Thank you Daniele,



I think it's a good idea have Edoardo there.

If necessary, someone from Italy can support him for security issues with firewall configuration.



Alex, please inform Raul about the visit in order to authorize the entrance, they didn't know Eduardo and stay in contact with them for the whole week.



Marco

--

Marco Bettini

Sales Manager



Sent from my mobile.



Da: Daniele Milan

Inviato: Friday, August 29, 2014 08:26 PM

A: Marco Bettini; Alex Velasco; 'daniele@hackingteam.it' <daniele@hackingteam.it>

Cc: Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; David Vincenzetti; Eduardo Pardo Carvajal; 'naga@hackingteam.it' <naga@hackingteam.it>

Oggetto: Re: R: Re: About CISEN and NSO



Marco, Alex,



Eduardo is available to reach the client next week.

I believe it is OK for Eduardo to reach them on Tuesday, upgrading and fixing connectivity on Wed/Thur and then support during the demo on Friday.

Does that work according to their schedule?



Meanwhile, Sergio please get in touch with Eduardo and update him on all the details that can be helpful.



Daniele

--

Daniele Milan

Operations Manager



Sent from my mobile.



From: Marco Bettini

Sent: Friday, August 29, 2014 07:21 PM

To: Alex Velasco; 'daniele@hackingteam.it' <daniele@hackingteam.it>

Cc: Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; David Vincenzetti; Eduardo Pardo Carvajal; 'naga@hackingteam.it' <naga@hackingteam.it>

Subject: R: Re: About CISEN and NSO



Danele,



Due to the critical situation, is it possible to arrange a visit to Mexico City on the first days of next week?

Cisen/Segob has a big influence in all federal organization in Mexico and their possible negative opinion against us could affect the other 3 or 4 deals we have there.



Thanks

Marco



--

Marco Bettini

Sales Manager



Sent from my mobile.



Da: Alex Velasco

Inviato: Friday, August 29, 2014 07:01 PM

A: Marco Bettini

Cc: Daniele Milan; Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; Marco Valleri; David Vincenzetti; Eduardo Pardo Carvajal

Oggetto: Re: About CISEN and NSO



Hello I was finally able to get to Raul.

Sergio - note for you below

Situation needs immediate action. They are preparing a demo with our system with no help from us as of yet. they have not reached out to us and from what I understand Raul is letting his guys do whats needed. Unfortunately his people are not the right profile to run this system. But this is what we have to work with.

He confirmed that the demo is for next week, not today. He was is under great pressure when talking to him, while he is preparing this demo of our system. He would not tell me who it was but a very high profile VIP. Being that they are close to the presidential office, I would guess they are the ones coming from this demo. At the time I was talking to him he did not know what day the demo was but that it was next week. they would come anytime they wanted.

My suggestion is the following: Please send one of the developers that know firewalls along with Eduardo ASAP to help the put everything right.

They do not have the current version and they do not have a firewall. With out our help they might not succeed in this demo. I personally do not like the odds in this and would prefer someone to be there.

At risk here is that demo fails and we lose Cisen as a client, but also since we have other contracts that are having a hard time getting approved, it could effect them as well.

Sergio - Do you remember what type of Firewall they had in their office?

One other think that Raul was saying is: They bought a full system and that the firewall installation is our responsibility. I know it is not ours but right now is not the time to argue this point. We need to make this right. The only other option is to watch our market fall apart in Mexico City.

Alex Velasco

Key Account Manager



Hacking Team

Milan Singapore Washington DC

www.hackingteam.com



email: a.velasco@hackingteam.com

mobile: +1 301.332.5654

phone: +1 443.949.7470 Travel: +39 33 5724 5469

On Aug 29, 2014, at 4:54 AM, Marco Bettini <m.bettini@hackingteam.com> wrote:

Try to speak with him asap, it's extremely important knows his feeling and decide our intervention.

