26
Anonymous vs. HBGary Jared DeMott Principle Security Researcher Crucial Security, Inc.

Anonymous vs. HBGary

  • Upload
    muriel

  • View
    72

  • Download
    1

Tags:

Embed Size (px)

DESCRIPTION

Anonymous vs. HBGary. Jared DeMott Principle Security Researcher Crucial Security, Inc. Sample Topology of Computer Crime. A Message to HBGary after Anonymous Hack. Even at the expense of some country laws and possible safety of others?. Anarchy is best?. Mostly DDoS in the Past. - PowerPoint PPT Presentation

Citation preview

Intro

Anonymous vs. HBGaryJared DeMottPrinciple Security ResearcherCrucial Security, Inc.Greetz! My name is Jared DeMott, and Im going to be talking about the wild west. No, not Little Joe or Pa Cartwright from Bonanza. Cyberspace, the final frontier. Its not all wild out there, things work pretty well at times, and justice is sometimes served to malicious users. But just as often, perhaps even more so, the consequences are mild compared to the damage that can be done.

-Why I have some insight into this1Sample Topology of Computer Crime

Computer crime encompasses a broad range of potentially illegal activities. Generally, however, it may be divided into one of two types of categories: (1) crimes that target computer networks or devices directly; (2) crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device.Examples of crimes that primarily target computer networks or devices would include:Computer virusesDenial-of-service attacksMalwareExamples of crimes that merely use computer networks or devices would include:CyberstalkingFraud and identity theftInformation warfarePhishing scamsA computer can be a source of evidence. Even though the computer is not directly used for criminal purposes, it is an excellent device for record keeping, particularly given the power to encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to criminal investigators.

I could get off on many bunnies trails about different types of attacks, defenses, forensics, and more. But lets stay focused on the attack at hand. What type of cybercrime best describes the HBGary and Anonymous case? One might say Information Warfare, but that tends to be more State based, I think Hacktivism best describes the heart of this case.

2A Message to HBGary after Anonymous Hack

Wow sound pretty heavy. Lets back up and get some background and see if we can understand whats going on here.3

Even at the expense of some country laws and possible safety of others?WikiLeaks is an international non-profit organization that publishes submissions of private, secret, and classified media from anonymous news sources, news leaks, and whistleblowers. Its website, launched in 2006 under The Sunshine Press organization, claimed a database of more than 1.2million documents within a year of its launch. WikiLeaks describes its founders as a mix of Chinese dissidents, journalists, mathematicians, and start-up company technologists from the United States, Taiwan, Europe, Australia, and South Africa. Julian Assange, an Australian Internet activist, is generally described as its director. The site was originally launched as a user-editable wiki, but has progressively moved towards a more traditional publication model and no longer accepts either user comments or edits.

Julian Paul Assange ( /sn/ -SOHNZH; born 3 July 1971) is an Australian publisher, journalist, software developer and Internet activist. He is the editor in chief of WikiLeaks, a whistleblower website and conduit for worldwide news leaks, with the stated purpose of creating open governments. Assange worked as a computer programmer and was a hacker during his youth. He has lived in several countries and has made public appearances in many parts of the world to speak about freedom of the press, censorship and investigative journalism. He has published material about extrajudicial killings in Kenya, toxic waste dumping in Cte d'Ivoire, Church of Scientology manuals, Guantanamo Bay procedures, and banks such as Kaupthing and Julius Baer. In 2010, he published Iraq War documents and Afghan War documents about American involvement in the wars, some of which was classified material. On 28 November 2010, WikiLeaks and its five international print media partners (Der Spiegel, The New York Times, Le Monde, The Guardian and El Pas) began publishing US diplomatic cables.

Assange had a troubled childhood. He was later convicted of hacking, but the penalty was light much because he was not destructive and the judge recognized his troubled youth. He passed on some of those issues when he and his girlfriend had a long custody battle over their son.

CriticismA number of political and media commentators, as well as current and former US government officials, have accused Assange of terrorism. US Vice President Joe Biden argued that Assange was "closer to being a high-tech terrorist than the Pentagon papers." In May 2010 Senate Minority Leader Mitch McConnell had used the phrase, calling Assange "a high-tech terrorist", and saying "he has done enormous damage to our country. I think he needs to be prosecuted to the fullest extent of the law". Also in May 2010, former House Speaker Newt Gingrich said: "Information terrorism, which leads to people getting killed, is terrorism, and Julian Assange is engaged in terrorism. He should be treated as an enemy combatant."

