Re: FBI wants your malware

["Blanchard, Michael (InfoSec)" <michael.blanchard () emc com>]

Oh wait a minute!   They wanna buy our ZOO's???  well, ok, I rescind some of my previous message....  if they're 
purchasing our zoos, then they have every right to request it in any format they wish...  even sent via smoke signals 
in binary :-)


Still don't really trust them, but yah, that article makes it sound like they just wanna gather as many samples as 
quickly as possible and as easily as possible... what's easier than asking to purchase them all? :-)

 Mike B 

Michael P. Blanchard
Principal Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Cyber Security Services
EMC ² Corporation
32 Coslin Drive
Southboro, MA 01772


-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Paul Ferguson
Sent: Wednesday, February 05, 2014 1:58 PM
To: rmslade () shaw ca
Cc: funsec () linuxbox org
Subject: Re: [funsec] FBI wants your malware

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

The URL for this article is here:

http://www.nextgov.com/cybersecurity/cybersecurity-report/2014/02/fbi-market-malware/78218/

More appropriate excerpt here:

"The specific organization in need is the FBI Investigative Analysis
Unit of the Operational Technology Division, a team of specialists
providing on-the-scene tech support and "employing innovative, custom
developed analytical methods" to analyze digital evidence, according
to the solicitation."

That doesn't sound so scandalous. VirusTotal's parent company, Google,
could easily apply for this... or ShadowServer, or any number of
organizations which maintain libraries of malware.

- - ferg



On 2/5/2014 10:30 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:

> The FBI has sent out a call from malware, spam, and other unwanted
> digital trash.
>
> They want to build a repository in order to ... well, actually,
> they don't, and won't, according to the lack of response to a
> number of media requests, say why.
>
> Of course, don't bother sending in your daily allotment of odio
> lectus decipio urinatio (or spam trap diving).
>
> They want it bundled in a neat package, organized and categorized.
> (I'm not sure why the existing repositories aren't good enough for
> them.)
>
> Good luck, FBI.
- -- 
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iF4EAREIAAYFAlLyibEACgkQKJasdVTchbIcjwEAweCYAl/REHCgWqVx5DP0MQIW
3yZd0/HGgCLXnn4gRjwBALcEijFOmhUVqm2Ad9Y5GrZwvmUXENw3HRV6NLEn4Kes
=2Jzp
-----END PGP SIGNATURE-----
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.