Tag Archive for Confidential

Blue Coat Systems Web Filtering/Surveillance Technology Sales Guide

A “Sales Playbook” for distributors of Blue Coat equipment includes pricelists and a guide to selling web filtering technology including some of the very same models discovered by Telecomix to be in use by the Syrian government for spying on their population. These models include the SG-400 and SG-810, among others, which have a price range of $3,999 up to $34,999 depending on the specific model.

Trans-Pacific Partnership (TPP) Leaked Texts June-September 2011

The following texts were obtained and first published by Citizens Trade Campaign (CTC). According to CT, the texts “reveal that the Obama administration has reversed reforms designed to enhance access to affordable medicines made during the George W. Bush administration and is instead demanding new rights for pharmaceutical firms to challenge pricing and other drug formulary policies used by many developed countries to keep down prices.” The texts also have relevance for those studying intellectual property rights as previously leaked versions of the Trans-Pacific Partnership (TPP) demonstrated a number of features that advanced controversial aspects of U.S. copyright law.

Confidential Draft of U.S. Treasury “Volcker Rule” Restrictions on Proprietary Trading With Hedge Funds

The OCC, Board, FDIC, and SEC (individually, an “Agency,” and collectively, “the Agencies”) are requesting comment on a proposed rule that would implement Section 619 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”) which contains certain prohibitions and restrictions on the ability of a banking entity and nonbank financial company supervised by the Board to engage in proprietary trading and have certain interests in, or relationships with, a hedge fund or private equity fund.

UN Confidential Government of Sudan Security Forces in Darfur Report November 2005

The Sudanese Armed Forces (SAF) is a conventional armed force with a mandate to protect and to maintain internal security. It carries out its mandate mainly through ground forces, including Popular Defence Force (PDF) militia, as well as an air force and navy. The Supreme Commander of the armed forces, Lieutenant General Omar Hassan Ahmad el-Bashir, holds both the posts of National President and Commander-In Chief of the Armed Forces and People’s Defence Forces (PDF). For operational purposes he exercises this power through the Minister of Defence (currently major-general Bakri Hassan Saleh). The Minister appoints a Commander of the Armed Forces and Chief of General Staff (currently, general Abbas Arabi) who, together with five Deputy Chiefs of Staff (Operations, Intelligence, Logistics, Administration, Training and Morale), form the Committee of the Joint Chiefs of Staff or Command Group. The air force and navy are individual services under the commander-in-chief.

Florida Fuel Pump Credit Card Skimmer Warning

On December 16, 2010, at approximately 1736 hours, the Melbourne Police Department responded to reports of fraud at the RaceTrac gas station located at 4641 W Eau Gallie Blvd, in Melbourne (MP10-83795). An investigation revealed there was a credit card skimmer installed inside one of the fuel pumps that had been attached with Velcro. Victims began reporting fraudulent charges on their credit card accounts on December 14, 2010 and there have been fourteen (14) reports to date that are believed to be linked with this trend. At this time, it is unknown as to how long the skimmer had been inside the pump. It is estimated that over 600+ credit card numbers have been compromised. The stolen credit card numbers have been used multiple times at bank ATM’s in New York City, most frequently at the Actors Federal Credit Union.

HBGary Qosmos Deep Packet Inspection White Paper

Given the massive volumes of data that the U.S. and other governments must manage and the volume of traffic across IT networks, government-wide security solutions pose significant technical challenges. According to Phil Bond, president of TechAmerica, “Now more than ever, a partnership between the public and private sectors in leveraging IT to achieve a more transparent government is essential to securing the public’s safety.”

HBGary QinetiQ Cyber Attack Response Report

Beginning in March 2010, HBGary, Inc. was contracted to assist in the identification, analysis, and removal of malware from QinetiQ North America (QNA) internal systems. This was in response to what QNA believed to be an organized and sophisticated cyber attack involving the potential theft of ITAR controlled data. HBGary was given background on the attack, which included information on targeted attacks on digital data systems that have occurred in the past.

