FTKimager unable to run and is a gear icon.
Need to use the application as a my university project but unable to run on ubuntu (latest version as at 17/11/2022, don’t remember the version).
I downloaded a compatible ftkimager from accessdata and did an extraction via terminal.
But my application is unable to run no matter how much I click on it and it’s a gear icon instead of icon that says AD.
It’s frustrating that I couldn’t find anything to resolve this issue on the internet.
Screenshots: https://imgur.com/a/EsiwovI
🗣AlienDumpling
Hey u/AlienDumpling \- FTK Imager for Linux is very different from the Windows version. The Linux version is only a command-line application, it must be run from the terminal.
Based on the screenshot you linked, it appears 'ftkimager' is in your /usr/local/bin directory, so you should just be able to run 'ftkimager' in the terminal to see the command help.
👤tobraha
🎖@malwr
Need to use the application as a my university project but unable to run on ubuntu (latest version as at 17/11/2022, don’t remember the version).
I downloaded a compatible ftkimager from accessdata and did an extraction via terminal.
But my application is unable to run no matter how much I click on it and it’s a gear icon instead of icon that says AD.
It’s frustrating that I couldn’t find anything to resolve this issue on the internet.
Screenshots: https://imgur.com/a/EsiwovI
🗣AlienDumpling
Hey u/AlienDumpling \- FTK Imager for Linux is very different from the Windows version. The Linux version is only a command-line application, it must be run from the terminal.
Based on the screenshot you linked, it appears 'ftkimager' is in your /usr/local/bin directory, so you should just be able to run 'ftkimager' in the terminal to see the command help.
👤tobraha
🎖@malwr
Imgur
Discover the magic of the internet at Imgur, a community powered entertainment destination. Lift your spirits with funny jokes, trending memes, entertaining gifs, inspiring stories, viral videos, and so much more from users.
WASP Attack on Python — Polymorphic Malware Shipping WASP Stealer; Infecting Hundreds Of Victims
🗣jnazario
🎖@malwr
🗣jnazario
🎖@malwr
Medium
WASP Attack on Python — Polymorphic Malware Shipping WASP Stealer; Infecting Hundreds Of Victims
In early November, several malicious packages were reported by Phylum and CheckPoint. We link these two reports to the same attacker with…
Vulnerability Management at Lyft: Enforcing the Cascade [Part 1](https://eng.lyft.com/vulnerability-management-at-lyft-enforcing-the-cascade-part-1-234d1561b994)
🗣jnazario
🎖@malwr
🗣jnazario
🎖@malwr
Medium
Vulnerability Management at Lyft: Enforcing the Cascade [Part 1]
Vulnerability Management at Lyft: Enforcing the Cascade - Part 1 Abstract Over the past 2 years, we’ve built a comprehensive vulnerability management program at Lyft. This blog post will focus on …
MS Office 정상 URL 위장하여 유포중인 워드문서 - MS Office normal URL disguising and distributing word document
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
ASEC BLOG
MS Office 정상 URL 위장하여 유포중인 워드문서 - ASEC BLOG
최근 워드 문서로 위장한 악성코드가 특정 경로(ex. 카카오톡 단체대화방)를 중심으로 유포되는 이슈가 공유된 바 있다. ASEC 분석팀은 추가 모니터링 과정에서, 유사 워드문서에 사용된 URL이 정상 URL과 유사성 측면에서 매우 교묘해지는 정황을 확인하여 사용자들에게 주의를 당부하고자 한다. 내부적으로 현재까지 확인된 악성 워드문서의 파일명은 다음과 같다.파일명에서 확인되는 내국인의 실명은 삭제처리( ○○○)하였는데, 외교안보 분야의 전문가인 점과 파일명도…
Reverse engineering integrity checks in Black Ops 3
🗣momo5502
It wasn't a joke when he said it took him years. I started a project in 2014 that I have not yet completed. Obviously the constraint was time and other personal matters + daily job.
👤farmdve
🎖@malwr
🗣momo5502
It wasn't a joke when he said it took him years. I started a project in 2014 that I have not yet completed. Obviously the constraint was time and other personal matters + daily job.
👤farmdve
🎖@malwr
Maurice's Blog 🐍
Reverse Engineering Integrity Checks in Black Ops 3
Call of Duty: Black Ops 3 is protected by a DRM that, among other things, protects the integrity of the game’s code at runtime.
Reverse engineering those integrity checks has been a personal goal I had for a long time.
In this post I’m going to describe my…
Reverse engineering those integrity checks has been a personal goal I had for a long time.
