Alerts and updates

Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.

  • Alert: SSO Certificate Upgrade

    12/15/2020

    It was necessary for the DocuSign CLM/SpringCM Technology teams to update the certificate used to sign outgoing SAML requests. This is scheduled to take place between 19:00 and 20:00 CT 12/15/2020. The short timeframe between this notice and the update was necessary given the incident documented in the Trust Post earlier today.

    If you are using SSO with DocuSign CLM/SpringCM in your CLM.CM account and your Identity Provider is set to validate the signature on incoming SAML requests, but is not setup to monitor and auto update the certificate via DocuSign CLM/SpringCM's service provider metadata, you may need to upgrade the certificate manually.

    This newer certificate differs from the certificates originally scheduled for upgrade on December 11th.

    New certificates will be available in Account Preferences in your CLM.CM Account under Admin>Integrations>SAML SSO at the time of upgrade and are also available via public download below.

    PRD & UAT Certificates

    Please contact DocuSign CLM Technical Support with any questions.

  • Alert: Planned SSO Certificate Upgrade

    12/07/2020

    [UPDATED Dec 15, 2020 05:11PM] The DocuSignCLM/CLM Technology Team has removed the downloadable links to the certificates.  We will be providing an updated certificate in the next 24 hours.

    [POSTED December 7, 2020] On Friday, December 11, 2020 at 21:00 CT, DocuSign CLM/SpringCM will be upgrading the certificate used to sign outgoing SAML requests. If you are using SSO with DocuSign CLM/SpringCM in your CLM.CM account and your Identity Provider is set to validate the signature on incoming SAML requests, but is not setup to monitor and auto update the certificate via DocuSign CLM/SpringCM's service provider metadata, you may need to upgrade the certificate manually.

    New certificates will be available in Account Preferences in your CLM.CM Account under Admin>Integrations>SAML SSO at the time of upgrade and have been made available now via public download below.

    NOTE: It is possible for customers to trust both the new certificate and the old certificate simultaneously so as to ensure no disruption of service at the time of the upgrade.

    Please contact DocuSign CLM Technical Support with any questions.

  • Update: NA11 Scheduled Maintenance Beginning Saturday, December 12, 2020

    12/04/2020

    The DocuSign CLM/SpringCM Technology Team will be conducting scheduled maintenance beginning Saturday, December 12th at 22:00 - 02:00 CT Dec 12 (04:00 - 08:00 GMT, Dec 12).

    During this time customers on the NA11 instance may experience moments of brief inaccessibility to their account.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.

  • UPDATE: Subprocessor Update for DocuSign Products and Services, November 20, 2020

    11/20/2020

    DocuSign has updated the subprocessor lists for our products and services: https://www.docusign.com/trust/privacy/subprocessors-list 

    Please contact privacy@docusign.com for any questions regarding this subprocessor information. 


     

  • Alert: New Phishing Campaign Observed

    11/17/2020

    DocuSign has observed a new phishing campaign that contains DocuSign themed messages with Google URLs linking to downloadable Microsoft Office files that contain malicious URLs. This malspam phishing technique is spoofing DocuSign envelope emails.

    The emails are seen to be sent from spoofed senders such as, “DocuSign Signature and Invoice," "DocuSign Signature," "DocuSign Signature and Invoice Service," "DocuSign Electronic Signature Service" or "DocuSign Electronic Signature and Invoice".

    The emails have been observed to have many closely related subject lines including:" You got invoice from DocuSign Electronic Service," " You got invoice from DocuSign Electronic Signature Service," “You received invoice from DocuSign Signature Service,” and “You received notification from DocuSign Electronic Signature Service”.

    C2 sites include:

    • summervillesouthernsmiles.com/f44.exe
    • theriond.com/8/forum.php
    • edisrictisirs.ru/8/forum.php
    • brankinsto.ru/8/forum.php
    • cussoricti.com

    These emails are not sent from DocuSign. Do not click on the link in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing, please see our Combating Phishing white paper.

