Boring Security
ApecoinDAO funded (AIP-133) Security Public Good for Web3/NFTs and beyond We provide classes, security awareness, and track scam/hack trends in the Web3 space.
View on ๐Threads
Sad to see such a prominent figure get taken by the Seaport Drainer scam. We're ready to provide classes and do whatever we can for the Proof/Moonbirds community. For everyone el...
So, you saw the BAYC tweet about Warm and Delegate but have no idea where to start? We got you covered! ๐งต๐ https://t.co/HkOphafdoQ
๐๐ก๐๐ญ ๐ฌ๐ก๐จ๐ฎ๐ฅ๐ ๐ฒ๐จ๐ฎ ๐๐จ ๐ข๐ ๐ฒ๐จ๐ฎ๐ซ ๐๐ฐ๐ข๐ญ๐ญ๐๐ซ ๐ข๐ฌ ๐ก๐๐๐ค๐๐? ...or you suspect a hacker is attempting to gain access to it? Boring Security has compiled a response plan for individuals/project...
Why is ETH_SIGN enabled by default in MM? Folks are being so desensitized to the big red warnings from SetApprovalForAll, that if they see an ETH_SIGN message, it may not have the...
๐๐จ๐ฉ ๐ฌ๐๐๐ฆ๐ฌ ๐จ๐ ๐ญ๐ก๐ ๐ก๐จ๐ฅ๐ข๐๐๐ฒ ๐ฌ๐๐๐ฌ๐จ๐ง: 1) Scam Airdropped tokens being moved in/out of your wallet. 2) Fake marketplaces like NinjaSwap, Nexyus Ethertrade, Seaswaps marketplaces 3) Th...
We've heard reports of users losing their assets that have their seed phrase in LastPass. Details are sparse, but: ๐๏ธWe highly discourage anyone to store key material in the clou...
It never gets easier seeing a fellow ape lose their apes. Today the flags at the club will be at half mast. What can we learn? Signing messages is something that trips people up t...
Staking $APE through the official contract? Front ends get hacked. Often. Since most of you are connecting to these with what would otherwise be your vaults, we need to be vigilan...
Twitter has some features you didn't know about to keep you safe from scams! Below are 5 Twitter settings you can edit right now to improve your security! ๐ฐ FIVE TWITTER SECURITY...
Today, in partnership with the awesome team at MurAll, we're releasing our Supporter DAO token. Together I think we've built a cool concept which could be applied across other Pub...
There are a lot of misconceptions about what wETH is, and why we need it. Although not intuitively a security topic, assuming our students had this knowledge was a mistake, and fo...
๐จ๐จNEW SOPHISTICATED SCAM ALERT๐จ๐จ Communities are being targeted by putting malicious javascript at the end of known real links to steal discord auth tokens (which results in a ful...