4

Anarchy is best?Anonymous is an Internet meme (an idea that originates and spreads on the internet) originating 2003 on the imageboard 4chan, representing the concept of many online community users simultaneously existing as an anarchic, digitized global brain. An imageboard (also chan, which is short for channel) is a type of Internet forum that revolves around the posting of images.

Beginning with 2008, the Anonymous collective has become increasingly associated with collaborative, international hacktivism, undertaking protests and other actions, often with the goal of promoting internet freedom and freedom of speech. Actions credited to "Anonymous" are undertaken by unidentified individuals who apply the Anonymous label to themselves as attribution.5Mostly DDoS in the Past

ScientologyCensorshipEgypt govBig BizetcThere are 21 ops attributed to the anonymous group on their wiki page. Examples include:-Messing with kids social channels-Hacking Extreme right wing sites-Getting a pedophile arrested-DoS scientology sites-Messing with epileptics via flashing pictures-DDoS hip hop website-In January 2009 members of Anonymous targeted California teen McKay Hatch who runs the No Cussing Club, a website against profanity-On May 20, 2009, members of Anonymous uploaded numerous pornographic videos onto YouTube-The site has drawn over 22,000 supporters world wide and allows for information exchange between the world and Iran, despite attempts by the Iranian government to censor news about the riots on the internet.-DDoS on supports of internet censor-DDoS attacks against anti-piracy groups and law firms.-Operation: Leakspin was conceived by the Anonymous group, with the purpose of sorting through recent WikiLeaks releases and raise awareness of potentially important and previously overlooked cables.-The websites of the government of Zimbabwe were targeted by Anonymous due to censorship of the WikiLeaks documents.-The websites of the government of Tunisia were targeted by Anonymous due to censorship of the WikiLeaks documents and the ongoing -20102011 Tunisian protests. Tunisians were reported to be assisting in these denial-of-service attacks launched by Anonymous.-The website for the Irish political party Fine Gael, a centre right party and currently the Republic of Ireland's largest opposition party, was hacked by Anonymous according to TheJournal.ie-The websites of Egypt's Ministry of Information and President Hosni Mubarak's National Democratic Party were knocked offline by Anonymous in support of protesters calling for Mubarak's ouster during the Egyptian Revolution of 2011-On February 27, 2011, Anonymous announced a new attack on Koch Industries-On March 14, 2011, the group Anonymous began releasing emails it said were obtained from Bank of America. According to the group, the documents document "corruption and fraud", and relate to the issue of improper foreclosures. They say that the source is a former employee from Balboa Insurance, a firm which used to be owned by BofA

Most of the operations performed under the Anonymous branding have been relatively unsophisticated, albeit effective: the attacks made on MasterCard and others were distributed denial-of-service attacks using a modified version of the Low Orbit Ion Cannon (LOIC) load-testing tool. The modified LOIC enables the creation of large botnets that each user opts into: the software can be configured to take its instructions from connections to Internet relay chat (IRC) chat servers, allowing attack organizers to remotely control hundreds of slave machines and hence control large-scale attacks that can readily knock websites offline.

6HBGary Inc.Greg Hoglund, Founder and CEOPenny Leavy-Hoglund, PresidentProductsResponderAnalyze RAM, pagefiles, VMWare images, sort & display images, network links, etcDigital DNA, Active DefenseDetects malware via in-memory analysisHBGary FederalAaron Barr was the CEOSite now says, hbgaryfederal.com is currently offline. Please try again later

HBGary sells software and services to make money. Founded in 2003 by Greg Hoglund (and also I believe Butler and Gary, thus the B and Gary in HBGary), with a focus on computer security products, trainings, and services. Greg and many of his developers are in California, but he has people in DC to work the government market.7The Buildup

In 2010, Aaron Barr, CEO of HBGary Federal, alleged that he could exploit social media to gather information about anonymous.In early 2011, Barr claimed to have used his techniques to infiltrate Anonymous, partly by using IRC, Facebook, Twitter, and social engineering. His e-mails depict his intention to release information on the identities of Anonymous members at a B-Sides conference and to sell it to possible clients, including the FBI.

