From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs29315qah; Tue, 17 May 2011 11:01:53 -0700 (PDT) Received: by 10.229.237.18 with SMTP id km18mr685090qcb.126.1305655312251; Tue, 17 May 2011 11:01:52 -0700 (PDT) Return-Path: <> Received: from exanpcn27.arinc.com (exanpcn27.arinc.com [144.243.3.28]) by mx.google.com with ESMTP id h10si1398507qck.140.2011.05.17.11.01.47; Tue, 17 May 2011 11:01:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of exanpcn27.arinc.com designates 144.243.3.28 as permitted sender) client-ip=144.243.3.28; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of exanpcn27.arinc.com designates 144.243.3.28 as permitted sender) smtp.mail= X-AuditID: 90f3031b-b7cf3ae0000017de-d1-4dd2b8094157 Received: from EXANPCH2.arinc.com ( [10.243.77.162]) by exanpcn27.arinc.com (Symantec Brightmail Gateway - OUT) with SMTP id 10.10.06110.908B2DD4; Tue, 17 May 2011 14:01:45 -0400 (EDT) Received: from EXANPCH2.arinc.com ([fe80::3435:ce16:9880:8f27%16]) by EXANPCH2.arinc.com ([fe80::3435:ce16:9880:8f27%16]) with Microsoft SMTP Server id 14.01.0270.001; Tue, 17 May 2011 14:01:44 -0400 From: "Ferrer, Frederick J. (FFERRER)" To: Karim Hijazi Unveillance Email Subject: Automatic reply: Touching base Thread-Topic: Touching base Thread-Index: AQHMFLx7mdoRH0JB4kGjCfUVafOzcw== Date: Tue, 17 May 2011 18:01:44 +0000 Message-ID: References: <4DD2B80B.5060808@unveillance.com> In-Reply-To: <4DD2B80B.5060808@unveillance.com> X-MS-Has-Attach: X-Auto-Response-Suppress: All X-MS-Exchange-Inbox-Rules-Loop: FFERRER@arinc.com X-MS-TNEF-Correlator: Content-Type: multipart/alternative; boundary="_000_f2518f9d75f74688b54defc4de34d3cdEXANPCH2arinccom_" MIME-Version: 1.0 X-Brightmail-Tracker: AAAAAA== --_000_f2518f9d75f74688b54defc4de34d3cdEXANPCH2arinccom_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I am currently out of the office. Please contact me at my Blackberry (717.8= 18.7707) if you have an urgent matter. --_000_f2518f9d75f74688b54defc4de34d3cdEXANPCH2arinccom_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I am currently out of the office. Please contact me at my Blackberry (717.8= 18.7707) if you have an urgent matter. --_000_f2518f9d75f74688b54defc4de34d3cdEXANPCH2arinccom_-- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: Received: from [192.168.1.107] (c-76-31-218-178.hsd1.tx.comcast.net [76.31.218.178]) by mx.google.com with ESMTPS id q8sm530483ann.19.2011.05.17.11.04.59 (version=SSLv3 cipher=OTHER); Tue, 17 May 2011 11:05:00 -0700 (PDT) Message-ID: <4DD2B8D5.5010602@unveillance.com> Disposition-Notification-To: Karim Hijazi Unveillance Email Date: Tue, 17 May 2011 13:05:09 -0500 From: Karim Hijazi Unveillance Email Reply-To: khijazi@unveillance.com Organization: Unveillance User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: MDonofrio@scitor.com Subject: Touching base X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Mark, I hope this email finds you well. I would be interested in discussing some potential opportunities with Unveillance. Let me know when might be convenient to speak. Thank you. - -- All the best, Karim Hijazi CEO | President Unveillance O. (800) 540-8478 M. (561) 542-5704 www.unveillance.com khijazi@unveillance.com ******************************************** CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named person's use only. The information contained in this communication is confidential and/or privileged, proprietary information that is transmitted solely for the purpose of the intended recipient(s). No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender or any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. ******************************************** -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iQEcBAEBAgAGBQJN0rjVAAoJEIk0Dw4U/G3lPW8H+wUyL+G/IlLM7UEEfhIrq+l1 wzUWZTyD8Pqx1RgFPDX0KF4X3a8JxuypkUz21U6l2MbBuPFW7XQ/Gs6aeCrHUVVc bWwA75i+MLt+gYqsmunTbZwyDPTzxWSXHRBjIoG88QFiYXWvzZqg1RfKgMFGQRpA 7Slkg4/kKX9J9RCFn0vcuVnE+HJ10GrkGQ98/cPBIUBFryBMWlNfdJXURnzrwhub B2UOExPnETT2PQr/tgZBhvLuzcdrPmQlH7j3WOKabgBlqScfTRBqusT07GtG/ANu RSvuSd7i86NSm1bilsFl9xjsGyvrjT2yf+eqyPosWnYRwEt1u8Yj3mKHNxnT/vU= =o5Ff -----END PGP SIGNATURE----- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs29538qah; Tue, 17 May 2011 11:07:06 -0700 (PDT) Received: by 10.213.13.14 with SMTP id z14mr1229385ebz.25.1305655625457; Tue, 17 May 2011 11:07:05 -0700 (PDT) Return-Path: Received: from imc03.pandasoftware.com (imc03.pandasoftware.com [91.216.218.74]) by mx.google.com with ESMTP id y8si1574521eeh.89.2011.05.17.11.07.04; Tue, 17 May 2011 11:07:05 -0700 (PDT) Received-SPF: pass (google.com: domain of pedro.bustamante@pandasecurity.com designates 91.216.218.74 as permitted sender) client-ip=91.216.218.74; Authentication-Results: mx.google.com; spf=pass (google.com: domain of pedro.bustamante@pandasecurity.com designates 91.216.218.74 as permitted sender) smtp.mail=pedro.bustamante@pandasecurity.com Received: from escorpexh06.pandasoftware.local (unknown [192.168.100.190]) by imc03.pandasoftware.com (Postfix) with ESMTP id 26FA3B3B4A; Tue, 17 May 2011 20:07:03 +0200 (CEST) Received: from ESCORPEXH04.pandasoftware.local ([172.16.0.71]) by escorpexh06.pandasoftware.local with Microsoft SMTPSVC(6.0.3790.3959); Tue, 17 May 2011 20:07:02 +0200 Received: from ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL ([172.21.1.13]) by ESCORPEXH04.pandasoftware.local with Microsoft SMTPSVC(6.0.3790.3959); Tue, 17 May 2011 20:07:02 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: Follow up Date: Tue, 17 May 2011 20:06:51 +0200 Message-ID: <84ECAF53A2F0F045BD9B7FD0FC56A0BD1087ED58@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL> In-Reply-To: <4DD1A3AC.5020905@unveillance.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Follow up thread-index: AcwUF8WPlFy2pma5Qvy6yukizbPznQApS8EQ References: <4DD1A3AC.5020905@unveillance.com> From: "Pedro Bustamante Lopez-Chicheri" To: "Matt Thompson" Cc: "Karim Hijazi Unveillance Email" X-OriginalArrivalTime: 17 May 2011 18:07:02.0610 (UTC) FILETIME=[39173B20:01CC14BD] OK as of today's samples share package (0517) we are including your key. You can start downloading samples every day from now on: FTP Server: ftp.pandasecurity.com (Port 21 / FTP Active Mode) User: malware-daily Password: ds4mp1es Regards, Pedro -----Mensaje original----- De: Matt Thompson [mailto:mthompson@unveillance.com]=20 Enviado el: lunes, 16 de mayo de 2011 15:23 Para: Pedro Bustamante Lopez-Chicheri CC: Karim Hijazi Unveillance Email Asunto: Follow up Hi Pedro, Nice chatting with you again. Looking forward to doing business. I've attached a fresh public key for malware exchange. The following are the cdmon domains used for Mariposa C&C: lalundelau.sinip.es bf2back.sinip.es bfisback.sinip.es qwertasdfg.sinip.es butterfly.sinip.es defintelsucks.sinip.es gusanodeseda.sinip.es legion.sinip.es booster.estr.es mierda.notengodominio.com I created a dedicated sensor for these domains at the IP 173.255.212.165 Cheers, Matt Thompson From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: Received: from [192.168.1.107] (c-76-31-218-178.hsd1.tx.comcast.net [76.31.218.178]) by mx.google.com with ESMTPS id s11sm531046anm.14.2011.05.17.11.08.08 (version=SSLv3 cipher=OTHER); Tue, 17 May 2011 11:08:09 -0700 (PDT) Message-ID: <4DD2B991.3090805@unveillance.com> Disposition-Notification-To: Karim Hijazi Unveillance Email Date: Tue, 17 May 2011 13:08:17 -0500 From: Karim Hijazi Unveillance Email Reply-To: khijazi@unveillance.com Organization: Unveillance User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10 MIME-Version: 1.0 To: Dave West Subject: Re: Pleasure meeting you References: <4DBF05F9.6020208@unveillance.com> <019d01cc091a$f58e86e0$e0ab94a0$@com> In-Reply-To: <019d01cc091a$f58e86e0$e0ab94a0$@com> X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Dave, Hope you are doing well. I would be interested in speaking to you a bit further regarding how we might be able to leverage the Unveillance solution to the Ridge Global client base. Let me know when you might have a convenient time to speak. Thank you. Best, Karim On 5/2/2011 5:47 PM, Dave West wrote: > Karim - Thanks so much for the time last week and the great presentation. > To say what you are doing is a fascinating piece of entrepreneurism would be > an understatement. Look forward to catching up. I'm a bit slammed this > week with a number of meetings I need to get Governor Ridge and our team > successfully through; however, I look forward to discussing. We do not have > a pool of capital of our own to invest and we mostly do consulting work; > however, we have a number of clients that are actively looking for > capabilities and partners - and our network is pretty board