normally also reference an article [1] that explains what it is, and and another [2] that lists a number of apps that are known to be infected. It seems the macrumors article [3] that was mentioned by Mike has a few extra apps that the Ars one doesn't have so I'll add that one in. As always, if you have any questions regarding the notifications that you receive from REN-ISAC, please feel free to reply and we'll let you know any and all information that we have about them. Thank you, Scott Finlon Principal Security Engineer REN-ISAC [1] https://www.fireeye.com/blog/threat-research/2015/11/xcodeghost_s_a_new. html [2] http://arstechnica.com/security/2015/09/apple-scrambles-after-40-malicio us-xcodeghost-apps-haunt-app-store/ [3] http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/ On 11/20/2015 4:18 PM, Michael William Zimmer wrote:
Wow, thank you for bringing this topic up! We have been receiving similar alerts recently and found in each case that it pointed back to same iOS device. We have identified the user as an international student from China. Until now, we weren't certain when our Student Tech Center would have a chance to work with it - but they will send this URL to the student in the meantime. Thank you - and I guess you can add NAU to your list of 'also seeing this' group. Michael Zimmer Northern Arizona University Flagstaff, AZ -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Iglesias Sent: Friday, November 20, 2015 1:56 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] iPhone contacting a sinkhole On 11/20/2015 12:44 PM, McClenon, Brady wrote:We have received three alerts from REN-ISAC in the last month or so about an address on our network contacting a sinkhole. In each case the device was a student's iPhone on our residential network (a different student in each case). I'm curious if anyone else has seen this and if they have had any luck determining what is causing it.It's XcodeGhost. http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/ We've had RI notices about this too. We point the students at the page above and tell them to remove all the apps noted on the list of apps that page points to, and then reinstall them if they want them back.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWUzxCAAoJEHUim8hreGrASrgQAKccc2aO77Md97xv1Bs4V/Eb Egc/VFqeW8JnN816DJpWOAgtw0iYCswxQvZPyN5hkmCEP+r3HT2ooTMZPENUBKCw PCB0XHU2NJSmAs/KJ6YDfA5YopjlOwGyxc4ZO9SENcGNLe2du/G0wCso/JRoZZJf ccZ8qSTtPvCaajVTmZfUcRv+ABkANcX+kXjY/zZ49ZCqBOrcg5+0XwgBL7j0pR4b +4EN/OlJKD/d3ThYbHBWxf+vbWeo7nFLC44mSOlDtv4tWzzP/4rzMLgoBGZJaHNZ X+kloFloRng04sKgd8LJYpMCQVoZN6LirVUQgq1RYPPUSyDKb+4Fo9Mv/beBeKq2 LxgOgVt/rjSy/+b2m4tP2dK07Q04eqaO8iQt9a50kog9E1o4BZzyr4dmSsGPskSh u2DjdYfzD/Nto0QRLJZfy5MwKsQxBak1aBPfQcoHznnDZN7362BtGTIZ013D5u9X 4Zk1cPMXcOlBK7i3qiNRg8eGzH2EqFPFPQwqpW5JYax7qX4Y1uLvapfFL6pE95We rVZV/ChMHmXl8xyBFuE43T8rr2iAbScwx27hhdloIeMDWj1K2P76OmX/KODauwx5 Teou+aq91YnRwcMlc6qPpV4HnqlNXXZPMjlZL794pKtZK6H9tzzvJD6LlU1K0IdN dwpzYFzmUstX48R5YYnu =5OSl -----END PGP SIGNATURE----- ________________________________ This email is intended for the addressee and may contain privileged information. If you are not the addressee, you are not permitted to use or copy this email or its attachments nor may you disclose the same to any third party. If this has been sent to you in error, please delete the email and notify us by replying to this email immediately.
Attachment:
Mr Timothy D Carroll.vcf
Description: Mr Timothy D Carroll.vcf
Current thread:
- Looking for Next Gen Firewall RFP Carroll, Tim (Nov 24)