Why was Barr into this? Anonymous had been DDOSing organizations like Visa, Mastercard, and other perceived enemies of WikiLeaks. Barr thought to make a splash in the DoD scene by finding and releasing or selling info on Anonymous. Why would he do that? Well back up more on the next slide to get more background.

Anonymous denied association with the individuals that Barr named.On February 5-6, 2011, Anonymous hacked their website, copied tens of thousands of documents from HBGary, posted tens of thousands of company emails online, and usurped Barr's Twitter account in revenge. Anonymous also claimed to have wiped Barr's iPad remotely, though this act remains unconfirmed.In Barrs stolen/leaked e-mails, Barr explained that he identified his list of suspected Anonymous "members" by tracing connections through social media, while his main programmer criticized this methodology.

8How did Barr get into this mess?

1.1, 2.1, pwned12?$$ issues!

Barr needed to bring in $$ quickSocial media digging training brought in a few bucks, but not enoughPenny and Greg were both pushing him hard, and divorce was looming in his personal lifeOpportunity to team with others for some corporate investigation work came inThe US Chamber of Commerce wanted to know if certain groups attacking them were "astroturf" groups funded by the large unions. Hunton&Williams was looking to hire a team of security firms to do social media analysisHBGary Federal, Palantir, and Berico started working on a proposal, which never made it to CoCCalling themselves Team ThemisMore work came in regarding a big bank and possible documents they feared would end up on WikiLeaksBarrs fateful clash with Anonymous came, when lacking productive work, he decided to create a B-Sides talk, relating to the WikiLeaks structureHe found someone connected to anonymous and told them his intentionsThey struck back

On October 19, a note arrived. HBGary Federal might be able to provide part of "a complete intelligence solution to a law firm that approached us." That law firm was DC-based powerhouse Hunton & Williams, which boasted 1,000 attorneys and terrific contacts. They had a client who wanted to do a little corporate investigative work, and three small security firms thought they might band together to win the deal. Palantir would provide its expensive link analysis software running on a hosted server, while Berico would "prime the contract supplying the project management, development resources, and process/methodology development." HBGary Federal would come alongside to provide "digital intelligence collection" and "social media exploitation"Barr's strengths.

But before H&W made a decision on Chamber of Commerce plan, it had another urgent request for Team Themis: a major US bank had come to H&W seeking help against WikiLeaks (the bank has been widely assumed to be Bank of America, which has long been rumored to be a future WikiLeaks target.) "We want to sell this team as part of what we are talking about," said the team's H&W contact. "I need a favor. I need five to six slides on Wikileakswho they are, how they operate and how this group may help this bank. Please advise if you can help get me something ASAP. My call is at noon."

Anonymous defended WikiLeaks on several occasions in 2010, even attacking the websites of Visa and MasterCard when the companies refused to process WikiLeaks donations. But Barr also liked the thrill of chasing a dangerous quarry.9

In retaliation for Aaron Barr's claims, members of the group Anonymous hacked the website of HBGary Federal and replaced the welcome page with a message stating that Anonymous should not be messed with, and that the hacking of the website was necessary to defend itself. Using a variety of techniques, including social engineering and SQL injection, Anonymous also went on to take control of the company's e-mail, dumping 68,000 e-mails from the system, erasing files, and taking down their phone system.

The leaked emails revealed the reports and company presentations of other companies in computer security such as Endgame systems who promise high quality offensive software, advertising "subscriptions of $2,500,000 per year for access to 0day exploits".

Among the documents exposed was a PowerPoint presentation entitled The Wikileaks Threat, put together by HBGary Federal along with two other data intelligence firms for Bank of America in December. Within the report, these firms created a list of important contributors to WikiLeaks; they further developed a strategic plan of attack against the site. As TechHerald explains, "the plan included pressing a journalist in order to disrupt his support of the organization, cyber attacks, disinformation, and other potential proactive tactics." The report specifically claims that Glenn Greenwalds support was key to WikiLeaks' ongoing survival.

Anonymous also personally attacked Aaron Barr by taking control of his Twitter account, posting Mr Barr's supposed home address and social security number.