Marco





Il giorno 28/ago/2014, alle ore 23:35, Alex Velasco <a.velasco@hackingteam.com> ha scritto:

Going to voice mail



Alex Velasco Key Account Manager

Hacking Team Milan Singapore Washington DC www.hackingteam.com

email: a.velasco@hackingteam.com mobile: +1 301.332.5654 phone: +1 443.949.7470



On Aug 28, 2014, at 3:48 PM, Marco Bettini <m.bettini@hackingteam.com> wrote:



Alex,



Have you call Raul?



Marco

--

Marco Bettini

Sales Manager



Sent from my mobile.



Da: Alex Velasco

Inviato: Thursday, August 28, 2014 09:10 PM

A: Daniele Milan

Cc: Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; Marco Bettini; Marco Valleri; David Vincenzetti

Oggetto: Re: About CISEN and NSO



All,

Their Problem is that they do not have the right firewall. They have A firewall but nobody knows how to install it. they have asked us to do it, but from what I understand they are not easy to install.

Last time we were there they told us that, asking for the firewall we requested, it would not happen for a long time possibly a year or more. the purchasing cycle and approval of requesting something out of the ordinary is long and difficult.

If we send anyone out to Mexico for this, it should be one of the developers that know firewalls and Eduardo. There only task would be to insure the system is up and running safely.

and I have said this many times before....

TO BE HONEST - I think they want this demo to fail! this way they get the NSO and the exaggerated price of 15 million and those involved will get their pay day for pushing sale thru.



Alex Velasco

Key Account Manager



Hacking Team

Milan Singapore Washington DC

www.hackingteam.com



email: a.velasco@hackingteam.com

mobile: +1 301.332.5654

phone: +1 443.949.7470 Travel: +39 33 5724 5469

On Aug 28, 2014, at 2:02 PM, Daniele Milan <d.milan@hackingteam.com> wrote:

Sergio please get in touch with them and organise for the upgrade, and let's hope this time they listen and don't procrastinate as usual.



Daniele

--

Daniele Milan

Operations Manager



Sent from my mobile.



From: Daniele Milan

Sent: Thursday, August 28, 2014 07:59 PM

To: Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; Marco Bettini; Alex Velasco

Cc: Marco Valleri; David Vincenzetti

Subject: Re: About CISEN and NSO



Even without firewall, at least then they will have the Windows one running and protecting the servers.



Maybe an internal demo, as many clients do.



Daniele

--

Daniele Milan

Operations Manager



Sent from my mobile.



From: Sergio Rodriguez-Solís y Guerrero

Sent: Thursday, August 28, 2014 07:53 PM

To: Daniele Milan; Giancarlo Russo; Marco Bettini; Alex Velasco

Cc: Marco Valleri; David Vincenzetti

Subject: Re: About CISEN and NSO



But I don't think they have firewall yet and my question is: what and who would they demo to?

--

Sergio Rodriguez-Solís y Guerrero

Field Application Engineer



Hacking Team

Milan Singapore Washington DC

www.hackingteam.com



email: s.solis@hackingteam.com

mobile: +34 608662179

phone: +39 0229060603



De: Daniele Milan

Enviado: Thursday, August 28, 2014 07:48 PM

Para: Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; Marco Bettini; Alex Velasco

CC: Marco Valleri; David Vincenzetti

Asunto: Re: About CISEN and NSO



They have to upgrade before doing the demo. No one can know exactly how a 9.1.2 behaves in the infection phase now.



Daniele

--

Daniele Milan

Operations Manager



Sent from my mobile.



From: Sergio Rodriguez-Solís y Guerrero

Sent: Thursday, August 28, 2014 07:46 PM

To: Daniele Milan; Giancarlo Russo; Marco Bettini; Alex Velasco

Cc: Marco Valleri; David Vincenzetti

Subject: Re: About CISEN and NSO



Hi,

Marco (client) tells me they have 9.1.2

They say they have a demo on fiday (he said next week, so don't think is tomorrow). And later they will update (don't know how).