In this post I’m going to describe my…
👍1
Meta Quarterly Adversarial Threat Report [Q3 2022](https://about.fb.com/wp-content/uploads/2022/11/Quarterly-Adversarial-Threat-Report-Q2-2022-1.pdf)
🗣jnazario
🎖@malwr
🗣jnazario
🎖@malwr
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti
🗣digicat
🎖@malwr
🗣digicat
🎖@malwr
Trellix
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti
The recently leaked Yanluowang messages span from mid-January to September 2022 and include around 2.7K messages. However, from this relatively small dataset we have gained a valuable intel on Yanluowang threat actor, their innerworkings, victims and possible…
👍1
Security platform for tracking SOC2 compliance
Hey all,
I'm sharing my project on Github called Gapps. Gapps is a platform to help track/implement SOC2 controls for your organization. It ships with over 200+ controls and 25+ policies.
I created this tool because:
1. I found the SOC2 readiness "process" confusing, compared to other frameworks.
2. I'm not aware of a open-source compliance platform so hopefully people contribute and we can build one. The end goal is to support other frameworks.
Here is the link to the video and the Github link.
Upcoming improvements:
1. Add other frameworks such as NIST CSF, HIPAA, CMMC, CIS CSC, etc.
2. Collection windows and reminders
3. Add documentation for using Gapps "agent" - Mac/Nix/Windows agent that asserts compliance for endpoints (helps with a number of SOC2 controls)
Would be great if others contributed - there are a ton of features that I'd like to add. Feel free to submit issues and/or PM me with questions.
🗣skywalker_1391
Where were you able to find all the controls?
👤aflyingpotatoe
Hi just a heads up on licensing, from the Creative Commons FAQ: https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software
>We recommend against using Creative Commons licenses for software. Instead, we strongly encourage you to use one of the very good software licenses which are already available. We recommend considering licenses listed as free by the Free Software Foundation and listed as “open source” by the Open Source Initiative.
>
>Unlike software-specific licenses, CC licenses do not contain specific terms about the distribution of source code, which is often important to ensuring the free reuse and modifiability of software. Many software licenses also address patent rights, which are important to software but may not be applicable to other copyrightable works.
>
>Additionally, our licenses are currently not compatible with the major software licenses, so it would be difficult to integrate CC-licensed work with other free software. Existing software licenses were designed specifically for use with software and offer a similar set of rights to the Creative Commons licenses.
Since you chose CC-BY-NC-ND license you should probably stick with "source available" software licenses or something like Prosperity Public License (A non-commercial software license), Business Source License (Recently adopted by LightBend / Akka and other big projects), or Fair Source License
There are also some Copy-far-left or Copyfair Licenses that could be appealing to you as similar to CC-BY-NC-ND: https://github.com/LibreCybernetics/awesome-copyfarleft
👤fabianhjr
Do HITRUST next. I use field guide and am not a huge fan. Plenty of pop there
👤bloopscooppoop
🎖@malwr
Hey all,
I'm sharing my project on Github called Gapps. Gapps is a platform to help track/implement SOC2 controls for your organization. It ships with over 200+ controls and 25+ policies.
I created this tool because:
1. I found the SOC2 readiness "process" confusing, compared to other frameworks.
2. I'm not aware of a open-source compliance platform so hopefully people contribute and we can build one. The end goal is to support other frameworks.
Here is the link to the video and the Github link.
Upcoming improvements:
1. Add other frameworks such as NIST CSF, HIPAA, CMMC, CIS CSC, etc.
2. Collection windows and reminders
3. Add documentation for using Gapps "agent" - Mac/Nix/Windows agent that asserts compliance for endpoints (helps with a number of SOC2 controls)
Would be great if others contributed - there are a ton of features that I'd like to add. Feel free to submit issues and/or PM me with questions.
🗣skywalker_1391
Where were you able to find all the controls?
👤aflyingpotatoe
Hi just a heads up on licensing, from the Creative Commons FAQ: https://creativecommons.org/faq/#can-i-apply-a-creative-commons-license-to-software
>We recommend against using Creative Commons licenses for software. Instead, we strongly encourage you to use one of the very good software licenses which are already available. We recommend considering licenses listed as free by the Free Software Foundation and listed as “open source” by the Open Source Initiative.
>
>Unlike software-specific licenses, CC licenses do not contain specific terms about the distribution of source code, which is often important to ensuring the free reuse and modifiability of software. Many software licenses also address patent rights, which are important to software but may not be applicable to other copyrightable works.
>
>Additionally, our licenses are currently not compatible with the major software licenses, so it would be difficult to integrate CC-licensed work with other free software. Existing software licenses were designed specifically for use with software and offer a similar set of rights to the Creative Commons licenses.
Since you chose CC-BY-NC-ND license you should probably stick with "source available" software licenses or something like Prosperity Public License (A non-commercial software license), Business Source License (Recently adopted by LightBend / Akka and other big projects), or Fair Source License
There are also some Copy-far-left or Copyfair Licenses that could be appealing to you as similar to CC-BY-NC-ND: https://github.com/LibreCybernetics/awesome-copyfarleft
👤fabianhjr
Do HITRUST next. I use field guide and am not a huge fan. Plenty of pop there
👤bloopscooppoop
🎖@malwr
GitHub
GitHub - bmarsh9/gapps: Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI…
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking - bmarsh9/gapps
🔥1