In response to the attacks, founder of HBGary Federal, Greg Hoglund, responded to journalist Brian Krebs, "They didn't just pick on any company, we try to protect the US Government from hackers. They couldn't have chosen a worse company to pick on." After the attacks, Anonymous continued to clog up HBGary Federal fax machines, and made threatening phone calls

10

Some humorous motivation for SQL Injection attacks, which was the first part of the Anonymous hack.11Technical DetailsTime for an Injectionhttp://www.hbgaryfederal.com/pages.php?pageNav=2&page=27Got user databaseRainbow tablesNon-iterative, unsalted MD5 == fairly easy to crackAlas, two HBGary Federal employeesCEO Aaron Barr and COO Ted Veraused passwords that were very simple; each was just six lower case letters and two numbersAllowed for hbgaryfederal website defacementhbgaryfederal.com, was powered by a content management system (CMS). CMSes are a common component of content-driven sites; they make it easy to add and update content to the site without having to mess with HTML and making sure everything gets linked up and so on. Rather than using an off-the-shelf CMS (of which there are many, used in the many blogs and news sites that exist on the Web), HBGaryfor reasons best known to its staffdecided to commission a custom CMS system from a third-party developer.The exact URL used to break into hbgaryfederal.com was http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27. The URL has two parameters named pageNav and page, set to the values 2 and 27, respectively. One or both of these was handled incorrectly by the CMS, allowing the hackers to retrieve data from the database that they shouldn't have been able to get. (usernames and hashed passwords)

Password CrackingA technique first published in 2003 (itself a refinement of a technique described in 1980) gave password crackers an alternative approach. By pre-computing large sets of data and generating what are known as rainbow tables, the attackers can make a trade-off: they get much faster password cracks in return for using much more space. The rainbow table lets the password cracker pre-compute and store a large number of hash values and the passwords that generated them. An attacker can then look up the hash value that they are interested in and see if it's in the table. If it is, they can then read out the password.

As luck would have it, the hbgaryfederal.com CMS used MD5. What's worse is that it used MD5 badly: there was no iterative hashing and no salting. The result was that the downloaded passwords were highly susceptible to rainbow table-based attacks, performed using a rainbow table-based password cracking website. And so this is precisely what the attackers did; they used a rainbow table cracking tool to crack the hbgaryfederal.com CMS passwords.A password that uses the full range of the standard 95 typeable characters (upper and lower case letters, numbers, and the standard symbols found on a keyboard) and which is unusually long (say, 14 or more characters) is unlikely to be found in a rainbow table, because the rainbow table required for such passwords will be too big and take too long to generate.

12Technical DetailsPassword ReuseTeds was good on a HBGary Linux box, support.hbgary.comPrivilege Escalation Months old bug, with public exploit availableStealing of data, and sharing with the worldMakes me wonder what they found, but didnt share....Password ReuseBest practices says no but they both did, for facebook, twitter, linkedin, and more!Although attackers could log on to this machine, the ability to look around and break stuff was curtailed: Ted was only a regular non-superuser. Being restricted to a user account can be enormously confining on a Linux machine. It spoils all your fun; you can't read other users' data, you can't delete files you don't own, you can't cover up the evidence of your own break-in. It's a total downer for hackers.The only way they can have some fun is to elevate privileges through exploiting a privilege escalation vulnerability. These crop up from time to time and generally exploit flaws in the operating system kernel or its system libraries to trick it into giving the user more access to the system than should be allowed. By a stroke of luck, the HBGary system was vulnerable to just such a flaw. The error was published in October last year, conveniently with a full, working exploit. By November, most distributions had patches available, and there was no good reason to be running the exploitable code in February 2011.Exploitation of this flaw gave the Anonymous attackers full access to HBGary's system. It was then that they discovered many gigabytes of backups and research data, which they duly purged from the system.

13Technical DetailsUsing Google Apps for emailAarons reused password lead to access to his company email, but he was also an admin, FTWReset Gregs password to get his email tooFound info about rootkit.comSocial Engineering to pwn rootkit.comKnew a couple things (actually just one, lolz)The root password to the machine running Greg's rootkit.com site was either "88j4bb3rw0cky88" or "88Scr3am3r88 (so they thought)Jussi Jaakonaho, Chief Security Specialist at Nokia, had root access70k emails from Greg, Aaron, Ted, and Phil

Needed a regular, non-root user account to login to rootkit.com, because as a standard security procedure, direct ssh access with the root account is disabled

