[SOLVED] Blocking mail via signer signerhash
- Thread starter poetry
- Start date
It's not provided. We just got message from Microsoft with information provided above with multiple entries in CSV file.
Snippet from email:
"The Microsoft Threat Intelligence Center (MSTIC) is confidentially sharing the attached Activity Alert (AA) and CSV file of related indicators of compromise (IOCs) with Microsoft customers"...
I really am not sure how this information might relate to e-mail at all.
after a quick bit of googling it seems to me that the information provided by Microsoft is related to software you/someone in your organisation has installed on a windows machine, which was originally signed by Bespoke Software Solutions LImited, and that the certificate that was used for signing (belonging to Bespoke Software Solutions) was compromised at some point:
* you need to find the software signed by Bespoke Software Solutions on your Windows Endpoint (PC) and remove it since there might have been a compromise
AFAICT this has nothing to do with emails going through PMG?
after a quick bit of googling it seems to me that the information provided by Microsoft is related to software you/someone in your organisation has installed on a windows machine, which was originally signed by Bespoke Software Solutions LImited, and that the certificate that was used for signing (belonging to Bespoke Software Solutions) was compromised at some point:
* you need to find the software signed by Bespoke Software Solutions on your Windows Endpoint (PC) and remove it since there might have been a compromise
AFAICT this has nothing to do with emails going through PMG?
@Stoiko Ivanov and @hata_ph Thank you for your help. Looks like whoever send us this email mixed information and provided us invalid guidance what to do. Will marked this as solved.