11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Join us in 5 minutes for Twitter spaces on Cross Chain Communication with Hexens, Sei, Tokemak, Union and Fuel.
Читать полностью…
Set your reminders!
• https://twitter.com/i/spaces/1RDxlyplOzqKL
#lecture #opsec
Key takeaways:
1. This type of virus is called RAT (Remote Access Trojan).
2. The infection occurs through the installation of a fake application. To do this, you need to at least click on the fake link and download the application.
3. There is no indication that Apple devices are vulnerable to this attack other than a screenshot provided by the company.
4. All known victims were using Android.
5. It's basically just a RAT with increased functionality. Nothing new there.
Source: x.com/the_smart_ape/status/1833437549643370795
I'll look forward to more info! It's strange that the article mentions Group-IB, although they have long been renamed to F.A.C.C.T..
Anyway, turn on lockdown on your iPhone, don't download random stuff and keep your phrase as intended - on a piece of paper!
My answer: x.com/officer_cia/status/1833592697137074582
Stay safe!
#opsec #security #android
Announcing the lecture series!
• https://x.com/officer_cia/status/1833364140691247523
Schedule to be posted ASAP*
#offtopic
Join us this Thursday (September 12th) for an insightful X spaces with Tokemak, Fuel and Union to learn more about cross-chain communication.
Set Your Reminders!
Interesting 🌚
officercia.mirror.xyz/1XgiSTo2QKTi2bow7B6IF3nTB9K-_k4eBBl79sqmZFs
officercia.mirror.xyz/1XgiSTo2QKTi2bow7B6IF3nTB9K-_k4eBBl79sqmZFs
Читать полностью…
- Officer, I'm unsubscribing from you because you're a Russian pig.
- Yes, please do. No one's forcing you here.
- Officer, you're engaging in Russian poopaganda!
- I am not. I don't do politics at all.
- Officer, you're not westernized enough!
- I don't see the downside.
Period.
Uhm… My XMR address (in case someone wanted to tip me):
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds
:( Down bad.
• https://x.com/tier10k/status/1831864963704746356?s=46
#security #privacy
Following our interview with @0xkasper we opened the floor for some follow up questions. Here’s Kasper’s advice and perspective on how you can leverage a non-technical background when you’re just starting your auditing career. EXTREMELY helpful 👆 Head over to our Discord to read the full interview!
Читать полностью…
officercia.mirror.xyz/p1ieZdxQWH4yHCNOXNPHyT8So1cY0X_wMGKwdmavi7s
Читать полностью…
Guia Opsec para usuários crypto! 🇧🇷
• https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap/blob/main/TranslationsOpSec/Portuguese.md
#security #opsec
We interviewed @0xkasper and asked him 6 very important questions - from how he would coach a junior auditor in 6 weeks to win a $1mil, to how to avoid burnout in this field.
Head over to our Discord to read the full interview and some valuable advice 🫡 Remember to pass the verification process to get full access!
🧢 Coming back with another Glider Q&A - this week we share valuable resources to help you master Glider 🧢
1. First things first - official Glider Docs
2. After that, the most up to date and comprehensive learning resources for Glider you can find on our Discord in #Glider and #Glider-Resources channels. Join now and remember to get verified (✅) to get access.
3. Also a great resource - this video review by @Owen Thurm
▶"How to Get Bug Bounties at Scale"
4. Another great video review by @JohnnyTime
▶ "This Web3 Security Tool Transform a $1,000 to a $1,000,000 Bounty"
5. This library that provides helper functions for Gliders wanting to write glide queries.
Check this thread for more and remember to follow Remedy on X / Twitter as we regularly share a lot of technical and valuable content (complete with real life examples) to help you master Glider.🫡
Currently someone is withdrawing tokens and swapping for ETH.
Multiple addresses drained, but not all tokens drained. Looks strange. Anyone knows what is happening?
16 million $ gone so far!
Thread: https://x.com/officer_cia/status/1833626322226319624?s=46
#security #alert
🚨 Ready to Hunt Bugs on Ethereum Mainnet? 🚨
Join us TODAY at 4:30 PM CET for an exclusive R.xyz Livestream!
Watch our expert team in action as they showcase mastering Glider. We’ll show you how to craft powerful Glides and catch vulnerabilities live on Ethereum Mainnet.
Don’t miss this chance to level up your skills and witness real-time exploits in Web3. Join our Discord for event details!
iPhone Crypto Safety Checklist ⬇️
• https://x.com/officer_cia/status/1833597754914050538?12
#opsec #security #ios
https://docs.google.com/spreadsheets/d/1-UlA4-tslROBDS9IqHalWVztqZo7uxlCeKPQ-8uoFOU/edit#gid=0
Читать полностью…
Some of the useful tools from my list:
-Fork checker
https://forkchecker.hashex.org/
-Diff between chains
https://www.evmdiff.com
Github:
-Search across a half million git repos
https://grep.app/
https://sourcegraph.com
CLI:
https://book.getfoundry.sh/reference/cast/cast
ABI:
https://openchain.xyz/tools/abi
https://emn178.github.io/online-tools/keccak_256.html
https://www.4byte.directory/
Code viewers:
deth.net
https://bytegraph.xyz/
github1s.com (github.com->github1s.com) allows to read GitHub repos in a better view
More:
https://telegra.ph/Rare-Tools-For-Audits-03-25
https://mirror.xyz/leosagan.eth/eF4m7u3DlWhqvUqz6DiZ_YevcWViCWPxO-JYfsJiulM
Читать полностью…
Recently updated FYI fam:
• github.com/OffcierCia/On-Chain-Investigations-Tools-List
#investigations #security
A crucial note for anyone who are confused about why I changed my nickname and other details: t.me/officer_cia/2627
It's the only thing I can do, in my opinion, to defend myself against such things and ongoing threats.
I've experienced horrible things over the past year, like being bullied and falsely accused of things I didn't commit while undergoing treatment for a brain tumor that has left me unable to even browse through Twitter for three months. That's okay, though.
Next level scam sh*t 😅
• https://x.com/officer_cia/status/1831887891011924230
I now have great doubts about the level of experts from the UN (if of course it is a real account that was naturally hacked)!
#scam
🚨 We have a SURPRISE for the best community! 🚨
We’ve hit an incredible milestone of 1,000+ members in our community, and we’re celebrating in a BIG way!
🎉 To thank you, we’re giving you an exclusive, first-ever chance to see Glider in action like never before.
From now until Monday, submit your most intriguing vulnerabilities on our Discord, and our team will select the top ones to create live Glides (queries) on the ETH Mainnet during a LIVESTREAM on Tuesday, Sept 10th.
This isn’t just another event; it’s a rare learning experience to witness Glider’s revolutionary power firsthand, engage with our experts, and sharpen your Glide-writing skills.
Don’t miss out on this!
LFG 🚀
27 million $ (expected to be more) is stolen. Affected tokens are $wstETH, $sUSDe,$rswETH.
More in my thread: https://x.com/officer_cia/status/1831050740321968133?s=46
#security #web3
TOKEN2049 Events List (initially compiled by @kirbycrypto ) ⬇️
• https://x.com/xyz_remedy/status/1830611037793448149?s=46
#offtopic
Choosing a reliable VPN ⬇️
• https://x.com/officer_cia/status/1830089891998282086
#security #vpn
Never ever download random stuff from the internet, fam!
• https://beincrypto.com/new-malware-steals-crypto-macos/
#macos #security #opsec
Kenny Paterson has a talk about Telegram's crypto, very interesting and entertaining https://www.youtube.com/watch?v=I2zbwvc9I2o
#security #privacy