Alerts and updates

Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.

  • Please see the DocuSign Trust Center page at https://www.docusign.com/trust/compliance/public-certificates under the “Account Server Certificates” section for further details on the new certificate availability and application dates.
  • Please see the DocuSign Trust Center page at https://www.docusign.com/trust/compliance/public-certificates under the “Site Certificates” section for further details on the new certificate availability and application dates.
  • Please see the DocuSign trust page at https://www.docusign.com/trust/compliance/public-certificates for further details on the new certificate NA “Offer” and “Force” schedule dates.
  • Please see the DocuSign Trust Center page at https://www.docusign.com/trust/compliance/public-certificates for further details on the new certificate availability schedule and the EU offer and force schedule dates. 

  • The DocuSign CLM and CLM.CM May 21.4 Product Release will be deployed to the UAT environment on Thursday, April 29, 2021 between 8:00 PM and 11:00 PM, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and fixes that will be posted before UAT deployment. 

    Please contact Technical Support if you have any questions
  • The DocuSign CLM Technology Team will be conducting scheduled maintenance beginning Friday, April 23rd from 22:00 - 02:00 CT April 24 (03:00 - 07:00 GMT, April 24).

    During this time customers on the NA21 instance may experience moments of brief inaccessibility to their account.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.

  • DocuSign was made aware of possible identity theft/loan fraud attempts through the use of legitimate Paycheck Protection Program (PPP) loan processing companies that use DocuSign services for economic stimulus programs in response to the novel Coronavirus pandemic. Potential victims may receive notification from 3rd party identity theft protection services that attempts to verify their identity through DocuSign were made. We encourage anyone who suspects they have been a victim of this type of fraud to visit the U.S. Small Business Administration’s (SBA) Report ID theft and fraud webpage for additional information.

    If you suspect you have been a victim of Paycheck Protection Program (PPP) fraud attempts through a 3rd party company using DocuSign services, report it as suspected account misuse and/or abuse using our Incident Reporting instructions.
  • Please see the DocuSign trust page at https://www.docusign.com/trust/compliance/public-certificates for further details on the new certificate availability schedule and the CA offer and force schedule dates.
  • The DocuSign CLM Technology Team will be conducting scheduled maintenance beginning Friday, April 16th from 15:00 - 19:00 CT (21:00 - 01:00 GMT, April 16-17).

    During this time customers on the EU21 instance may experience moments of brief inaccessibility to their account.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.
  • DocuSign has been made aware of a new malicious document builder named EtterSilent that has been used to impersonate DocuSign to deliver malware to victims. The document builder creates Microsoft Office documents containing malicious macros or attempts to exploit a known Microsoft Office vulnerability (CVE-2017-8570) to download malware onto the victim’s computer. This activity is from malicious third-party sources and is not coming from the DocuSign platform. 

    To date, the malicious documents have been observed to deliver many different malware families such as Trickbot, QBot, Bazar, IcedID and Ursnif. These types of maldocs are typically delivered to victims via phishing attacks. For more information on how to spot phishing, please see our Combating Phishing white paper.

    The following Indicators of Compromise have been seen associated with this activity:

    DESCRIPTION VALUE
    Trickbot payload 9118198afca6e2479fdbcca55a08a4408570d2186a7dd8f261f1821178deb595
    Trickbot distribution URL http://costacars.es/ico/ortodox.php
    EtterSilent maldoc 50fd4b2e51908a55f2c891fb3ffde2c3661e4324c1887e65fabfb1a93a41efb2
    IcedID payload 8e51ccc6c8d14f0365d2d597c8aaf6015238839c0dab90e419107782bf460414
    IcedID distribution URL http://188.127.254.114/44270.7082388889.dat
    EtterSilent maldoc 2baf563da8db9e2ed765fa7697025d277d06ee53424f6513671f2f6b7441387b
    QBot payload 24753d9f0d691b6d582da3e301b98f75abbdb5382bb871ee00713c5029c56d44
    Qbot distribution URL http://kfzhm28pwzrlk02bmjy.com/mrch.gif
    EtterSilent maldoc 16a0c2f741a14c423b7abe293e26f711fdb984fc52064982d874bf310c520b12
    Ursnif payload d5b05a81f377c33a2fba292002d0474b68483225aa09c97a00336fc368383d6a
    Ursnif distribution URL http://musclemodz.com/asrt3.png
    EtterSilent maldoc 267a54f074b688d591d5cfb7831f1adb443ec1441076775cb158bed0d385f712
    Bazar payload b7ce29ffbdf00771b539b28ce01d57cd5805ca3a6ca2eb1b694eed4466912286
    Bazar distribution URL http://itelsys.ma/prod/education.php
    EtterSilent maldoc 5f8e3b19cd4d25ac396cf64f6f448d88e301cf899142bdb03a28cec42eb71389
    Qbot payload 6a984d3aaffeeec32f3803489c71bfd907e2fb74dbc8eeb931c084f11293e1cc
    Qbot distribution URL http://pokojewewladyslawowie.pl/orlpzhiy/44270.5684626157.dat
    EtterSilent maldoc 3a5d67bdc42b7a9ebd1137e49a34d82c0ee99343ae32f3367137db19131c2cf4
    Trickbot payload aa40f9dd1212993f79cc23111de3a8dd5e529dd1a8ca5dceaa30fba53f6f96b4
    Trickbot distribution URL http://mineiro.ch/casrtnoar/count.php
    EtterSilent maldoc 9b1c03b0cca23a94f2d6988c66eb0d246ec2648623765e83dbf20548ac874837
    Ursnif payload 1c65c1a53f1cf5372bb35b5af5130e966b4bb7e7941cc1460f28628249ce5189
    Ursnif distribution URL http://holmesservices.mobiledevsite.co/ds/2803.gif
    EtterSilent maldoc 2a3316b69ec787ca13a3e35697bcfc4a5e37a9a3080434c56fdf17e0593e0a12

     

  • Please see the DocuSign trust page at https://www.docusign.com/trust/compliance/public-certificates for further details on the new certificate availability and the AU, CA and EU offer and force schedule dates.
  • Please see the DocuSign Trust Center page at www.docusign.com/trust/compliance/public-certificates for further details on the new certificate availability and the DEMO Offer and Force schedule.

Pages