November 10, 2011 in Corporate
A “Sales Playbook” for distributors of Blue Coat equipment includes pricelists and a guide to selling web filtering technology including some of the very same models discovered by Telecomix to be in use by the Syrian government for spying on their population. These models include the SG-400 and SG-810, among others, which have a price range of $3,999 up to $34,999 depending on the specific model.
October 31, 2011 in United States
The following texts were obtained and first published by Citizens Trade Campaign (CTC). According to CT, the texts “reveal that the Obama administration has reversed reforms designed to enhance access to affordable medicines made during the George W. Bush administration and is instead demanding new rights for pharmaceutical firms to challenge pricing and other drug formulary policies used by many developed countries to keep down prices.” The texts also have relevance for those studying intellectual property rights as previously leaked versions of the Trans-Pacific Partnership (TPP) demonstrated a number of features that advanced controversial aspects of U.S. copyright law.
October 6, 2011 in Department of the Treasury, Federal Reserve
The OCC, Board, FDIC, and SEC (individually, an “Agency,” and collectively, “the Agencies”) are requesting comment on a proposed rule that would implement Section 619 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”) which contains certain prohibitions and restrictions on the ability of a banking entity and nonbank financial company supervised by the Board to engage in proprietary trading and have certain interests in, or relationships with, a hedge fund or private equity fund.
July 18, 2011 in Sudan, United Nations
The Sudanese Armed Forces (SAF) is a conventional armed force with a mandate to protect and to maintain internal security. It carries out its mandate mainly through ground forces, including Popular Defence Force (PDF) militia, as well as an air force and navy. The Supreme Commander of the armed forces, Lieutenant General Omar Hassan Ahmad el-Bashir, holds both the posts of National President and Commander-In Chief of the Armed Forces and People’s Defence Forces (PDF). For operational purposes he exercises this power through the Minister of Defence (currently major-general Bakri Hassan Saleh). The Minister appoints a Commander of the Armed Forces and Chief of General Staff (currently, general Abbas Arabi) who, together with five Deputy Chiefs of Staff (Operations, Intelligence, Logistics, Administration, Training and Morale), form the Committee of the Joint Chiefs of Staff or Command Group. The air force and navy are individual services under the commander-in-chief.
February 23, 2011 in Corporate
Given the massive volumes of data that the U.S. and other governments must manage and the volume of traffic across IT networks, government-wide security solutions pose significant technical challenges. According to Phil Bond, president of TechAmerica, “Now more than ever, a partnership between the public and private sectors in leveraging IT to achieve a more transparent government is essential to securing the public’s safety.”
February 22, 2011 in Corporate
Beginning in March 2010, HBGary, Inc. was contracted to assist in the identification, analysis, and removal of malware from QinetiQ North America (QNA) internal systems. This was in response to what QNA believed to be an organized and sophisticated cyber attack involving the potential theft of ITAR controlled data. HBGary was given background on the attack, which included information on targeted attacks on digital data systems that have occurred in the past.
February 17, 2011 in Corporate
General Dynamics has selected HBGary Inc to provide this proposal for development of a software tool, which provides the user a command line interface, that will enable single file, or full directory exfiltration over TCP/IP. General Dynamics has requested multiple protocols to be scoped as viable options, and this quote contains options for VoIP (Skype) protocol, BitTorrent protocol, video over HTTP (port 80), and HTTPS (port 443). HBGary will research and analyze the best solution given the client’s choice of protocol(s). As outlined in the Bill of Materials on page 4 of this document, cost per protocol is provided separately, and one or more of the options can be chosen by General Dynamics. HBGary will develop this user mode application with listen capabilities, trace cleanup, and ensure network sniffer testing doesn’t trigger any alerts. The application will be provided for user testing, and validation at the close of the development cycle which will be scheduled jointly between HBGary, and General Dynamics.
February 17, 2011 in Corporate
General Dynamics has selected HBGary Inc to provide this proposal for development of a software application targeting the Windows XP Operating System that, when executed, loads and enables a covert kernel-mode implant that will exfiltrate a file from disk (or other remotely called commands) over a connected serial port to a remote device. The enabling kernel mode implant will cater to a command and control element via the serial port. The demonstration will utilize an exploit in Outlook as the delivery mechanism for said software application. The subsequently loaded implant will be stable and will not crash the demonstration system. A usermode component will be included as part of the exploitation package that exercises the kernel mode implant for demonstration purposes. The loaded implant will use the connected serial port to remotely enable functions which can be visible on the collection computer connected on the other end of the serial line. The purpose of the demonstration setup is to verify the functionality for the customer and validate that all work has been completed.