HBGary General Dynamics Malware Development: Task Z

General Dynamics has selected HBGary Inc to provide this proposal for development of a software tool, which provides the user a command line interface, that will enable single file, or full directory exfiltration over TCP/IP. General Dynamics has requested multiple protocols to be scoped as viable options, and this quote contains options for VoIP (Skype) protocol, BitTorrent protocol, video over HTTP (port 80), and HTTPS (port 443). HBGary will research and analyze the best solution given the client’s choice of protocol(s). As outlined in the Bill of Materials on page 4 of this document, cost per protocol is provided separately, and one or more of the options can be chosen by General Dynamics. HBGary will develop this user mode application with listen capabilities, trace cleanup, and ensure network sniffer testing doesn’t trigger any alerts. The application will be provided for user testing, and validation at the close of the development cycle which will be scheduled jointly between HBGary, and General Dynamics.

HBGary General Dynamics Malware Development: Project C

General Dynamics has selected HBGary Inc to provide this proposal for development of a software application targeting the Windows XP Operating System that, when executed, loads and enables a covert kernel-mode implant that will exfiltrate a file from disk (or other remotely called commands) over a connected serial port to a remote device. The enabling kernel mode implant will cater to a command and control element via the serial port. The demonstration will utilize an exploit in Outlook as the delivery mechanism for said software application. The subsequently loaded implant will be stable and will not crash the demonstration system. A usermode component will be included as part of the exploitation package that exercises the kernel mode implant for demonstration purposes. The loaded implant will use the connected serial port to remotely enable functions which can be visible on the collection computer connected on the other end of the serial line. The purpose of the demonstration setup is to verify the functionality for the customer and validate that all work has been completed.

HBGary General Dynamics DARPA Cyber Genome Program Proposal

Current technologies and methods for producing and examining relationships between software products, particularly malware, are lacking at best. The use of hashing or “fuzzy” hashing and matching techniques are conducted at the program level, ignoring any reflection of the actual development process of malware. This approach is only effective at finding closely related variants or matching artifacts found within malware that are only tangent to the development process, such as hard coded IP address, domains, or login information. This matching process is often unaware of internal software structure except in the most rudimentary sense, dealing with entire sections of code at a time, attempting to align matches while dealing with arbitrary block boundaries. The method is akin to an illiterate attempting comparing two books on the same topic. Such a person would have a chance of correlating different editions of the same book, but not much else. The first fundamental flaw in today’s approach is that it ignores our greatest advantage in understanding relationships in malware lineage, we can deduce program structure into blocks (functions, objects, and loops) that reflect the development process and gives software its lineage through code reuse.

Federal Reserve Script for AIG Counterparty Discussions

We have asked to meet with you in order to give you an opportunity to substantially reduce your counterparty exposure to AIG and assist in promoting the long-term viability of the company as an ongoing concern. As evidenced by recent government actions, the viability of AIG is an important policy objective given the firm’s systemic importance. As we are sure you can appreciate, a collapse of AIG over the weekend of September 13th and 14th following so closely after the collapse of Lehman Brothers would have jeopardized the financial system in general, and your financial institution in particular, given your firm’s exposure to AIG at the time. Indeed, notwithstanding unprecedented governmental action, there has been a dramatic increase in AIG’s CDS spreads, which highlights the significant economic costs that would have been bourn by AIG’s counterparties had the government not intervened and the sizable counterparty exposure that your firm continues to retain with AIG. For these reasons, it is clear to us that we have a common objective in ensuring the firm’s long-term viability. With these points in mind, we would propose that you make us a compelling offer to unwind all your outstanding CDS contracts with AIG referencing ABS CDOs in exchange for the purchase of the underlying CDOs (where the assets are available) at a percentage of the notional amount for the CDS. Of course, we are open to other proposals you might have that would lead to a final resolution of this complex portfolio and therefore satisfy our common objectives.