and unique. If > the attached is helpful and there are any ways you think we might be able to > help you either now or down the road as you manage the growth path, I'd love > to explore those. > > I'm a recent former UChicago MBA that focused on VC and private equity > (international advisor to Ridge/Chertoff at DHS before that), so I'll be > cheering you on regardless! > > Best, > Dave > > Dave West > Ridge Global LLC > Direct: 202-717-8426 > > > -----Original Message----- > From: Karim Hijazi Unveillance Email [mailto:khijazi@unveillance.com] > Sent: Monday, May 02, 2011 3:29 PM > To: dwest@ridgeglobal.com > Subject: Pleasure meeting you > > David, > > Thank you for your time and allowing me to present Unveillance to you. > I appreciate your interest and would be happy to answer any other > questions you may have. Please feel free to contact me anytime. > > - -- All the best, Karim Hijazi CEO | President Unveillance O. (800) 540-8478 M. (561) 542-5704 www.unveillance.com khijazi@unveillance.com ******************************************** CONFIDENTIAL & PRIVILEGED COMMUNICATION This message is for the named person's use only. The information contained in this communication is confidential and/or privileged, proprietary information that is transmitted solely for the purpose of the intended recipient(s). No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender or any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. ******************************************** -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iQEcBAEBAgAGBQJN0rmRAAoJEIk0Dw4U/G3lv04IAJMdnouYT4+zxYXjjTkpnTDV yP4bwaPACM8QUe3RvE11lkyF8xR9PB8UK4el3rFJPntnPuFZ+MsgvKBqj2GEmZNM oUGkSbGgMgrdD4m5hl7ArJ0WuH+B46NqODe+oTvRdblt8OSvwKpDvM7wL/buKIS6 QMnvTzpUQiaqvXMr+9NCwseXKF/qLL6uxncBsaKFG6UrshrTbTHM4MZx+ZCuMxxi LqoMrGNLlitTQgVQnMLzGOxv/WyrTciPAZXct32TxGxhgLb0qW78QlAJhjuxN5q3 IF6ljYhM7Gbxf3dEP67MO/g6W1GR7FAzXjLfFKIiVgSj4EuUEc9qt73eJVpsl4I= =Rz93 -----END PGP SIGNATURE----- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs27057qah; Tue, 17 May 2011 09:59:16 -0700 (PDT) Received: by 10.224.115.202 with SMTP id j10mr665662qaq.2.1305651556260; Tue, 17 May 2011 09:59:16 -0700 (PDT) Return-Path: Received: from omr3.networksolutionsemail.com (omr3.networksolutionsemail.com [205.178.146.53]) by mx.google.com with ESMTP id g1si1282658qcq.206.2011.05.17.09.59.15; Tue, 17 May 2011 09:59:15 -0700 (PDT) Received-SPF: neutral (google.com: 205.178.146.53 is neither permitted nor denied by best guess record for domain of wbruner@bkinternational.net) client-ip=205.178.146.53; Authentication-Results: mx.google.com; spf=neutral (google.com: 205.178.146.53 is neither permitted nor denied by best guess record for domain of wbruner@bkinternational.net) smtp.mail=wbruner@bkinternational.net Received: from cm-omr13 (mail.networksolutionsemail.com [205.178.146.50]) by omr3.networksolutionsemail.com (8.13.6/8.13.6) with ESMTP id p4HGxE5f031888 for ; Tue, 17 May 2011 12:59:14 -0400 Authentication-Results: cm-omr13 smtp.user=wbruner@bkinternational.net; auth=pass (LOGIN) X-Authenticated-UID: wbruner@bkinternational.net Received: from [96.231.67.165] ([96.231.67.165:50713] helo=OwnerPC) by cm-omr13 (envelope-from ) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTPA id C1/67-28449-169A2DD4; Tue, 17 May 2011 12:59:14 -0400 From: "Whitley Bruner" To: "'Karim Hijazi Unveillance Email'" In-Reply-To: <4DD1C859.1050108@unveillance.com> Subject: Read: Things are getting interesting Date: Tue, 17 May 2011 12:59:09 -0400 Message-ID: <00f101cc14b3$c0454b50$40cfe1f0$@bkinternational.net> MIME-Version: 1.0 Content-Type: multipart/report; report-type=disposition-notification; boundary="----=_NextPart_000_00F2_01CC1492.39361C50" X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQLhab3dxAdGOM5i0EDsrhrEV/oGiZJmk8rI This is a multipart message in MIME format. ------=_NextPart_000_00F2_01CC1492.39361C50 Content-Type: multipart/alternative; boundary="----=_NextPart_001_00F3_01CC1492.39361C50" ------=_NextPart_001_00F3_01CC1492.39361C50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Your message To: Whitley Bruner; 'Kareem Al-Hassani' Subject: Things are getting interesting Sent: 5/16/2011 8:59 PM was read on 5/17/2011 12:58 PM. ------=_NextPart_001_00F3_01CC1492.39361C50 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Read: Things are getting interesting

