Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, MasterCard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Diğerleri
TradFi
Rewards
Square
Latest
Hot
News
Profile
TokenTreasury_vip

Don't wait until the next malicious attack occurs to realize the importance of auditing your security system. Now is the time to act and strengthen your supply chain defenses.



Start with these straightforward steps: adopt anti-phishing multi-factor authentication methods (Passkeys/WebAuthn are much more reliable than traditional SMS), regularly refresh and reconfigure your API token permissions, and review the access permissions of third-party applications.

It may sound like basic security hygiene, but these fundamental measures are truly capable of blocking most common attacks.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 6
  • Repost
  • Share
Comment
Add a comment
Add a comment
FrogInTheWellvip
· 01-10 04:19
Huh? It's the same old story... but honestly, I've seen too many people go bankrupt due to phishing scams. SMS really should be phased out.

The API permissions are the most easily overlooked part; most people never check what third-party apps have installed.

It's worth taking this seriously this time.
View OriginalReply0
Degen4Breakfastvip
· 01-09 05:15
It's the same old story, but to be honest, it really works. Those who have been phished understand that feeling of frustration.

---

passkey is really awesome, no more worries about SIM card being swapped.

---

Supply chain issues are indeed easy to overlook; if a permission isn't revoked, it can be disastrous.

---

I just want to know how many people actually review third-party permissions, or if they all wait until something happens to regret it.

---

Basic work is the most annoying but also the most life-saving, that's just how it is.

---

Basically, it's the difference between diligent people and lazy ones; right now, you're being scolded, but later you'll be the one taking the hit.
View OriginalReply0
RooftopReservervip
· 01-08 00:58
Haha, really, waiting until the issue becomes serious to patch the vulnerabilities is too late. It's better to quickly establish a solid basic defense now for safety.
View OriginalReply0
SerumSurfervip
· 01-08 00:52
Fuck your mother, really. It's the same old story again... But on the other hand, it's true. Only after being hacked do you realize the regret.
View OriginalReply0
FOMOSapienvip
· 01-08 00:48
Haha, really, only when attacked do you remember to do an audit, but by then it's too late... Passkeys really blow SMS verification out of the water.

---

It's true that the supply chain defense line is important, but most people are too lazy to take action, only regretting when something happens.

---

Getting the basic defense line right can save a lot of trouble, but nobody wants to put in the effort...

---

I often forget to regularly review API permissions, looks like I need to set a reminder.

---

WebAuthn is indeed great, but user experience needs to be improved; not all wallets support it.

---

So instead of hoping zero-day vulnerabilities won't appear, it's better to clean up your own house.

---

Third-party permission audits are really easy to overlook; sometimes you forget what permissions you've granted.
View OriginalReply0
ForkItAllDayvip
· 01-08 00:30
How many times do I have to say it? Some people still wait until they get hacked before thinking about doing an audit... I'm really speechless.

API permissions definitely need attention; otherwise, third-party applications could secretly drain your resources without you knowing.

Passkeys are more reliable than SMS. Isn't that obvious? It should have been fully adopted long ago.

Once the basic work is done, most amateurs' attacks automatically bypass, there's nothing mysterious about it.

I have to review third-party authorizations every month. It's a hassle, but it's definitely better than getting hacked.

It sounds simple, but in practice, no one really sticks to finishing it, right?
View OriginalReply0

  • Pin

Sitemap