11251
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia • Chat: t.me/+C6RfnbB33AYzNGIy
officercia.medium.com/osint-lesson-1-mind-mapping-2354987f1ac3
Читать полностью…
medium.com/illumination/unfolding-ancient-wisdom-how-ancient-stories-teach-modern-humans-about-security-and-opsec-909c5e1101f3
Читать полностью…
MongoDB is hacked 🚨⚠️
https://www.mongodb.com/alerts
My own guide: https://officercia.mirror.xyz/p1ieZdxQWH4yHCNOXNPHyT8So1cY0X_wMGKwdmavi7s
#opsec
A Ledger employee just got phished. DeFi users lost over $600k
Читать полностью…
😅😅😅
• x.com/officer_cia/status/1735348717857763696
#investigations #offtopic
Much decentralized!
• x.com/officer_cia/status/1735329852058652713
#investigations #security
Hacker also left a funny message:
• https://x.com/officer_cia/status/1735314585312190831
#security #offtopic
A brief summary:
• x.com/aegisaisecurity/status/1735298958367310275?s
#security
Please support me with any donation! Highly appreciated: https://github.com/OffcierCia/support
#offtopic
Let me briefly summarize:
If you are just a user:
Don't connect wallets to vulnerable sites. Any site (dapp) that uses compromised npm package directly OR any other package depending on compromised IS vulnerable, any site without public sources CAN BE vulnerable.
If wallet is already connected you are safe until you sign something malicious by site suggestion.
For dapps:
Check your dependency graph, if you found in the dependency chain compromised npm package, your site is vulnerable. Notify your users and fix it
If you are worried - migrate funds to another wallet.
Please RT!
• x.com/officer_cia/status/1735276914321846498?1
#security
Revoke cash and Sushi UIs compromised! Stay safe!
• x.com/officer_cia/status/1735276914321846498?1
#security #alert
officercia.medium.com/osint-lesson-3-ai-chatgpt-choosing-a-pathway-to-follow-6f582eb420a0
Читать полностью…
medium.com/coinmonks/officercia-eth-all-you-need-to-know-86cbe978c9de
Читать полностью…
Good note 👀
• https://crypto.news/north-koreas-lazarus-behind-300m-in-2023-crypto-losses
#security #lazarus
Another exploit.
• x.com/officer_cia/status/1736210976716759450
#security #alert
Please revoke approvals ASAP!
• x.com/officer_cia/status/1736023526618873961
#security #alert
Also posted on medium:
• medium.com/cyfrin/what-should-i-use-to-store-my-cryptocurrency-web3-wallet-guide-cc6a1d9291e3
Personally I suggest either KeyStone or Lattice GridPlus.
#opsec #security
Need your help!
• x.com/officer_cia/status/1735356016517108168
#security #investigations
Please support our new guide!
• x.com/officer_cia/status/1735335893454434339
#security #opsec
Total losses & investigation:
• x.com/officer_cia/status/1735324587439603967
#security #investigations
If you are worried - migrate funds to another wallet.
Please RT!
• x.com/officer_cia/status/1735276914321846498?1
#security
medium.com/coinmonks/safeguarding-your-digital-assets-as-a-web3-practitioner-the-importance-of-a-gridplus-lattice1-and-d116116b7da9
Читать полностью…
Right on time!
• https://www.cyfrin.io/blog/what-should-i-use-to-store-my-cryptocurrency-web3-wallet-guide
#security #opsec
These would be drainer addresses, under 1m$ in addresses so looks not too bad for something of this magnitude? https://twitter.com/zachxbt/status/1735292040986886648
Читать полностью…
Do not use your Ledger directly on any dapps!
• x.com/officer_cia/status/1735281681999823091?1
#security #alert
Put two of my interviews together so you can learn a little more about me.
Many attribute things to me that I have nothing to do with, so I think this point needs a separate explanation.
• medium.com/coinmonks/officercia-eth-all-you-need-to-know-86cbe978c9de
#security #offtopic
Check out this article on Private keys and how to manage them in order to stay safe:
• blockfence.io/security/private-key-risks-and-protecting-your-crypto-funds
#security #privacy
officercia.medium.com/web3-antivirus-metamask-snap-cd4ea08b1081
Читать полностью…