Your message

    To:  Whitley Bruner; 'Kareem Al-Hassani'
    Subject:  Things are getting interesting
    Sent:  5/16/2011 8:59 PM

was read on 5/17/2011 12:58 PM.

------=_NextPart_001_00F3_01CC1492.39361C50-- ------=_NextPart_000_00F2_01CC1492.39361C50 Content-Type: message/disposition-notification Content-Transfer-Encoding: 7bit Reporting-UA: bkinternational.net; Microsoft Outlook 14.0 Final-Recipient: rfc822;wbruner@bkinternational.net Original-Message-ID: <4DD1C859.1050108@unveillance.com> Disposition: manual-action/MDN-sent-automatically; displayed ------=_NextPart_000_00F2_01CC1492.39361C50-- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs27069qah; Tue, 17 May 2011 09:59:36 -0700 (PDT) Received: by 10.52.180.164 with SMTP id dp4mr1197769vdc.119.1305651572665; Tue, 17 May 2011 09:59:32 -0700 (PDT) Return-Path: Received: from mail-qw0-f45.google.com (mail-qw0-f45.google.com [209.85.216.45]) by mx.google.com with ESMTPS id k18si434042vdu.62.2011.05.17.09.59.31 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 17 May 2011 09:59:31 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.216.45 is neither permitted nor denied by best guess record for domain of ben@ventenetworks.com) client-ip=209.85.216.45; Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.216.45 is neither permitted nor denied by best guess record for domain of ben@ventenetworks.com) smtp.mail=ben@ventenetworks.com Received: by qwj8 with SMTP id 8so420401qwj.4 for ; Tue, 17 May 2011 09:59:31 -0700 (PDT) Received: by 10.229.25.211 with SMTP id a19mr659043qcc.81.1305651571085; Tue, 17 May 2011 09:59:31 -0700 (PDT) Return-Path: Received: from [192.168.0.101] ([12.54.153.2]) by mx.google.com with ESMTPS id m13sm408744qcu.40.2011.05.17.09.59.29 (version=SSLv3 cipher=OTHER); Tue, 17 May 2011 09:59:30 -0700 (PDT) User-Agent: Microsoft-Entourage/12.29.0.110113 Date: Tue, 17 May 2011 12:59:28 -0400 Subject: Call From: ben turner To: Karim Hijazi CC: AR Message-ID: Thread-Topic: Call Thread-Index: AcwUs8haHO1m8L0jTUGepLXzmUmozg== Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3388481969_12131290" > This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --B_3388481969_12131290 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Karim Hope all is well. Do you have time to do a call later this week to discuss our project. Want to make sure I understand how you size the market, walk through how VRSN and you can work together and get a better understanding of your sink holes. I am fairly good thurs and fri. Regards Ben -- --B_3388481969_12131290 Content-type: text/html; charset="US-ASCII" Content-transfer-encoding: quoted-printable Call Karim

Hope all is well.  Do you have time to do a call later this week to di= scuss our project.  Want to make sure I understand how you size the mar= ket, walk through how VRSN and you can work together and get a better unders= tanding of your sink holes.  I am fairly good thurs and fri.  