14Social EngineeringGregSubject: need to ssh into rootkit

im in europe and need to ssh into the server. can you drop open up firewall and allow ssh through port 59022 or something vague? and is our root password still 88j4bb3rw0cky88 or did we change to 88Scr3am3r88 ? thanksJussihi, do you have public ip? or should i just drop fw? and it is w0cky - tho no remote root access allowedSocial EngineeringGregno i dont have the public ip with me at the moment because im ready for a small meeting and im in a rush. if anything just reset my password to changeme123 and give me public ip and ill ssh in and reset my pw.Jussik, it should now accept from anywhere to 47152 as ssh. i am doing testing so that it works for sure. your password is changeme123 i am online so just shoot me if you need something. in europe, but not in finland? :-) _jussiSocial EngineeringGregif i can squeeze out time maybe we can catch up.. ill be in germany for a little bit. anyway I can't ssh into rootkit. you sure the ips still 65.74.181.141? Jussidoes it work now?Social EngineeringGregdid you reset the user greg or?

yup im logged in thanks ill email you in a few, im backed up thanksJussinope. your account is named as hoglund

(later on) did you open something running on high port?Rootkit.com is still down and many well known researchers lost passwords if they were dumb enough to use a good pw on a site like that anyway.

Once the username and password were known, defacing the site was easy. Log in as Greg, switch to root, and deface away! The attackers went one better than this, however: they dumped the user database for rootkit.com, listing the e-mail addresses and password hashes for everyone who'd ever registered on the site. And, as with the hbgaryfederal.com CMS system, the passwords were hashed with a single naive use of MD5, meaning that once again they were susceptible to rainbow table-based password cracking. So the crackable passwords were cracked, too.

So was this entire attack high tech? Not really, pretty standard stuff, but it was executed well.18Actual Emailshttp://hbgary.anonleaks.ch/

Pretty unique in that I dont remember a company, especially a security company, that has lost this much private data.19Actual Documentshttp://publicintelligence.net/tag/hbgary/

Lot of proposals were exposed20FalloutMarch 1, 2011: 17 members of the United States Congress called for a congressional investigation for possible violation of federal law by Hunton & Williams and "Team Themis"

Will Anonymous be help responsible for what they did? * February 7, 2011: Penny Leavy, President of HBGary Inc., entered an Anonymous IRC channel to negotiate with the group. She distanced her company from their partially-owned subsidiary HBGary Federal, clarified the separation of the two, and asked Anonymous to refrain from attacks or leaks that would damage HBGary Inc. and its customers. * February 10, 2011: The Chamber of Commerce issued a statement denying they hired HBGary, calling the allegation a "baseless smear," and criticizing the Center for American Progress and its blog, ThinkProgress, for "the illusion of a connection between HBGary, its CEO Aaron Barr and the Chamber." The Chamber denied the truth of accusations previously leveled by ThinkProgress, stating "No money, for any purpose, was paid to any of those three private security firms by the Chamber, or by anyone on behalf of the Chamber, including Hunton and Williams." * February 11, 2011: Palantir's CEO apologized to Greenwald and severed "any and all contacts" with HBGary. * The CEO and COO of Berico similarly stated that they had "discontinued all ties" with HBGary Federal. * February 28, 2011: Aaron Barr announced his resignation from HBGary Federal to "focus on taking care of my family and rebuilding my reputation." * March 1, 2011: 17 members of the United States Congress called for a congressional investigation for possible violation of federal law by Hunton & Williams and "Team Themis" (the partnership between Palantir Technologies, Berico Technologies, and HBGary Federal). * March 16, 2011: The House Armed Services Subcommittee on Emerging Threats and Capabilities asked the Defense Department and the National Security Agency to provide any contracts with HBGary Federal, Palantir Technologies and Berico Technologies for investigation.

It was also revealed that HBGary Federal was contracted by the U.S. government to develop astroturfing software which could create an "army" of multiple fake social media profiles to manipulate and sway public opinion on controversial issues. This software could also scan for people with points of view the powers-that-be didn't like and then have the "fake" profiles attempt to discredit those "real" people.HBGary had made numerous threats of cyber-attacks against Wikileaks. The dossier of recently exposed emails revealed HBGary Inc. was working on the development of a new type of Windows rootkit, code named Magenta, that would be "undetectable" and "almost impossible to remove."In October 2010, Greg Hoglund proposed to Barr creating "a large set of unlicensed Windows 7 themes for video games and movies appropriate for middle east & asia" which "would contain back doors" as part of an ongoing campaign to attack support for Wikileaks.21