February 14, 2011 in Corporate
Confidential HBGary McAfee Management Presentation from November 2010.
February 14, 2011 in Corporate, Defense Advanced Research Projects Agency
Current technologies and methods for producing and examining relationships between software products, particularly malware, are lacking at best. The use of hashing or “fuzzy” hashing and matching techniques are conducted at the program level, ignoring any reflection of the actual development process of malware. This approach is only effective at finding closely related variants or matching artifacts found within malware that are only tangent to the development process, such as hard coded IP address, domains, or login information. This matching process is often unaware of internal software structure except in the most rudimentary sense, dealing with entire sections of code at a time, attempting to align matches while dealing with arbitrary block boundaries. The method is akin to an illiterate attempting comparing two books on the same topic. Such a person would have a chance of correlating different editions of the same book, but not much else. The first fundamental flaw in today’s approach is that it ignores our greatest advantage in understanding relationships in malware lineage, we can deduce program structure into blocks (functions, objects, and loops) that reflect the development process and gives software its lineage through code reuse.
November 8, 2010 in United Nations
Confidential United Nations Department of Safety and Security Afghanistan Elections Daily Situation Reports from September 16-17 2010.
November 3, 2010 in United Nations
Eleven confidential reports from the United Nations Department of Safety and Security regarding operations in Afghanistan from August 6 to October 21, 2010.
October 6, 2010 in Corporate
Four versions of the confidential law enforcement guide to requesting information from Facebook.
September 7, 2010 in Australia, Canada, European Union, Japan, Mexico, Singapore, United States
U.S. Confidential Anti-Counterfeiting Trade Agreement (ACTA) August 25, 2010 Draft.
August 17, 2010 in Corporate, Department of Justice
Confidential Law Enforcement Telephone, Cellular, Satellite & VoIP Investigation Guide, March 10, 2010.
August 13, 2010 in Corporate
AIG Global Restructuring Plan Overview, September 28, 2008.
August 13, 2010 in Federal Reserve
We have asked to meet with you in order to give you an opportunity to substantially reduce your counterparty exposure to AIG and assist in promoting the long-term viability of the company as an ongoing concern. As evidenced by recent government actions, the viability of AIG is an important policy objective given the firm’s systemic importance. As we are sure you can appreciate, a collapse of AIG over the weekend of September 13th and 14th following so closely after the collapse of Lehman Brothers would have jeopardized the financial system in general, and your financial institution in particular, given your firm’s exposure to AIG at the time. Indeed, notwithstanding unprecedented governmental action, there has been a dramatic increase in AIG’s CDS spreads, which highlights the significant economic costs that would have been bourn by AIG’s counterparties had the government not intervened and the sizable counterparty exposure that your firm continues to retain with AIG. For these reasons, it is clear to us that we have a common objective in ensuring the firm’s long-term viability. With these points in mind, we would propose that you make us a compelling offer to unwind all your outstanding CDS contracts with AIG referencing ABS CDOs in exchange for the purchase of the underlying CDOs (where the assets are available) at a percentage of the notional amount for the CDS. Of course, we are open to other proposals you might have that would lead to a final resolution of this complex portfolio and therefore satisfy our common objectives.
August 12, 2010 in Corporate
This presentation outlines a structure (“Maiden Lane III”) to resolve the liquidity drain at AIG from the multi-sector CDO book (primarily U.S. subprime mortgage exposure)
August 4, 2010 in Corporate
Confidential Cisco Law Enforcement IP Networks Presentation, December 3, 2007.
August 3, 2010 in Corporate
Confidential Verizon Wireless Leveraging Commercial Wireless Services for Law Enforcement Brief, May 14, 2008.
July 15, 2010 in European Union, United States
EU Restricted, U.S. Confidential Anti-Counterfeiting Trade Agreement (ACTA) July 2010 Draft.
July 1, 2010 in Corporate
BP RFID “People Tracking” Brief from May 2005.