Regards

Ben
--

--B_3388481969_12131290-- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs27312qah; Tue, 17 May 2011 10:06:00 -0700 (PDT) Received: by 10.229.218.210 with SMTP id hr18mr664072qcb.10.1305651960342; Tue, 17 May 2011 10:06:00 -0700 (PDT) Return-Path: Received: from snt0-omc3-s10.snt0.hotmail.com (snt0-omc3-s10.snt0.hotmail.com [65.55.90.149]) by mx.google.com with ESMTP id r32si1320858qcs.54.2011.05.17.10.05.59; Tue, 17 May 2011 10:05:59 -0700 (PDT) Received-SPF: pass (google.com: domain of jsbardin@hotmail.com designates 65.55.90.149 as permitted sender) client-ip=65.55.90.149; Authentication-Results: mx.google.com; spf=pass (google.com: domain of jsbardin@hotmail.com designates 65.55.90.149 as permitted sender) smtp.mail=jsbardin@hotmail.com Received: from SNT126-W20 ([65.55.90.137]) by snt0-omc3-s10.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 17 May 2011 10:05:58 -0700 Message-ID: Return-Path: jsbardin@hotmail.com Content-Type: multipart/alternative; boundary="_6ff8a575-0ec0-4530-8b9f-32a4f67aa8da_" X-Originating-IP: [66.168.112.216] From: Jeff Bardin Sender: To: Karim Hijazi Subject: http://www.amphionforum.com/ Date: Tue, 17 May 2011 13:05:58 -0400 Importance: Normal MIME-Version: 1.0 X-OriginalArrivalTime: 17 May 2011 17:05:58.0732 (UTC) FILETIME=[B13FD0C0:01CC14B4] --_6ff8a575-0ec0-4530-8b9f-32a4f67aa8da_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Karim=2C =20 New conference from the founder of the original RSA Conference program. I = am in talks with him to help get the word out about the conference and sign= up speakers. It may be a bit off the mark for Unveillance but let me know i= f you think you could play in this space (speak). =20 =20 Regards=2C Jeff =20 =20 ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ----------------------------------------------------- jbardin@treadstone71.com - www.treadstone71.com - twitter.com/jsbardin = - http://blogs.csoonline.com/blog/jeff_bardin http://www.youtube.com/user= /Infosecaware?feature=3Dmhum =20 The information in this electronic mail message is confidential and may be = legally privileged. It is intended solely for the addressee. Access to th= is Internet electronic mail message by anyone else is unauthorized. If you= are not the intended recipient=2C any disclosure=2C copying=2C distributio= n or any action taken or omitted to be taken in reliance on it is prohibite= d and may be unlawful. =20 =20 = --_6ff8a575-0ec0-4530-8b9f-32a4f67aa8da_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Karim=2C
 =3B
New conference from the founder of the original RSA Conference =3Bprogr= am. =3B I am in talks with him to help get the word out about the confe= rence and signup speakers. =3BIt may be a bit off the mark for Unveilla= nce but let me know if you think you could play in this =3Bspace (speak= ). =3B =3B
 =3B
Regards=2C
Jeff

 =3B
 =3B
------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= -----------------------------
jbardin@treadstone71.com=  =3B - =3B www.treadstone71.com<= /FONT> =3B - =3B twitter.com/= jsbardin =3B - =3B http://blogs.csoonline.com/blog/jeff_bardin =3Bhttp://www.youtube.com/user/I= nfosecaware?feature=3Dmhum
 =3B
The information in this= electronic mail message is confidential and may be legally privileged.&nbs= p=3B It is intended solely for the addressee. =3B Access to this Intern= et electronic mail message by anyone else is unauthorized. =3B If you a= re not the intended recipient=2C any disclosure=2C copying=2C distribution = or any action taken or omitted to be taken in reliance on it is prohibited = and may be unlawful.
 =3B
 =3B



