The 27,000 E-mail from HBGary head Greg Hoglund, along with 44,000 other company E-mails. have been released and can be found on various servers and can be found via Anonymous' Twitter feeds.
I jumped to a random set and the second E-mail I found included a .pdf titled EXPLOITATION ASSESSMENT USING HBGARY’S RECON TECHNOLOGY
This presentation showed potential clients the benefits of using the Recon software to exploit vulnerabilities in computers and programs used by the clients targets.
From the E-mail Greg Hoglund sent :
Just a backgrounder: we are publishing this to show how Responder/REcon can be used for general purpose reverse engineering, not just for malware - more specifically how it can be used to find exploits and vulnerabilities in closed source binaries / COTS products. I probably don't have to remind you that a solid working exploit can be sold for five-six figures in the black market, so it's heavy stuff. This work is being performed as a direct result of Microsoft being a big customer of our Responder PRO product and they specifically use it for vulnerability auditing their own code. That is why our two test cases are high profile exploits against windows / IE.
EXPLOITATION ASSESSMENT USING HBGARY’S RECON TECHNOLOGY
Software exploitation remains a dominant security problem for the Enterprise. Data security breaches have enormous costs. There are billions of lines of code represented within the average Enterprise, most of it third party. Software assurance practices, while getting better, are still not able to fully address code exploitation. Multiple sources, including Gartner, the National Institute of Standards and Technology, and the U.S. Air Force, all indicate a sharp rise in data security breaches facilitated by software exploits that target applications within the Enterprise [REF ‘A CISO’s Guide to Application Security’ - CIO Solutions Group, Fortify]. A significant amount of software is written in languages that are prone to buffer overflows and parsing bugs. Outsourced development has high incidents of exploitable conditions, indicating a lack of security acceptance testing. Most importantly, a significant number of exploitable bugs are simple to fix, indicating a general lack of secure coding practices within the industry [REF veracode state of security report]. This whitepaper introduces HBGary’s REcon technology and runtime tracing methods that can be used to identify several major categories of exploitable bug in closed source, COTS, and 3rd party software components
This seems to indicate HBGary was considering showing clients how they could make a bundle on the Black Market selling software to damage or infiltrate computer systems (they probably wanted to keep their own hands clean).