They asks what android versions are supported.

Can anybody tells me give me that info for 9.1.2?

Thanks

--

Sergio Rodriguez-Solís y Guerrero

Field Application Engineer



Hacking Team

Milan Singapore Washington DC

www.hackingteam.com



email: s.solis@hackingteam.com

mobile: +34 608662179

phone: +39 0229060603



De: Daniele Milan

Enviado: Thursday, August 28, 2014 07:33 PM

Para: Sergio Rodriguez-Solís y Guerrero; Giancarlo Russo; Marco Bettini; Alex Velasco

CC: Marco Valleri; David Vincenzetti

Asunto: Re: About CISEN and NSO



Sergio please check with them the exact version they are at, up to my knowledge they are still at 9.1.



In case they are pre-9.2, they have to be upgraded asap. Moreover, we should think about a visit to fix their security and follow-up on any concern.



Daniele

--

Daniele Milan

Operations Manager



Sent from my mobile.



From: Sergio Rodriguez-Solís y Guerrero

Sent: Thursday, August 28, 2014 06:53 PM

To: Giancarlo Russo; Marco Bettini; Daniele Milan; Alex Velasco

Cc: Marco Valleri; David Vincenzetti

Subject: Re: About CISEN and NSO



It is working, I am sure. I don´t know what version are they, but more than 9.2 almost sure



-- Sergio Rodriguez-Solís y Guerrero Field Application Engineer

Hacking Team Milan Singapore Washington DC www.hackingteam.com

email: s.solis@hackingteam.com phone: +39 0229060603 mobile: +34 608662179

El 28/08/2014, a las 18:51, Giancarlo Russo <g.russo@hackingteam.com> escribió:

Daniele / Sergio,



it means they are using a very old version of RCS considering that from 9.2 (or 9.3, i do not remember properly) all the security requirements are mandatory to make the system working, isn't it?



Did we performed the upgrade with them?



Alex,



can you update us as well on this request from Zeron and Neolinx, TONIGHT?



Thanks



Giancarlo







On 8/28/2014 6:22 PM, "Sergio R.-Solís" wrote:

Hi, As far as I know, CISEN is complaining about RCS success. Mainly because of CitizenLabs articles. First of all, say that they didn´t install firewall when I was there with Alex in January and they still using system without it. And I know system is working because I have answered them some support questions few weeks ago. They have two hubs (not switches, hubs) connected between them. There they connect router, Backend, Frontend and consoles. Frontend is in DMZ mode with public IP address of router assigned directly to it. It is a security suicide. They used to, I don´t know now, have RDP available in both servers all the time.

It could be possible even that they are hacked. Who knows

So, no report about hacking offensive security coming from an organization unable to set a firewall should be trusted. I know it would be. But this is just my point.

Alex warned me that people of Tomás Zerón and Neolinx would ask me for support to deal with this CISEN bad reports.

I will, as ever, do my best, but in case they request an exploit, should be answered a.s.a.p. This is not a selling work, is a trust keeping work. CISEN are not best IT people, but are really powerful.

And we are talking about a market where an NSO purchase can make lots of happy pockets because the most expensive a project is, the most you can get for yourself. In Mexico they don´t ask for quantities but for percentages.

Please, if necessary, keep Eduardo warned about this too with the info you consider necessary. He is in client time zone and it could help.

Let me know whatever needed.

Regards



-- Sergio Rodriguez-Solís y Guerrero Field Application Engineer

Hacking Team Milan Singapore Washington DC www.hackingteam.com

email: s.solis@hackingteam.com phone: +39 0229060603 mobile: +34 608662179



-- Giancarlo Russo COO Hacking Team Milan Singapore Washington DC www.hackingteam.com email: g.russo@hackingteam.com mobile: +39 3288139385 phone: +39 02 29060603