= --_6ff8a575-0ec0-4530-8b9f-32a4f67aa8da_-- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs27398qah; Tue, 17 May 2011 10:07:56 -0700 (PDT) Received: by 10.150.160.3 with SMTP id i3mr334077ybe.337.1305652076307; Tue, 17 May 2011 10:07:56 -0700 (PDT) Return-Path: Received: from achillea.mktdns.com (achillea.mktdns.com [199.15.212.61]) by mx.google.com with ESMTP id u32si8978107yba.11.2011.05.17.10.07.56; Tue, 17 May 2011 10:07:56 -0700 (PDT) Received-SPF: pass (google.com: domain of mail000@achillea.mktdns.com designates 199.15.212.61 as permitted sender) client-ip=199.15.212.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of mail000@achillea.mktdns.com designates 199.15.212.61 as permitted sender) smtp.mail=mail000@achillea.mktdns.com; dkim=pass header.i=@sourcefire.com Received: from mktomail.com ([172.25.6.160]) by achillea.mktdns.com (StrongMail Enterprise 4.1.1.6(4.1.1.6-56715)); Tue, 17 May 2011 11:59:56 -0500 X-VirtualServer: vsg-sm5-61, achillea.mktdns.com, 172.25.6.61 X-VirtualServerGroup: vsg-sm5-61 X-MailingID: 1299365663::sourcefireBetacust-3047-6198-0-1992-prod-1277::1277::0::536649::223446 X-SMHeaderMap: mid="X-MailingID" X-Destination-ID: khijazi@unveillance.com X-SMFBL: a2hpamF6aUB1bnZlaWxsYW5jZS5jb20= DomainKey-Signature: a=rsa-sha1; c=nofws; s=m1; d=sourcefire.com; q=dns; b=Idgk+GiO0TK6IP/3TkdWjTkyC7kiPjJQbK7V2hsnHYJt0niIC2npP7/5Gd1EawH8TaJXiqTV58Ig5jRFiJF2eX6Hoy/Kdh48igGNVLKfy7qWrFl0L2aVLjemACtVzOvmqZtYX1WcPhGJy1yMRvaaiWJ4yC93DKIxl/UyQMC0rY4= DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=sourcefire.com; s=m1; i=@sourcefire.com; h=Content-Transfer-Encoding: Content-Type:X-Report-Abuse:Reply-To:MIME-Version:Message-ID: Subject:Date:To:From; bh=Lic1vvT70pUqpjawcmfpp0rXT1c=; b=m0sxV48 cfnx3YQKvjVwxWgMe2oIYpMFu2UsdJ/qOW+oDeD84hCJbJReMB+LXQwhhR6EeHOF /VjKcBHUDSchYvLkWTy2s2K7URlHV9QlIdAm34Bp3zINKgOA3uhTRChbJTqmd1Qw 4J5KUU3n2+o/jLnSidDFjORR5RFpOSKnhxGo= Content-Transfer-Encoding: 7bit Content-Type: multipart/alternative; boundary="----=_NextPart_001_AEA6_74B0DC51.19495CFF" X-Report-Abuse: Please report abuse here: http://www.marketo.com/policy Reply-To: sourcefiremarketing@sourcefire.com MIME-Version: 1.0 Message-ID: <1299365663.223446@sourcefire.com> Subject: Sourcefire Webinar: Reaping the Benefits of IPS and SIEM Integration Date: Tue, 17 May 2011 11:59:55 -0500 To: khijazi@unveillance.com From: "Sourcefire Marketing" ------=_NextPart_001_AEA6_74B0DC51.19495CFF Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline To view this email as a web page, go to the following address: http://sourcefire.mktoweb.com/index.php/email/emailWebview?mkt_tok=3RkMMJWWfF9wsRolu6jOZKXonjHpfsX96OorXa6g38431UFwdcjKPmjr1YIIRcB0dvycMRAVFZl5nR9XD%2FKWeYZJ6PA%3D Dear Karim, Your Sourcefire IPS is designed to defend your network from today’s most sophisticated threats. But a network IPS is but one piece of your organization’s IT security puzzle. With some organizations generating millions or even billions of events per day from best-of-breed endpoint and network security solutions, distilling that data down to priority offenses can be a daunting task. Join cybersecurity experts from Sourcefire and Q1 Labs to learn how to glue all of the pieces of your IT security puzzle together into a single, manageable framework for defending your network and achieving your compliance goals. In this webinar, you will learn: - Key benefits of IPS and SIEM integration - Insights into Sourcefire’s eStreamer interface - How a combined Sourcefire / Q1 Labs solution can work for you Webcast Details Title: Reaping the Benefits of IPS and SIEM Integration Date: Tuesday, May 24, 2011 Time: 11:00 a.m. EST/ 8:00 a.m. PST/ 4:00 p.m. GMT Presenter: Douglas Hurd, Director of Technical Alliances Sourcefire Matt Ward, Sr. Product Manager Q1 Labs REGISTER HERE: https://www3.gotomeeting.com/register/718300758 Join the Conversation ©2011 Sourcefire, Inc. Sourcefire 9770 Patuxent Woods Drive Columbia, MD 21046 United States Phone: 800.917.4134 Fax: 410.290.0024 Contact Us If you no longer wish to receive these emails, go to the following link to unsubscribe: http://sourcefire.mktoweb.com/SourcefireSubscriptionManagement.html ------=_NextPart_001_AEA6_74B0DC51.19495CFF Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline
To view this email as a web page, click here

Dear Karim,

Your Sourcefire IPS is designed to defend your network from today’s most sophisticated threats. But a network IPS is but one piece of your organization’s IT security puzzle.
Puzzle
With some organizations generating millions or even billions of events per day from best-of-breed endpoint and network security solutions, distilling that data down to priority offenses can be a daunting task.

