JessicaMW

Finished the Senior track! thank you @LearnWeb3DAO so much for this! #100DaysOfCode #Web3

JUST IN: BlackRock & Fidelity now hold 134,358 $BTC worth over $5.7 billion for their spot #Bitcoin ETFs.

🚨Urgent🚨 Dear KyberSwap Elastic Users, We regret to inform you that KyberSwap Elastic has experienced a security incident. As a precautionary measure, we strongly advise all users to promptly withdraw their funds. Our team is diligently investigating the situation, and we commit to keeping you informed with regular updates. Thank you for your understanding and cooperation during this challenging time.

North Korea-Backed Cybercriminal Entity Lazarus Group Behind Poloniex Hot Wallet Breach #cryptoexchanges #poloniexhack news.bitcoin.com/poloniex-hack-…

A protocol which was audited by Trail of Bits and HatsFinance was exploited, I have quite a critical opinion when it comes to different security companies, but these two I would absolutely see as top notch. This makes this topic even worse, that a protocol which had such a great audit coverage got exploited. It was not a bug reported, it was exploited…. The web3 security needs to unite together to prevent such things in the future - the only question is: „How can we do this?“ What is your opinion on this topic?

Just discovered this hidden gem. A repo with 90+ write-ups for Immunefi discovered bugs. Painful to see some of them are not paid but a lot to learn from here. github.com/sayan011/Immun…

🕵️ Audited a bridge contract a while ago and uncovered some fascinating bugs! 🐛 1. Discovered a DoS vulnerability preventing deposits and withdrawals. 😱 2. Unearthed a cross-function reentrancy issue causing double token spending. 💸 I'll be sharing detailed analysis with PoC on GitHub soon once the report is public: github.com/zzzuhaibmohd/A… 🔍📝 Stay tuned for updates! 🚀🔐

crypto rally sponsored by mommy gfs everywhere 😌

EVM Mastery is all you need to learn Ethereum Virtual Machine👇🏼 github.com/Quillhash/EVM-…

JUST IN: BlackRock's iShares #Bitcoin Trust has been listed on the DTCC (Depository Trust & Clearing Corporation).

JUST IN: $33,000 #Bitcoin

After clicking an advertisement on an unsecure website, your computer freezes. A message appears, demanding you pay a certain amount of money to unlock your computer. What is this type of attack called?

Great article from Chainlink which explores the differences between Market Manipulation and Oracle Exploits 👇🏼 chain.link/education-hub/…

#PeckShieldAlert @yyctrader1 has reported that #friendtech wallet was compromised. The scammer has already transferred the stolen funds from #Base to #Ethereum via #Orbiter and deposited some to #Binance.

How I landed my first SOC Analyst job in Cyber Security: 1. During my interview, I was handed a few pieces of paper, that were in fact printouts from Wireshark. I was asked to determine what was going on in the series of packets. 2. I took a moment, reviewed them, and then smiled. 3. I described to the interviewer, the complete story these packets told, which included the use of insecure protocols, which raised a red flag. I also determined that downloads of music from LimeWire was happening within the organization. I was hired on the spot. I flourished at this organization and learned so much once I was able to ride in the hot seat. At the time: 1. I couldn't count in binary. 2. I couldn't describe the OSI model. 3. I didn't have a security certification. It's great to understand theory. Sometimes it's just better to have hands on practical knowledge. #cybersecurity #informationsecurity #infosec #leadershipbyexample

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms thehackernews.com/2023/10/cyberc…

In the arena, breaking things. A double-whammy of embarrassing security blunders led to @starsarenacom being drained of $2.9M on Saturday. Ever heard the phrase ‘stop digging’? rekt.news/stars-arena-re…

CertiK is once again acknowledged in @Apple's latest iOS Security Update. Our dedicated SkyFall Team contributed to identifying three critical vulnerabilities in the iOS kernel, affecting several devices pre-iOS 17. Here’s a deep dive on the findings 👇

HTX Global Hacker just returned the stolen funds of 4,999 $ETH ($8.2M). @justinsuntron etherscan.io/address/0xdb1d… etherscan.io/address/0x7999…

Analysis of the Stars Arena exploit:🔽 The contract is not open source, there seems to be a reentrancy vulnerability. During the call of the 0xe9ccf3a3 function, the attacker reentered and called the 0x5632b2e4 function, setting a block height. Then, in the sellShares function, this height was used as a parameter to calculate the amount of $AVAX to send, resulting in an abnormally large calculated amount. Ultimately, the attacker was able to obtain a large profit.

Our initial analysis on today's @starsarenacom $2.9M hack indicates a reentrancy issue on the Stars Arena: Shares contract at #internaltx" target="_blank" rel="nofollow noopener">snowtrace.io/address/0xa481… The reentrancy is abused to update the weight when the share/ticket is issued so that 1 share can be sold at a much higher price ~274k $AVAX