OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Total agreement.  Reading is hard apparently :-/

On 8/19/15 11:25 AM, Hinkle, Jacob (LNG-SBO) wrote:

It is distressing the number of high ranking Cyber Security credentials I see at the signature on the “Remove me from this list.” Emails.  So many people don’t/cannot read how to unsubscribe from the list.  What a great pre-made spear phishing list for any one interested…


Complete with phone numbers, titles, and email addresses all going out to anyone who has subscribed to this list.  I’d think the Government personnel would be very concerned about OPSEC considering the OPM breach and IRS frauds we’ve seen recently.


Also, we all know that they have been mandated to take security training and Information Assurance training simply to access their computers.  Poor showing here.  Not inspiring a lot of confidence.


From: cti-users@lists.oasis-open.org [mailto:cti-users@lists.oasis-open.org] On Behalf Of Struse, Richard
Sent: Wednesday, August 19, 2015 11:13 AM
To: cti-users@lists.oasis-open.org




I have a request for everyone on this list.  Please understand that there are over 1,600 people subscribed to just this one list and every time someone sends a message such as “please unsubscribe me” to the alias, over 1,600 people get that message.  That is not a good use of this resource.  As such, I implore anyone interested in unsubscribing from this list to follow the instructions that have been provided by OASIS staff:


1.       PLEASE do NOT send a message to the list itself!  PLEASE!


2.       Instead, send an email message to the mailing list server: cti-users-unsubscribe@lists.oasis-open.org


3.       The server will respond to your message with a request for confirmation: when you receive it, reply to that email message


4.       If the instructions above are unclear, or if steps 2-3 seem to fail, please email (offline, without any CC to the list): robin@oasis-open.org





PS: I know that I have just caused over 1,600 people to receive yet another message unrelated to using STIX/TAXII/CybOX but I’m hoping that this will help everyone understand the importance of using the right mechanisms to handle administrative requests. J



Richard J. Struse


Chief Advanced Technology Officer

National Cybersecurity and Communications Integration Center (NCCIC) and

Stakeholder Engagement and Cyber Infrastructure Resiliency (SECIR)

Cyber Security & Communications

U.S. Department of Homeland Security

e-mail:  Richard.Struse@dhs.gov
Phone:  202-527-2361


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]