[nsp-sec] FYI RE: *new* 09/22/2009 - Potentially compromised emailcredentials

[Matthew.Swaar at us-cert.gov]

Got feedback from one of my affected customers:

"As a final note, the user reported that the phishing method was an
email with the subject:  Webmail Quota Has Exceeded Limit." 


Thanks again, Gabe.

 
Very Respectfully,

US-CERT Ops Center
703-235-5111
POC: Matt Swaar - Analyst
-----Original Message-----
From: Swaar, Matthew 
Sent: Tuesday, September 22, 2009 4:27 PM
To: 'Gabriel Iovino'; NSP nsp-security
Subject: ACK RE: [nsp-sec] *new* 09/22/2009 - Potentially compromised
emailcredentials


<expletive deleted>...

ACK for

1348|US|CA-DOTNET-AS - California Department of 
1348|US|Transportation|149.136.28.1|oakspam01.dot.ca.gov|dot.ca.gov|geor
1348|US|ge_crosby at dot.ca.gov
2576|US|DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.194.50|SMTP04.dot.gov|dot.gov|craig.larson
2576|US|@dot.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.194.50|SMTP04.dot.gov|dot.gov|joe.toole at do
2576|US|t.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.194.50|SMTP04.dot.gov|dot.gov|yehuda.gross
2576|US|@dot.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.194.52|SMTP06.dot.gov|dot.gov|hassan.raza@
2576|US|dot.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.194.52|SMTP06.dot.gov|dot.gov|walter.kulyk
2576|US|@dot.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.194.52|SMTP06.dot.gov|fhwa.dot.gov|matthew
2576|US|.hake at fhwa.dot.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.195.141|SMTP05.dot.gov|dot.gov|gordon.delc
2576|US|ambre at dot.gov DOT-AS - U. S. Department of 
2576|US|Transportation|204.68.195.141|SMTP05.dot.gov|dot.gov|susan.liss@
2576|US|dot.gov
27016|US|NRC-NET - United States Nuclear Regulatory 
27016|US|Commission|148.184.176.41|mail1.nrc.gov|nrc.gov|tracy.scott at nrc
27016|US|.gov
3136|US|STATE-OF-WISCONSIN-AS1 - State of WI Dept. of 
3136|US|Administration|165.189.56.61|smtp.state.wi.us|dot.wi.gov|cynthia
3136|US|.bilke at dot.wi.gov
3136|US|STATE-OF-WISCONSIN-AS1 - State of WI Dept. of 
3136|US|Administration|165.189.56.61|smtp.state.wi.us|dot.wi.gov|george.
3136|US|silverwood at dot.wi.gov
4193|US|WA-STATE-GOV - Department of Information 
4193|US|Services|165.151.24.61|ecymxlcy00.ecy.wa.gov|ecy.wa.gov|dden461@
4193|US|ecy.wa.gov
NA||NA|0.0.0.0|    |dot.govr|dick.schaffe at dot.govr 


Thanks, Gabe!
 
Very Respectfully,

US-CERT Ops Center
703-235-5111
POC: Matt Swaar - Analyst
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Gabriel
Iovino
Sent: Tuesday, September 22, 2009 3:54 PM
To: NSP nsp-security
Subject: [nsp-sec] *new* 09/22/2009 - Potentially compromised
emailcredentials

----------- nsp-security Confidential --------