11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Researchers introduce a new benchmark for smart contract tools 🔍:
- 389 labeled smart contracts;
- 20,000 real-world unique cases:
- Rigorous ISO/IEC 25010-based evaluation criteria.
Here’s how it works and what it means for smart contract security: x.com/xyz_remedy/status/1862179704435794232
P.S. Don’t forget to use glide.r.xyz 👀
#security #audit #web3
officercia.mirror.xyz/ye7je7tkuy5nEF7oxHiqyfPI48SBKYckkhW1uTqafpo
Читать полностью…
GE! Let’s try to convince an LLM to give you its funds 😅
• https://www.freysa.ai/
• https://x.com/officer_cia/status/1861942800788427025
#ai #bounty
https://officercia.mirror.xyz/7YWvHiZXkTXiOE0m-M-Vn6ucN-1xoqRZiEy9IFUYcu0
Читать полностью…
Now, in order to buy an anonymous number for telegram, you have to pass passport verification (KYC), and also specify your phone number!
• x.com/officer_cia/status/1861483205586469030
Sounds like a joke but no. It's real...
#telegram #privacy
⚡ LATEST: New Satoshi theory suggests it’s been the "2010 megawhale" all along
Researchers have pitched a new theory about Satoshi Nakamoto — that the #Bitcoin creator never went dormant and has been strategically cashing out from early Bitcoin wallets since 2019.
👉 Read More
officercia.mirror.xyz/n-sXszeDoNU3wtUUxRQEYvxQlZ6loaFElILzm2gnMzw
Читать полностью…
Many popular media publications ignore this investigation, which I believe is the most accurate one…
#investigation #bitcoin
Dear friends, I need your support very much! The best thing is to support me directly by donating to any address from the list below (Ethereum, Bitcoin, Tron & Solana)!0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A - Ethereum;17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - Bitcoin;TYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - Tron;BLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB - Solana.
You can also support me by minting one of my Mirror articles NFTs or just DM me for a clean address!
Thank you very much!
Ready to elevate your Web3 bug bounty game? In this video, we’re diving into the Top 5 Tools for Web3 Security Researchers that every hacker and developer should know ⬇️
• https://youtu.be/zS9e8uIq_go?si=ZupuI6Y2pIZz1go-
• https://x.com/officer_cia/status/1859994004265554393?s=46
#audit #web3 #security
I'm not going to leave X... but if you're more comfortable, here's my bluesky account.
• https://bsky.app/profile/officercia.bsky.social
Anime and furry fans, subscribe to me! 😅
#offtopic #bluesky
GM fam! Please like my reply (I want Elon to reply lol): x.com/officer_cia/status/1859217874512125973
#offtopic #rocket
My own article about Patoshi/Satoshi can be found here:
Link: officercia.mirror.xyz/ojiGstsxl2GKOsmWBGoqaNbWUIN6J8PzSXJXXDfCE0A
#bitcoin #offtopic
Please like & share!
• x.com/officer_cia/status/1858246187645649138?12
#defi #web3
So, this is the moment of the year for us as the red guild, we have done a lot of work in these past weeks, in order to get to this moment, and I'm going to show you all what have we been up to.
But first, if you're in devcon, go by our booth, S103, next to OpenZeppelin's, where we have some interactive experiences. And you should book 4pm Wednesday 13th (Classroom B), "Don't get rekt4" a threat detection workshop (extended from what you've seen at DSS), which includes a hands on practice.
A SEAL security frameworks talk the 14th 4.10 PM (Stage 2).
And then, we have https://card.theredguild.org/ where you can generate your own password cards, get one printed at our booth along with some stickers. We have a devsecops field guide for our workshop called DevSecOops https://devsecoops.theredguild.org/.
Interactive stuff we got for you two fun things to play with, first a ctf, from our rektgames, https://therektgames.com/, where you can register and play now (already 80 registered) at https://ctf.therektgames.com/, and also a phishing dojo where we put your awareness skills to test by quizzing you in 15 real case scenarios at https://phishing.therektgames.com/.
Any feedback is welcome! And we hope you like this :), we've worked so hard with @tnch !
