Filtered By
XKEYSCORE (XKS) X
Codewords [filter]
Computer Network Operations X
Document Topic [filter]
Results
21 Total
0.0

DEFIANTWARRIOR and the NSA’s Use of Bots

Document

Release Date: 2015-01-17 Document Date: 2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY DEFIANTWARRIO R 7 / //and the ; NSA's Uè^ojÆotá/ Overall Classification: TOP SECRET//COMINT//REL FVEY Current As Of: 24 May 2010 Derived From: NSA/CSS...
0.0

BYZANTINE HADES: An Evolution of Collection

Document

Release Date: 2015-01-17 Document Date: 2010-06-01
This June 2010 NSA presentation for the SIGDEV conference describes efforts to trace a suspected Chinese cyber attack: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (S//REL)BYZANTINE HADES: An Evolution of Collection NTOC, V225 SIGINT Development Conference June 2010 TOP SECRET//COMINT//REL TO...
0.0

TUTELAGE

Document

Release Date: 2015-01-17
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA, TOP SECRET//COMINT//REL TO USA, FVEY Before TUTELAGE... AFTERk INTRUSION Manual Analysis of Reporting Lo...
0.0

TRANSGRESSION Overview for Pod58

Document

Release Date: 2015-01-17 Document Date: 2010-02-07
This 7 February 2010 NSA presentation outlines techniques to “discover, understand, evaluate, and exploit foreign CNE/CNA exploits”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOPSECRET//COMINT//REL TO USA, FVEY TRANSGRESSION Overview for Pod58 S31177 7 Feb 2010 DERIVED FROM: NSA/CSSM 1-52 DATED 08 JAN 2007 DECLASSIFY ON: 20320108 TOPSECRET//COMINT//REL T...
0.0

CNE End Point Requirements

Document

Release Date: 2015-01-17
This undated GCHQ reference document enumerates the processes and tools analysts use for computer network exploitation: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET STRAP1 COMINT CNE End Point Requirements CATEGORY O Experimt O Refinemer O Bug Fix O ALL REQTYPE O Capability O Convergenc O Query O Taskir O Viewe Oall PRIOR...
0.0

SIGINT Development Support II Program Management Review

Document

Release Date: 2016-08-19 Document Date: 2013-04-24
Four slides taken from a 24 April 2013 NSA presentation detail how SECONDDATE man-in-the-middle attacks were used against targets in Pakistan and Lebanon: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//SI//NOFORN The overall classification of this brief is (U) SIGINT Development Support II Program Management Review ► 24 April 2013 TOP SECRET//COMINT//NOFORN Derived Fro...
0.0

APEX Active/Passive Exfiltration

Document

Release Date: 2015-01-17 Document Date: 2009-08-01
This NSA TURBULENCE presentation dated August 2009 explains the APEX method of combining passive with active methods to exfiltrate data from networks attacked: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Active/Passive Exfiltration "go apex" STDP: S32354 & T112, NCSC/C91 August 2009 OP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMHMT//REL TO USA. AUS. CAN....
0.0

Using XKEYSCORE to Enable TAO

Document

Release Date: 2015-07-01 Document Date: 2009-07-16
This NSA presentation from 16 July 2009 explains how the XKeyScore system supports the agency’s Tailored Access Operations: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
using-xks-to-enable-tao-p1-normal.gif: TOP SECRET//COMINT//REL TO USA. AUS, CAN. GBR. NZL//20291123 Ait* tuv. Using XKEYSCORE to Enable TAO Booz I AJIen l Hamilton SDS Analyst 16 July ...
0.0

SIGDEV: Is It Time for a ‘Target Reboot’?

Document

Release Date: 2015-11-18 Document Date: 2011-03-23
This 23 March 2011 article from the internal NSA newsletter SIDToday describes an analyst’s surprise at discovering that the agency was collecting internal communications from Venezuelan energy company Petróleos de Venezuela (PDVSA): see the Intercept article Overwhelmed NSA Surprised To Discover Its Own Surveillance “Goldmine” on Venezuela’s Oil Executives, 18 November 2015.
sigdev-is-it-time-for-a-target-reboot-p1-normal.gif: DYNAMIC PAGE - HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL Welcome! Saturday, 10 Nov 2012 ...
0.0

Exploiting Foreign Lawful Intercept (LI) Roundtable

Document

Release Date: 2015-09-29 Document Date: 2012-01-01
This NSA presentation from 2012 discusses techniques for subverting “lawful intercept” systems used abroad: see the Intercept article A Death in Athens: Did a Rogue NSA Operation Cause the Death of a Greek Telecom Employee?, 29 September 2015.
2012-lawful-intercept-redacted2-p1-normal.gif: TOP SECRET//SI//REL TO USA, FVEY (S//SI//REL) Exploiting Foreign Lawful Intercept (LI) Roundtable S31122 TOP SECRET//SI//REL TO USA, FVEY...
0.0

Bad guys are everywhere, good guys are somewhere!