On Oct. 3, 2010, HBGary CEO Greg Hoglund told Aaron that we should have a pow-wow about the future of HBGary Federal. [HBGary President] Penny and I both agree that it hasnt really been a success You guys are basically out of money and none of the work you had planned has come in.April 1st, 2011 Defcon CTF Organizers:HBGary is awarded contract to clean CTF sheep stalls!22Damage to others?HBGaryHunton&Williams?Kevin Zeese, a lawyer with the NGOs VelvetRevolution.us and StopTheChamber.com, filed a complaint with the Washington, D.C. Bar Association earlier this week against John Woods, Richard Wyatt Jr., and Robert QuackenbossPalantir?"I have directed the company to sever any and all contacts with HB Gary," said the CEO of PalantirBerico Technologies?"We find such actions reprehensible and are deeply committed to partnering with the best companies in our industry that share our core values. Therefore, we have discontinued all ties with HBGary Federal."Maybe a bit to other DoD contractors?Endgames, SRA, ManTech, GD, BAH, Symantec, QinetiQ, GD How do you measure loss in todays world?

Its unclear (at least to me, and probably to most) what the actual damages are. Surely HBGary was embarrassed publicly, and got the cold shoulder from once partners, but measuring lost info in terms of exposed proposals has to be difficult to put a number on?? 23Comedyhttp://www.colbertnation.com/the-colbert-report-videos/375428/february-24-2011/corporate-hacker-tries-to-take-down-wikileaks24Technical Lessons LearnedDont have SQL injections in your websitesUse strong passwords14chars with mix of upper, lower, numbersMyTruckisC00l!!Or sentence style passwords for long passwordsmy super duper extra secretive passwordPublic key crypto on ssh2 factor authenticationA good option to help with weak or lost passwordsSocial Engineering TrainingPatch systems very regularlyEmail EncryptionShorter term storage of email as well

Most of this stuff we all know . so why didnt they follow best practices? Because its a pain. Remembering multiple long passwords is not easy in todays on-the-run work environment. Encryption between emails systems still isnt easy, particularly to implement well on evolving mobile platforms. As system engineers, weve got work to do.

An as shown here, the technical lesson is that information security and system designers have to find a way to make it easy and required to follow best practices.

25Moral QuestionsI think work should more then $$I doubt Mr. Barr started with this in mindPeople need the right to free pressBut where is that line when dealing with stolen documents?Should HBGary competitors study the stolen proposals and other documents?What about studying the emails theyre public now?Does two wrongs make a right?Im not sure any of this eye-for-an-eye fighting is good. I dont think any of the players weve talked about so far are role-models for your kids. But I hope the telling of this story has been interesting, entertaining, and enlightening on the types of things that are happening in our day, particularly as it relates to cyber.26null177877.3


Towards Accountable Anonymity - COINS | Research … 2 Preliminary: Anonymity & Pseudonymity} Anonymizing Channels vs. Anonymizing Data A number of Anonymous Communication Systems

Towards Accountable Anonymity - COINS | Research … 2 Preliminary: Anonymity & Pseudonymity} Anonymizing Channels vs. Anonymizing Data A number of Anonymous Communication Systems

Documents
Anonymous surfing

Anonymous surfing

Education
Anonymous Network

Anonymous Network

Technology
HBGary Federal / Berico / Palantir - Private Corporate Surveillance Program on Activists?

HBGary Federal / Berico / Palantir - Private Corporate Surveillance Program on Activists?

Documents
Manual anonymous

Manual anonymous

Internet
info.publicintelligence.netinfo.publicintelligence.net/HBGary-Rootkit.pdf · The contents of this report were produced by SAIC, Inc., under to contract to HBGary, Inc., for contract

info.publicintelligence.netinfo.publicintelligence.net/HBGary-Rootkit.pdf · The contents of this report were produced by SAIC, Inc., under to contract to HBGary, Inc., for contract

Documents
Anonymous Networks · Overview - What is an anonymous network ? - Motivations for anonymous networks - Examples of anonymous networks - Attacks on Anonymous network and solutions

Anonymous Networks · Overview - What is an anonymous network ? - Motivations for anonymous networks - Examples of anonymous networks - Attacks on Anonymous network and solutions

Documents
NetflixOSS A Cloud Native Architecture - Sylvain Leroy · Presentation vs. Tutorial •Presentation –Short duration, focused subject –One presenter to many anonymous audience