  • Update: DocuSign CLM December 20.9 Product Release: PROD - December 4, 2020

    11/16/2020

    The Docusign CLM and CLM.CM December 20.9 Product Release will be deployed to the EU11, EU21 Production environments on Friday, December 4, 2020 from 1:30PM - 5:30PM, U.S Central Time, and to the NA11, NA21, US11, US12 Production environments between 9:00 PM and Midnight, US Central Time.

    We do not anticipate any impact to platform availability during this time.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

  • Update: NA11 Scheduled Maintenance Saturday, November 21, 2020

    11/16/2020
    The DocuSign CLM/SpringCM Technology Team will be conducting scheduled maintenance beginning Saturday, November 21st at 22:00 - 03:00 CT Nov 22 (04:00 - 09:00 GMT, Nov 22).

    During this time customers on the NA11 instance may experience moments of brief inaccessibility to their account.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.

  • Update: UAT Scheduled Reporting Maintenance Friday December 4–Sunday, December 6

    11/16/2020

    The DocuSign CLM/SpringCM Technology Team will be conducting scheduled maintenance beginning Friday, 12/4/20 at 21:00 - Sunday 12/6/2020 at 21:00 CT.

    During this time customers on the UAT instance may experience out of date/incomplete data returned in reports. 

    The maintenance is isolated to reporting functionality only.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.

  • [CANCELLED] Update: NA11|NA21|EU11|EU21|US11|US12 Scheduled Reporting Maintenance Friday, December 11–Sunday, December 13

    11/16/2020

    [UPDATE 11/24/2020] The DocuSign CLM/SpringCM Technology Team has cancelled this maintenance event and will reschedule at a future date in 2021. We apologize for any inconvenience.

    [POSTED 11/16/2020] The DocuSign CLM/SpringCM Technology Team will be conducting scheduled maintenance beginning Friday, 12/11/20 at 21:00 - Sunday, 12/13/20 at 21:00 CT .

    During this time customers on the NA11|NA21|EU11|EU21|US11|US12 instances may experience out of date/incomplete data returned in reports.

    The maintenance is isolated to reporting functionality only.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.

  • Update: NA21 Scheduled Maintenance Saturday, 11/14/2020

    11/09/2020

    The DocuSign CLM/SpringCM Technology Team will be conducting scheduled maintenance beginning Saturday, November 14th at 22:00 - 01:00 CT (04:00 - 07:00 GMT, Nov 15 2020).

    During this time customers on the NA21 instance may experience moments of brief inaccessibility to their account.

    We apologize for any inconvenience during this time.

    Please reach out to DocuSign CLM Technical Support for any questions or concerns and check back here for updates regarding the schedule.

  • Alert: New Phishing Campaign Observed

    11/05/2020

    DocuSign has observed a new phishing campaign with malicious attachments pushing spoofed DocuSign documents that is exploiting the U.S. election. This malspam phishing technique is not spoofing DocuSign envelope emails.

    The emails are coming from a variety of email addresses with no consistency in subject line.

    The emails have been observed to come as thread replies, and contain a zip attachment named ElectionInterference_[8 to 9 digits].zip. The email wants recipients to open the document and read about "election interference". Once the zip file is extracted, there is an Excel spreadsheet that spoofs that it is a secure DocuSign file, stating, "This document is encrypted by DocuSign Protect Service." Users are instructed to allow macros to decrypt the document which downloads a malicious payload and further links to compromised sites. The URL for the payload is encoded in a cell of a Cryillic-named sheet “Лист3”.

    These emails are not sent from DocuSign. Do not download the attachments in these emails, instead please forward them to spam@docusign.com and then delete the email immediately.

    For more information on how to spot phishing, please see our Combating Phishing white paper.

  • Update: DocuSign CLM and CLM.CM December 20.9 Product Release: UAT 11/19/2020

    11/02/2020

    The DocuSign CLM and CLM.CM December 20.9 Product Release will be deployed to the UAT environment on Thursday, November 19, 2020 between 8:00 PM and 11:00 PM, US Central Time. We don't anticipate any impact to availability or access during this Product Release.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and bug fixes that will be posted prior to UAT deployment. 

    Please contact Technical Support if you have any questions.

Pages