Join cybersecurity experts from Sourcefire and Q1 Labs to learn how to glue all of the pieces of your IT security puzzle together into a single, manageable framework for defending your network and achieving your compliance goals. In this webinar, you will learn:

  • Key benefits of IPS and SIEM integration
  • Insights into Sourcefire’s eStreamer interface
  • How a combined Sourcefire / Q1 Labs solution can work for you

 

                                    Register
Webcast Details

Title: Reaping the Benefits of IPS and SIEM Integration
Date: Tuesday, May 24, 2011
Time: 11:00 a.m. EST/ 8:00 a.m. PST/ 4:00 p.m. GMT
Presenters:
Douglas Hurd
Director of Technical Alliances
Sourcefire
Matt Ward
Sr. Product Manager
Q1 Labs
Sourcefire 9770 Patuxent Woods Drive Columbia, MD 21046 United States
Phone: 800.917.4134 Fax: 410.290.0024 Contact Us

If you no longer wish to receive these emails, click on the following link: Unsubscribe

------=_NextPart_001_AEA6_74B0DC51.19495CFF-- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs27575qah; Tue, 17 May 2011 10:12:41 -0700 (PDT) Received: by 10.224.140.69 with SMTP id h5mr623299qau.346.1305652360936; Tue, 17 May 2011 10:12:40 -0700 (PDT) Return-Path: Received: from snt0-omc3-s13.snt0.hotmail.com (snt0-omc3-s13.snt0.hotmail.com [65.55.90.152]) by mx.google.com with ESMTP id s1si1336822qco.15.2011.05.17.10.12.39; Tue, 17 May 2011 10:12:39 -0700 (PDT) Received-SPF: pass (google.com: domain of jsbardin@hotmail.com designates 65.55.90.152 as permitted sender) client-ip=65.55.90.152; Authentication-Results: mx.google.com; spf=pass (google.com: domain of jsbardin@hotmail.com designates 65.55.90.152 as permitted sender) smtp.mail=jsbardin@hotmail.com Received: from SNT126-W4 ([65.55.90.135]) by snt0-omc3-s13.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 17 May 2011 10:12:39 -0700 Message-ID: Return-Path: jsbardin@hotmail.com Content-Type: multipart/alternative; boundary="_cfa0ee3f-74be-40ba-aa07-1c19d46f35f9_" X-Originating-IP: [66.168.112.216] From: Jeff Bardin Sender: To: Karim Hijazi Subject: RE: http://www.amphionforum.com/ Date: Tue, 17 May 2011 13:12:38 -0400 Importance: Normal In-Reply-To: References: MIME-Version: 1.0 X-OriginalArrivalTime: 17 May 2011 17:12:39.0588 (UTC) FILETIME=[A02D9640:01CC14B5] --_cfa0ee3f-74be-40ba-aa07-1c19d46f35f9_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable FYI http://www.mocana.com/ is the main driver behind this effort =20 =20 From: jbardin@treadstone71.com To: khijazi@unveillance.com Subject: http://www.amphionforum.com/ Date: Tue=2C 17 May 2011 13:05:58 -0400 Karim=2C =20 New conference from the founder of the original RSA Conference program. I = am in talks with him to help get the word out about the conference and sign= up speakers. It may be a bit off the mark for Unveillance but let me know i= f you think you could play in this space (speak). =20 =20 Regards=2C Jeff =20 =20 ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ----------------------------------------------------- jbardin@treadstone71.com - www.treadstone71.com - twitter.com/jsbardin = - http://blogs.csoonline.com/blog/jeff_bardin http://www.youtube.com/user= /Infosecaware?feature=3Dmhum =20 The information in this electronic mail message is confidential and may be = legally privileged. It is intended solely for the addressee. Access to th= is Internet electronic mail message by anyone else is unauthorized. If you= are not the intended recipient=2C any disclosure=2C copying=2C distributio= n or any action taken or omitted to be taken in reliance on it is prohibite= d and may be unlawful. =20 =20 = --_cfa0ee3f-74be-40ba-aa07-1c19d46f35f9_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable FYI http://www.mocana.com/ =3B i= s the main driver behind this effort

 =3B
 =3B =3B
From: jbardin@treadstone71.com
To: khijazi@unveillance.com
Subject: h= ttp://www.amphionforum.com/
Date: Tue=2C 17 May 2011 13:05:58 -0400
<= BR> Karim=2C
 =3B
New conference from the founder of the original RSA= Conference =3Bprogram. =3B I am in talks with him to help get the = word out about the conference and signup speakers. =3BIt may be a bit o= ff the mark for Unveillance but let me know if you think you could play in = this =3Bspace (speak). =3B =3B
 =3B
Regards=2C
Jef= f

