This 2010 NSA presentation describes Project Camberdada, an attempt to subvert popular antivirus software by means of surveilling email traffic: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This undated NSA SIGINT presentation describes nine varieties of QUANTUM malware attack, their operational status and success in the field: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
This document, produced by the NSA and the US military’s Joint Functional Component Command – Network Wardare, provides a briefing on, and classification guide to, the highly sensitive group of “core computer network operations secrets” codenamed SENTRY EAGLE: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2014.
This internal NSA briefing document from 19 April 2014 supplies background information for a Strategic Planning Meeting with senior BND officers to discuss future collaboration between Germany and the US: see the Der Spiegel article Spying Together: Germany’s Deep Cooperation with the NSA, 18 June 2014.
This presentation from the 2010 SIGDEV Conference describes the contribution made by GCHQ to the development of Quantum techniques: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
This page from the NSA intranet dated July 2011 supplies advice from the NSA Offices of General Counsel (OGC) and Oversight and Compliance (NOC) on the admissibility of targeting strategies against the users of popular websites (including WikLeaks and the Pirate Bay): see the Intercept article Snowden Documents Reveal Covert Surveillance and Pressure Tactics Aimed at WikiLeaks and Its Supporters, 18 February 2014.