Check out our founders presentation at DeFi Security Summit in Bangkok, about Operational Security in the Web3 ecosystem

🔐 Not all 2FA are made equal: - SMS 2FA is vulnerable to many attacks such as: SS7 attacks, sim swaps, IMSI attacks, carrier compromise, compromised device, etc. - TOTP apps such as Google Authenticator, Authy and Microsoft authenticator are vulnerable to phishing attacks (as

What would you do if you could spy on SMS messages? theredguild and opsek have identified SLOVENLY COMET, a threat actor which has been intercepting OTP codes and other credentials sent over SMS to certain regions since as early as February 7, 2025 More info below 🔗

🔐 It's called two-factor for a reason: - You save passwords in Google chrome, which is synchronized with your Gmail. - And you save 2FA codes in Google authenticator, with cloud backup in your Gmail. - And you use passkeys in your Android and synchronize them with your Gmail. +

Next DSS Webinar, on April 23 📆 We will deep dive into OpSec failures with: •Peter Kacherginsky (Blockchain Threat Intelligence) •pablito.eth 🦇🔊 ♢ & souilos (opsek) Moderated by Isaac Patka (Shield3) Covering Bybit, NickLFranklin, and other OpSec stories Register: us06web.zoom.us/webinar/regist…

Recording available: youtu.be/GuQXUyMDd_s?si…

Security is a process, not a product.

Kraken discovered a DPRK operative (North Korea agent) trying to infiltrate the company. Is your project safe from sophisticated threat actors? What are you waiting for?

I can't recommend opsek and Blockchain Security Series enough for those looking for personal/company security audits and educational materials. I'm sure there's several out there that you could use to improve your security all around

Exploring security projects for the Ethereum World’s Fair 🔍 Starting with some that are shaping the space in Argentina 🔐 OpenZeppelin @CoinFabrik @TheRedGuild opsek Who else should we include for the Devconnect showcase?

Auditing your smart contracts is important, but in fact, 99% of stolen funds are NOT due to smart contract hacking, but operational security issues. Is your company prepared to stop sophisticated threat actors?

We are very proud to be sponsoring the best Blockchain Security newsletter out there. 😎

BlockThreat - Week 20, 2025 💙 Sponsored by opsek and Recon 🚿 Malicious insiders leak data at Coinbase 🛡️ 🎣 Curve hit with DNS Hijacking attack 🧑‍⚖️ Xinbi darkmarket OTC shut down 😡 Another crypto kidnapping attempt in France newsletter.blockthreat.io/p/blockthreat-…

I'll be attending EthCC in Cannes 🇫🇷. If you are a founder and care about your company's Security, DM me and let's talk. Operational security is not an option any more. OpSec or be hunted. 🥷

Physical and Operational security Workshop, by Security Alliance, theredguild and opsek during EthCC in Cannes, on June 30. There are very few spots, link in first comment to apply 👇

Opsek founder was featured in the Scam Chronicles podcast. Check it out. 👇

We audited and trained the Contango team regarding their Operational Security. They wrote a nice article about this experience. Check it out! 👇

Fact: Operational Security is the most boring shit ever. Until it hits the fan. Thats why, starting Dec 2024, we have undergone a lengthy audit by opsek. 🧵👇