 =3B
 =3B
---------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= --------------------------
jbardin@treadstone71.com =3B - =3B www.treadstone71.com =3B - =3B twitter.com/jsb= ardin =3B - =3B http://blogs.csoonline.com/blog/jeff_bardin =3Bhttp://www.youtube.com/user/Inf= osecaware?feature=3Dmhum
 =3B
The information in this e= lectronic mail message is confidential and may be legally privileged. = =3B It is intended solely for the addressee. =3B Access to this Interne= t electronic mail message by anyone else is unauthorized. =3B If you ar= e not the intended recipient=2C any disclosure=2C copying=2C distribution o= r any action taken or omitted to be taken in reliance on it is prohibited a= nd may be unlawful.
 =3B
 =3B



= --_cfa0ee3f-74be-40ba-aa07-1c19d46f35f9_-- From - Sat May 21 19:22:07 2011 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Delivered-To: khijazi@unveillance.com Received: by 10.224.61.4 with SMTP id r4cs28540qah; Tue, 17 May 2011 10:43:18 -0700 (PDT) Received: by 10.224.180.203 with SMTP id bv11mr679784qab.390.1305654197662; Tue, 17 May 2011 10:43:17 -0700 (PDT) Return-Path: Received: from snt0-omc3-s26.snt0.hotmail.com (snt0-omc3-s26.snt0.hotmail.com [65.55.90.165]) by mx.google.com with ESMTP id r7si1358538qcq.201.2011.05.17.10.43.16; Tue, 17 May 2011 10:43:16 -0700 (PDT) Received-SPF: pass (google.com: domain of jsbardin@hotmail.com designates 65.55.90.165 as permitted sender) client-ip=65.55.90.165; Authentication-Results: mx.google.com; spf=pass (google.com: domain of jsbardin@hotmail.com designates 65.55.90.165 as permitted sender) smtp.mail=jsbardin@hotmail.com Received: from SNT126-W49 ([65.55.90.135]) by snt0-omc3-s26.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 17 May 2011 10:43:16 -0700 Message-ID: Return-Path: jsbardin@hotmail.com Content-Type: multipart/alternative; boundary="_779383a0-cafb-4eb6-82fc-e9a4d7378772_" X-Originating-IP: [66.168.112.216] From: Jeff Bardin Sender: To: Karim Hijazi Subject: DOL Date: Tue, 17 May 2011 13:43:15 -0400 Importance: Normal MIME-Version: 1.0 X-OriginalArrivalTime: 17 May 2011 17:43:16.0409 (UTC) FILETIME=[E7023A90:01CC14B9] --_779383a0-cafb-4eb6-82fc-e9a4d7378772_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable The issues with Zeus are still cranking away on the same IP as yesterday ..= .=20 =20 Provided like screenshots to Marriott and to the CTO for the State of Michi= gan (former CISO for Michigan as well). Hope to get more interest. =20 Regards=2C Jeff =20 =20 ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ----------------------------------------------------- jbardin@treadstone71.com - www.treadstone71.com - twitter.com/jsbardin = - http://blogs.csoonline.com/blog/jeff_bardin http://www.youtube.com/user= /Infosecaware?feature=3Dmhum =20 The information in this electronic mail message is confidential and may be = legally privileged. It is intended solely for the addressee. Access to th= is Internet electronic mail message by anyone else is unauthorized. If you= are not the intended recipient=2C any disclosure=2C copying=2C distributio= n or any action taken or omitted to be taken in reliance on it is prohibite= d and may be unlawful. =20 =20 = --_779383a0-cafb-4eb6-82fc-e9a4d7378772_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
The issues with Zeus are still cranking away on the same IP as yesterda= y ...
 =3B
Provided like screenshots to Marriott and to the CTO for the State of Michi= gan (former =3BCISO for Michigan as well). =3B Hope to get more int= erest.
 =3B
Regards=2C
Jeff
 =3B
 =3B
----------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= -------------------------
jbardin@treadstone71.com =3B - =3B www.treadstone71.com =3B - =3B twitter.com/jsba= rdin =3B - =3B http://blogs.csoonline.com/blog/jeff_bardin =3Bhttp://www.youtube.com/user/Inf= osecaware?feature=3Dmhum
 =3B
The information in this e= lectronic mail message is confidential and may be legally privileged. = =3B It is intended solely for the addressee. =3B Access to this Interne= t electronic mail message by anyone else is unauthorized. =3B If you ar= e not the intended recipient=2C any disclosure=2C copying=2C distribution o= r any action taken or omitted to be taken in reliance on it is prohibited a= nd may be unlawful.
 =3B
 =3B



= --_779383a0-cafb-4eb6-82fc-e9a4d7378772_--