Главная
Уведомление
Профиль
Популярные статьи
Новости
Центр авторов
Настройки
LIVE
LIVE
kaymyg
Рост
--
・
66 views
Подписаться
Перевод
#Babydogecoin now ranks 2nd on the [Binance Futures Next](https://www.binance.com/en/futures/next) voting leaderboard ousting #bittensor s $TAO
#Babydogecoin
now ranks 2nd on the
Binance Futures Next
voting leaderboard ousting
#bittensor
s $TAO
Отказ от ответственности: на платформе опубликованы материалы и мнения третьих лиц. Не является финансовой рекомендацией.
См. Правила и условия.
0
Связанные авторы
LIVE
kaymyg
@kaymyg
Подписаться
Другие публикации автора
(Shegen) #Uniswap protocol makes more in fees per day than all other protocols. Only #ethereum blockchain makes more.
--
cont'd 3. Do not trivialize unusual email requests to simply 'someone messing around with an old account on an unimportant site' even if it doesn't appear to be directly related to crypto. You should immediately be on high alert. Be careful friends. And reminder to not get complacent or lazy, use hardware wallets for larger funds, and use segregated devices for your large scale #crypto . Thankfully my hardware wallets are uncompromised, but this still did some damage, and is especially painful due to how this could've been easily avoided + it was mostly stables. Make sure to walk out of the casino when the degeneracy stops, but also make sure to not get robbed in the parking lot.
--
cont'd Update on the #hack theft and additional opsec lessons learned: I have now further confirmed the #2FA bypass attack vector was a man in the middle attack. I had received an email from Indeed job search platform informing me that they received a request to delete my account within 14 days. I was in bed at the time and was doing it from my phone via the mobile Gmail app. I hadn't used Indeed forever and don't care for it but obviously I thought it was unusual, as I didn't make such a request. Out of security precaution, I wanted to know who made such a request and wanted to check if Indeed had access logs, so I tapped it on my phone. Because I didn't use Indeed forever, I didn't remember my password so naturally I chose Sign in with Google. It took me to Indeed and I couldn't find a request log. Because I knew my old logins were already on the darkweb I figured someone must've got into my Indeed, and so I proceeded to enable 2FA. Honestly I didn't care much for Indeed even if it did get deleted, and thought it was just some small time hobby hacker messing around with an old login from some old exposed database leak. Turns out the Indeed email was a #spoofed phishing attack. The Indeed link I tapped in the Gmail app, was a scripted South Korean web link, which in turn routed me to some fake Indeed site, which captured my Sign in With Google, then routed me to the real Indeed site. They hijacked the session cookie enabling them to bypass 2FA, then accessed my Google account and abusing browser sync. Further general opsec lessons learned: 1. Mobile Gmail app will not show the sender's true email or link URLs by default, which is a big opsec flaw. Refrain from tapping mobile links in your mobile email client. 2. Refrain from using Sign In With Google or other #oAuth features. The convenience is not worth it due to ease of phishing attacks to bypass 2FA. Even if it may not be due clicking a phishing link, a regular website could be compromised at no fault of your own. The expectations of 2FA security let my guard down.
--
Layer 2 solutions in #blockchain continue without substantial advancements or new technologies, merely serving to offload transaction processing from the main chain without notable progress.
--
(lookonchain) You can still make money even like this trader if you didn’t buy the #memecoin when it was first launched! This trader spent 3,100 $SOL ($530K) to buy 12.08M #boden 2 days after $boden went online, then sold 9.08M $boden for 23,758 #SOL ($4.06M) on Apr 6 and today, realizing a profit of 20,659 $SOL($3.53M). He still holds 3M $boden, with an unrealized profit of $2.4M. (54tf7imBvZieMNNpeFGoDDkDRyGrgU6muH894wRPohCS )
--
Последние новости
Децентрализованная сеть ресурсов графических процессоров GPU.net получила финансирование в размере 5,25 миллиона долларов США в рамках серии A
--
Функции Chainlink запускаются на базе, предлагая доступ к вычислительной инфраструктуре с минимальным доверием
--
Privy представляет поддержку входа в систему с использованием паролей для повышения безопасности
--
Базовый TVL превышает 5 миллиардов долларов, TVL Ethereum восстанавливается до 42,6 миллиардов долларов
--
Адрес Whitzardflow.eth грозит ликвидацией около 106 000 токенов UNI
--
Подробнее
Популярные статьи
Эксперт наметил сроки, когда цена XRP преодолеет отметку в 1000 долларов
Crypto Breaking
Осталось 2 дня для сокращения вдвое eCash (XEC)
Kasonso-Cryptography
Binance: изменение листинга SAGA
The Cryptonomist
Вот мои 8 вариантов RWA со 100-кратным потенциалом
Crypto PM
Основатель Cardano говорит: «Отказ от удержания $ADA — это серьезный тревожный сигнал»
Bitcoinik
Подробнее
Структура веб-страницы
Cookie Preferences
Правила и условия платформы