11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Please read this fantastic essay, to which I contributed a few of tips.
TLDR: In 2024, an audio or even video stream of a person is no longer a secure way of authenticating who they are.
This raises the question: what is?
• https://vitalik.eth.limo/general/2024/02/09/securityquestions.html
#security #AI #OpSec #privacy
Since I've been blogging for about three years (OMG!!!), I've covered a wide range of topics, such as audits, OSINT, and OpSec…
However, I'd want to know what kinds of articles you would like to see from me. Please share your thoughts below this post:
• x.com/officer_cia/status/1767265053353353308
Shall I write more selections or articles? I value your opinions much and will review each response. Thank you!
#offtopic
officercia.mirror.xyz/z7UhL4a_R5L0iPiAufCx7OXC24-onnNg92RzcwPP1VQ
Читать полностью…
officercia.medium.com/recovering-funds-with-hackedwalletrecovery-tool-92a9378da792?1
Читать полностью…
Oldie but goodie ❤️
• https://officercia.mirror.xyz/CLsdsEZMDxLA8el7Reo7RLqyvXtxxsqP8Mmqm5J8jcc
#security #OpSec #privacy
Hey! Thought I would ask everyone to check out the Safe Harbour constitution before the RFC period ends. This Friday's as good a time as any, and it will be under RFC until the 15th.
For those that don't know, Safe Harbour is a framework put together by the SEAL team & many others to offer legal protection to whitehats who aid in the recovery of assets during an active exploit: https://github.com/security-alliance/safe-harbor.
Finding all contracts in a given chain that have the `_authorizeUpgrade` function without any modifier or require takes only a second 🚀
Check out: glide.r.xyz
#security #audit #bugbounty
FYI on topic! (Data from walletcompare.xyz): medium.com/coinmonks/the-only-safe-way-to-store-crypto-e188bb58afd7
Читать полностью…
GM! Tried to show differences between the crowd-sourced bounty (sort of more “left” attitude) and H1-style bounty (more “right” or “classic” attitude):
• x.com/officer_cia/status/1765722718131949977
IMO perfectly fits the present topic! Please share!
#audit #bugbounty #web3
Memo to those who have lost their funds.
• x.com/officer_cia/status/1764609348796338461
#investigations #aml #OSINT
officercia.mirror.xyz/Ripe-IgX8xhZtsA4yyFynCTFpJwis5tuF1M5uIUlMcA
Читать полностью…
Please follow me on Farcaster!
Would be very happy to make friends on Farcaster app! To clarify, I'm not leaving X, just - trying something new for me.
• My page: warpcast.com/officercia
• My invite link: warpcast.com/~/invite-page/234817?id=1c73e532
#offtopic
If you're in Denver - join us tomorrow for a bug-free happy hour.
For more details tap here 🥃
officercia.mirror.xyz/z7UhL4a_R5L0iPiAufCx7OXC24-onnNg92RzcwPP1VQ
Читать полностью…
Attention! Join Remedy team TODAY at 6 p.m. CET to learn how Remedy plans to propel Web3 security into the f***ing stratosphere by empowering blockchains, projects and ethical hunters with its visionary tech.
Thank you for attention!
• x.com/xyz_remedy/status/1763112285097115758
#security #privacy
Today we are finding all contracts in a given chain that have _burn function "mistakenly" set as public without any modifiers or requirements, allowing unrestricted access:
• x.com/tpiliposian/status/1767183891926855944
Check out: glide.r.xyz
#security #audit #bugbounty
Please join my chat!
• t.me/+AaDR8gI2pjlkYjli
#community
GM! Just updated my old guide! Repository link below.
• x.com/officer_cia/status/1767055503530582331
#DeFi #development
After almost 4 years since I made my blog they are finally starting to learn OSINT.
🤷♂️🤷♂️🤷♂️
• www.cia.gov/static/9d89dd9a4fe41b63cfab00c5191a8803/IC-OSINT-Strategy.pdf
#offtopic #OSINT
Spring came early this year…
• x.com/officer_cia/status/1766430356641566831
#security #offtopic
Hey all - sorry to self-promote, but think a lot of you might enjoy this.
Built a huge ARG murder mystery with 10 ETH as a reward. A lot of work, but hugely satisfying, with ever more complicated puzzles. People are loving it (just not that many of them yet)
Launched yesterday... https://findmykiller.xyz
🧙♂️ $1,572,378 left WOOFi Exploiter 1 and 2 towards the address:
0xe874ae1a218c1a0d9983c908b587f029278b1c69 and 0x9961190b258897bca7a12b8f37f415e689d281c4 where they were transferred to the Ethereum mainnet using StargateFinance.
🔓The next destination was the address: 0xecb11a8180544228bedf38c5eb6c27729571ea3e
💰$6.9m still remain on WooFi Exploiter 2: 0xb59d04d9957c9e266dff5c4173d4d2324eb029ad
Resources used: AMLbot Pro: x.com/amlbothq/status/1765786379777134852
#investigations #aml #OSINT
GM fam! I need volunteers to translate the DeFi Roadmap!
• x.com/officer_cia/status/1765732704748818676?s=20
It will be wonderful to see you all! Open a PR, add a translation, and leave your donation address above! Link below.
#DeFi #offtopic
officercia.medium.com/bitcoin-the-ultimate-opsec-collection-22fe8402b71c
Читать полностью…
If you didn't catch our presentation during ETHDenver - don't worry 💥
You can still check out our slides here. This presentation is a comprehensive overview of Glider, but you'll also find a link to a technical demo video. Most importantly, you'll find how YOU can benefit from Glider.
By prioritizing OpSec and thoroughly assessing the security aspects of an Airbnb or Booking rental, individuals can create a safe and secure environment for their crypto-related activities, ensuring peace of mind and protecting themselves from potential threats!
• x.com/officer_cia/status/1764256038402867359
#OpSec #security #privacy
Hey all!
Super excited to launch Glider, the very first Solidity query engine.
Glider lets you probe every smart contract deployed across all integrated EVM blockchains for vulnerabilities on scale and in real time in a matter of seconds.
We’ve demoed it to a few good friends in the space and have received raving reviews.
There's a bit of learning curve to it. But that's only because it's so powerful. To be expected from a tool that took 18 months to develop, and we still on early alpha. The best part is that it's free!
Right now, Glider only lets you query contracts on Kovan (for obvious security reasons). To get access to the Ethereum mainnet, you'll need to contribute queries.
You'll find the docы here, we write and update those each day. We also created a groupchat to help early users write queries and fix the occasional bugs.
Our end game is to build a product that you love. The thing is we can't do that without you.
And so! Send us your thoughts, comments, suggestions and everything in between and we'll make sure to address each and every one of them to bring you the best version of Glider.
Another important note for my followers: x.com/officer_cia/status/1763564590158266604
#security #privacy #offtopic
In today’s article, I’d want to draw your attention to 30 of my most time-consuming articles, which I feel to be my best! Enjoy!
• x.com/officer_cia/status/1763247556098654645
#security #privacy
New AMA has been posted FYI fam!
• x.com/pablosabbatella/status/1761074185386729729
#security #ama