Congrats! 🥂
• https://x.com/jarrodwattsdev/status/1862299845710757980?s=46
#ai
ladies and gentleman, today I'm sharing with you a research on the CRYPTOLOVE traffer team.
A joint collaboration between RussianPanda9xx and g0njxa
This organized team of scammers have already stolen more than $2.5 million in cryptocurrencies after two years of operation, some of this scam methods may be familiar to you. Thanks for your time and sharing is appreciated
https://trac-labs.com/hearts-stolen-wallets-emptied-insights-into-cryptolove-traffers-team-3f65e84ccebe
Also a friendly reminder to pass those 2 amazing tests:
• https://phishing.therektgames.com/
• https://x.com/AlexanyanWolf/status/1861334793109340532
#security #privacy
In 2022 alone, cross-chain bridge attacks caused losses of $2 billion...
- 31 analyzed bridge attacks (2021–2023)
- 10 distinct attack types with code examples
- 12 vulnerabilities attackers exploit
Let’s dive in: x.com/xyz_remedy/status/1861817504026210380?1
#security #bridge
Almost 6,000 people have signed up for my newsletter on Mirror! Thank you so much to all of you!
• officercia.mirror.xyz
Together strong 💪
#offtopic
🫡🫡🫡
• https://cointelegraph.com/news/new-satoshi-nakamoto-theory-points-to-2010-megawhale
#bitcoin #investigation #analysis
$2.91M lost - solana user copied wrong CEX deposit address from tx history.
Learn about address poisoning beforehand!!! Forewarned is forearmed. Read more about this attack type below ⬇️
TL;DR: Use an address book & always double-check!!!
• x.com/officer_cia/status/1860923851539988839?12
#security #opsec
Dear friends, you can order an OpSec audit from me for you and your team/project.
I can conduct a series of trainings with you and your team, develop project-specific OpSec guidelines and answer all your questions.
This is about my personalized services. I do not do it on behalf of the company. Thank you! 🙏
Price is negotiated separately, depends on occupancy and number of days. You can count on 3-5 thousand dollars for everything (provided that there will not be any particularly costly cases).
• Can you share more information on the services included specifically?
• Mainly from potential dangers that may be encountered in Web3. Mainly OpSec, in particular, wallet security, social networks, multisig. In other words, everything that fits under OpSec including also workplace setup and basic security guideline including physical security. These includes lectures for team, personal consultations, creation of project-specific guidelines. Typical duration - 1-2 weeks, depends on complexity.
DM: @farm42
#opsec #security
A few hours ago wallets tied to crypto influencer JRNY saw ~$4M worth of crypto assets suspiciously transferred and sold indicating a potential private key compromise. - @investigations
• https://x.com/officer_cia/status/1860002063335457212?s=46
#hack #security
officercia.mirror.xyz/p1ieZdxQWH4yHCNOXNPHyT8So1cY0X_wMGKwdmavi7s
Читать полностью…
officercia.mirror.xyz/x91hTIDFrAL0lgqICRgWU7fLouuCMgvopQ9ZRvRXCLg
Читать полностью…
Awesome On-Chain Investigations HandBook 2.0
• https://officercia.mirror.xyz/pz1wGZmA06MHrl5HdKgSretf1Uw5H5e2YzeEBf3Tihs
#web3 #analysis
Spotted an amazing story by @BTCparser1 check this out fam:
• x.com/officer_cia/status/1858442198955524335
• t.me/BTCparser1/15659
#bitcoin #offtopic
OpSec risks are now one of the major problems.
4 key tips:
• Use multisig, with timelock and guardians;
• Setup onchain monitoring and practice incident response;
• Hire careful and be ready for spear phishing;
• Use separate laptops.
- x.com/_iphelix/status/1855855006219690233
#security #web3
The first video of our bug bounties series is up 🫡
- what is a bug bounty
- steps to get started as a beginner in bug bounties
- essential tools and resources to help you succeed
Here’s the full video: https://youtu.be/XGi4eZDejpY?si=WkDKB4Vo45HBdivw
#audit #bugbounty #web3