NetflixOSS A Cloud Native Architecture - Sylvain Leroy · Presentation vs. Tutorial •Presentation –Short duration, focused subject –One presenter to many anonymous audience

Documents
Anonymous Complaints

Anonymous Complaints

Documents
Liderazgo Significativo de Padres vs. Participación Simbólica Kathleen Roe Executive Director Parents Anonymous of New Jersey, Inc. panjinfo@paofnj.org

Liderazgo Significativo de Padres vs. Participación Simbólica Kathleen Roe Executive Director Parents Anonymous of New Jersey, Inc. [email protected]

Documents
Logging Antivirus Examples Use recent examples from media of such attacks (RSA, Epsilon, Oak Ridge National Labs, HBGary). Articles in business magazines

Logging Antivirus Examples Use recent examples from media of such attacks (RSA, Epsilon, Oak Ridge National Labs, HBGary). Articles in business magazines

Documents
Public Intelligence - Corporate Information …info.publicintelligence.net/HBGary-TeamThemis.pdfand organizational profiles Extensible enterprise targeting and analytical intelligence

Public Intelligence - Corporate Information …info.publicintelligence.net/HBGary-TeamThemis.pdfand organizational profiles Extensible enterprise targeting and analytical intelligence

Documents
Anonymous email

Anonymous email

Technology
Author’s Response to Anonymous Referee 1 Anonymous Referee #1€¦ · Author’s Response to Anonymous Referee 1 Anonymous Referee #1 Received and published: 9 February 2015 This

Author’s Response to Anonymous Referee 1 Anonymous Referee #1€¦ · Author’s Response to Anonymous Referee 1 Anonymous Referee #1 Received and published: 9 February 2015 This

Documents
Spirituality versus Legalism in Alcoholics Anonymous...Spirituality vs. legalism in Alcoholics Anonymous Charlie Bishop, Jr. February 14. 2006 5 incorporated. 9. AA can and will survive

Spirituality versus Legalism in Alcoholics Anonymous...Spirituality vs. legalism in Alcoholics Anonymous Charlie Bishop, Jr. February 14. 2006 5 incorporated. 9. AA can and will survive

Documents
Run-Time Visual Reverse Engineering · • Sabre Security, BinNavi • HBGary, Inspector • SISecure? (Rootkit.com screenshot) Overview and Design. ... Overview and Design. Process

Run-Time Visual Reverse Engineering · • Sabre Security, BinNavi • HBGary, Inspector • SISecure? (Rootkit.com screenshot) Overview and Design. ... Overview and Design. Process

Documents
Apocalypse Anonymous

Apocalypse Anonymous

Documents
SOCIAL MEDIA BRIEF HBGARY

SOCIAL MEDIA BRIEF HBGARY

Technology
22 Anonymous

22 Anonymous

Documents
Meaningful Parent Leadership vs. Token Involvement Kathleen Roe Executive Director Parents Anonymous of New Jersey, Inc. panjinfo@paofnj.org

Meaningful Parent Leadership vs. Token Involvement Kathleen Roe Executive Director Parents Anonymous of New Jersey, Inc. [email protected]

Documents
Anonymous internet

Anonymous internet

Technology
Anonymous Affidavit

Anonymous Affidavit

Documents
About Anonymous

About Anonymous

Education
Pedagogical Content Knowledge for Teaching …...Pedagogical Content Knowledge for Teaching Inclusive Design Anonymous ICER submission Anonymous anonymous@anonymous ABSTRACT Inclusive

Pedagogical Content Knowledge for Teaching …...Pedagogical Content Knowledge for Teaching Inclusive Design Anonymous ICER submission Anonymous anonymous@anonymous ABSTRACT Inclusive

Documents
Anonymous Script

Anonymous Script

Documents
AnonRep: Towards Tracking-Resistant Anonymous Reputation · forded by fully anonymous, unlinkable messaging? Can we build an anonymous reputation system? In an anonymous reputation

AnonRep: Towards Tracking-Resistant Anonymous Reputation · forded by fully anonymous, unlinkable messaging? Can we build an anonymous reputation system? In an anonymous reputation

Documents
Gadgeteers anonymous

Gadgeteers anonymous

Health & Medicine
Anonymous Communications

Anonymous Communications

Documents
A Anonymous

A Anonymous

Design
Fbi anonymous

Fbi anonymous

Technology