11251
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia • Chat: t.me/+C6RfnbB33AYzNGIy
Please join my chat!
• t.me/+AaDR8gI2pjlkYjli
#offtopic
medium.com/coinmonks/25-tips-for-solidity-code-auditors-d5f9796079c8
Читать полностью…
Event postponed for Monday!
• https://discord.gg/SbuwaYsK?event=1184246496409944095
#offtopic #OSINT
Collected everything here: https://x.com/officer_cia/status/1742939031615221914
There is an awesome tool by Koda, also from AMLbot team…
You can win from 10.000$ up to 10 BTC in these CTFs.
For example, here: x.com/hexensio/status/1747280878584172934
Here: x.com/kraboxy/status/1747273732438319451 (10 BTC!)
And even here: x.com/spiral_dao/status/1747629407924027567
May the Force be with you fam!
#fyi #CTF
Btw posted unique articles to my Substack https://officercia.substack.com check them out!
#OSINT #web3 #OpSec
Hacker swipes $3.3m from Bungee crypto bridge users by exploiting contract bug
Читать полностью…
I look at all of these projects that are receiving hundreds of thousands of dollars in grants despite not being in trouble...
And guess what? I have not received a single grant for my work, with the exception of a minor Lego (Lido) grant.
As for the “popular platforms”, for the remainder, I was either not approved or the site returned 404, and I did not receive a response to my personal messages.
Classic. Someone seems to not understand the humour behind my nickname 😅
• https://officercia.mirror.xyz/O4xnvBTe54YhZZKQkKyuSGeyS4mzPlElDgbQbneMVwg
#offtopic
Crypto OpSec SelfGuard RoadMap
A very detailed and in-depth guide dedicated to solving 25 personal safety problems on the Internet by /channel/officer_cia (https://officercia.substack.com/). A massive work with references to more different sources.
https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
#cybersecurity #privacy
Someone dropped a master thesis on private key vulnerabilities on browser wallets https://www.researchgate.net/publication/377397278_Private_Key_Vulnerabilities_in_Browser_Wallets
Читать полностью…
Set up a reminder fam!
• x.com/opensensepw/status/1746626009972048064
#security #OSINT
I welcome any questions you may have; Please ask them below! Stay safe!
• x.com/officer_cia/status/1746491753320906990
#offtopic #ama
Information regarding the attack/stolen funds flow: https://x.com/officer_cia/status/1745894698982482117
#security #web3
officercia.medium.com/osint-lesson-2-occams-razor-intuition-d1b62339e5d5
Читать полностью…
officercia.medium.com/exploring-the-potential-for-life-in-the-internet-and-blockchain-a01051bb9913
Читать полностью…
medium.com/coinmonks/crypto-opsec-self-guard-6efc632ac355
Читать полностью…
Was also planning to talk how one can use OSINT for a due diligence.
For example, to spot who follows whom on Twitter (to predict and take the well-weighted decision), or to find information about founders / team / project
• telegra.ph/How-I-found-early-Solana-ecosystem-Developers-using-OSINT-tactics-01-04
You can use:
• tweetscout.io/search?q=officer_cia
• @TwttrToTG_Bot
Besides, you can also work as an HR specialist! I do love sourcing.games + jobprotocol.com ideas.
That’s tldr. Rare stuff on Monday.
#offtopic
Security expert @farm42 discusses the most secure methods for storing cryptocurrencies, including Bitcoin, Monero, ERC20 tokens, and DOGE… - Medium
Читать полностью…
By the way, I've uploaded my previously unpublished writings to my Substack account if you'd want to read anything new. Kindly give them a look!
• x.com/officer_cia/status/1747870199007563901
To be clear, my intention is not to leave X/TG/Medium/Mirror; rather, I would like to attempt reaching out to a previously unknown audience.
#offtopic
Please join my chat!
• t.me/+AaDR8gI2pjlkYjli
#offtopic
Hello folks! 👋
🚨We have some BIG news!!!! 🚨
Hexens is upping the stake on its commitment to blue-ribbon security reviews by announcing a $10,000 white-hat appreciation award for the responsible disclosure of critical vulnerabilities in code it formerly audited.
Here is the Criteria 👀
To set the record straight and avoid further confusion, all bug reports must be aligned with the following rules to be eligible for a white-hat appreciation award.
- The critical vulnerability, defined as a vulnerability conducive to a major loss or permanent freeze of funds, must be identified in the same scope as the Hexens audit.
- The scope must be listed as a bug bounty program on a bug bounty platform or the project domain.
- The report must be confirmed to be valid by the project and cannot be a duplicate of a former report.
- The bug bounty report must be submitted on January 1, 2024 or later.
- Hexens must receive a copy of the report and the proof of concept (PoC).
- Hexens must recognize the bug as critical.
- The security researcher must agree to submit to a Know Your Customer (KYC) check.
- The project must be active at the time of submission of the report. For the avoidance of doubt, a project is defined as active when its main functionality is operational and no official statements announcing a freeze on its activities have been issued.
- The total value locked (TVL) of the project’s assets must equal or exceed $20,000.
- The project payout for the bug bounty must be no less than $20,000.
This is Hexens' Forever Commitment to Clients and Ethical Hackers
🚀Read this blog post for more information and let us know what you think! 🚀
https://hexens.io/blog/white-hat-appreciation-award
Hack ongoing on bungee!
Revoke approvals from this contract: 0x3a23f943181408eac424116af7b7790c94cb97a5
• x.com/officer_cia/status/1747343425270140982
#alert #web3 #security
This video is from last year, but I never tyre of rewatching it again and again! It's extremely informative…
A police officer can be seen "working" behind the suspect's computer in this body-cam footage. Then he pulls out a USB memory stick and wipes everything out as the data begins to self-destruct.
That is why, knowing OpSec is just as vital as knowing your rights!
• x.com/officer_cia/status/1747308597107634680
#security #OpSec #privacy
Thank you! 🙏 Please follow my blog!
• x.com/officer_cia/status/1746876034870300883
#offtopic
officercia.medium.com/osint-lesson-3-ai-chatgpt-choosing-a-pathway-to-follow-6f582eb420a0
Читать полностью…
medium.com/coinmonks/officercia-eth-all-you-need-to-know-86cbe978c9de
Читать полностью…
medium.com/illumination/unfolding-ancient-wisdom-how-ancient-stories-teach-modern-humans-about-security-and-opsec-909c5e1101f3
Читать полностью…
Another day, another exploit…
• twitter.com/spreekaway/status/1745892488127070270
#security #alert
A little reminder: in the history of my blog, I've only received 1 grant from Lego (6k$) and participated a couple times on GitCoin (until I got banned there - got 2-3 k$ in total) and I'm glad I'm maintaining my independence. Was not able to sing up for Optimism grants - system showed 404.
All my income is controlled by myself and I check the companies I work with very carefully.
And btw this tweet states that this industry is not just sick but actually dead: https://x.com/jeyffre/status/1745708264229318764
Additionally, this suspicious activity with Grants definitely deserves investigation.
#offtopic
Tokenomics simulators:
• cadcad.org
• tecommons.org
• machinations.io
• gauntlet.network
Transaction simulators:
• github.com/EnsoFinance/transaction-simulator/#enso-transaction--simulator-
• phalcon.xyz
• tenderly.co
More tools: github.com/OffcierCia/On-Chain-Investigations-Tools-List
#offtopic