Document

Release Date: 2014-09-14
This undated NSA presentation sets out the network-mapping tool Treasure Map, and supplies information on some of the agency’s collection access points: see the Intercept article New Zealand Launched Mass Surveillance Project While Publicly Denying It, 15 September 2014.
Bad guys are everywhere, good guys are somewhere! NSA/CSS Threat Operations Center (NTOC) NTOC Technology Development TS//SI//REL TO USA, FVEY (U) NTOC • (U//FOUO) Operates under bot...
0.0

CNE Analysis in XKeyScore

Document

Release Date: 2015-07-01 Document Date: 2009-10-15
This NSA presentation from 15 October 2009 explains how analysts can exploit the products of the agency’s CNE hacking operations within XKeyScore and provides examples with screenshots: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
CNE Analysis in XKEYSCORE 15 October 2009 xkeyscore@nsa.ic.gov l@nsa.ic.gov) y >M 1-5 TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL DERIVED F ROM: Ñ WCSSM 1-52 DATED: 2...
0.0

SPINALTAP: Making Passive Sexy for Generation Cyber

Document

Release Date: 2015-01-17
This undated NSA Menwith Hill presentation describes SPINALTAP, a project to combine data from active operations and passive signals intelligence: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY / '■%.^ (U//FOUO) SPINALTAP: Making Passive Sexy for Generation Cyber TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA, FVE...
0.0

MHS Leverages XKS for Quantum Against Yahoo and Hotmail

Document

Release Date: 2014-03-12
This extract from an NSA document describes research into Quantum tools being performed at Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
(U) MHS Leverages XKS for QUANTUM Against Yahoo and Hotmail TOP SECRET//SI//REL TO USA, FVEY (TS//SI//REL) MHS Leverages XKEYSCORE Deep-Dive Packet Analysis to Identify Feasibility of QUANTU...
0.0

CSEC SIGINT Cyber Discovery: Summary of the current effort

Document

Release Date: 2015-01-17 Document Date: 2010-11-18
This CSEC presentation for a November 2010 conference outlines CSEC capabilities in the recognition of trojans and other “network based anomolies”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET II COMINT ■ Communications Security Establishment Canada Centre de la sécurité des télécommunications Canada CSEC SIGINT Cyber Discovery: Summary of the current effort ...
0.0

iPhone target analysis and exploitation with unique device identifiers

Document

Release Date: 2015-01-17 Document Date: 2010-11-12
This GCHQ research paper dated 12 November 2010 discuss some of the agency’s attacks against iPhone handsets: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET STRAP1 12th November 2010 ICTR-MCT Team (ICTR-MCT-GCHQ-dl) MHE Team (MHETeam-GCHQ-dl) OPDSDHQ^^^H TEA Benhall Records Centre iPhone target analysis and exploitation wit...
0.0

Targets visiting specific websites

Document

Release Date: 2015-07-01
Ths undated set of annotated screenshots from XKeyScore provides a worked example of a search: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-targets-visiting-specific-websites-p1-normal.gif: TOP SECRET//COMINT//REL TO USA, AUS, CAN. GBR. NZU/20320108 Center.! =*oc Book Aleo Hammer See next page for Derived From: NSA'CSSM ...
0.0

XKEYSCORE for Counter-CNE

Document

Release Date: 2015-07-01 Document Date: 2011-03-01
This NSA presentation from March 2011 discusses the use of the XKeyScore tool for countering foreign CNE attacks: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-for-counter-cne-p1-normal.gif: TOP SECRET//COMINT//REL TO USA, FVEY Using the XKS CNE dataset and a DISGRUNTLEDDUCK fingerprint, we now see at least 21 TAO boxes with evidence of this in...
0.0

DAPINO GAMMA Gemalto Yuaawaa

Document

Release Date: 2015-02-19 Document Date: 2011-01-01
This Wiki page from 2011 details aspects of GCHQ’s DAPINO GAMMA operation against mobile SIM manufacturer Gemalto: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
[edit] Other Gemalto Yuaawaa - secure file sharing service identified, apparently used by gemalto employees- maybe just as testers? Findings from JTRIG research identified as a Gem...
0.0

HIDDENSALAMANDER: Alerting and Characterization of Botnet Activity in TURMOIL

Document

Release Date: 2015-01-17
This undated NSA presentation describes techniques for detecting botnets: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
P SECRET//COMINT//REL TO USA, FVEY HIDDENSALAMANDER Alerting and Characterization of _____iyiissiQr\] CAPABILIT, ES Botnet Activity in TURMOIL Briefers: SECRET//REL TO USA, FV...
0.0

OSINT Fusion Project

Document

Release Date: 2015-07-01
This undated presentation from NSA’s UK-based Menwith Hill station describes the various uses of open source intelligence (OSINT) in computer network operations, including the monitoring of hacker forums and spotting opportunities for so-called “Fourth Party Collection”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, FVEY OSINT FUSION PROJECT Lockheed Martin IS&GS Intelligence LOCKHEED MARTIN TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA,...

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh