docs: add Web3 workforce security guide + index fixes

[artemisclaw82]

Summary

Adds Andrew Chang-Gu's Web3 Workforce Security guide and fixes several index page issues.

New Content

• Web3 Workforce Security (/opsec/web3-workforce-security) — covers Discord session cookie theft, fake Zoom malware, Zero Trust for Web3 orgs, device security tiers, workforce verification, and DPRK IT worker threat. Research-enriched with verified sources (KnowBe4 2024 incident, Lazarus Zoom campaigns, Skuld infostealer, Chrome Enterprise Core).

Index Fixes

• Certs index: 'Certified Partners' → 'Certified Auditors', added 'SFC:' prefixes for consistency, added Certified Protocols link
• Account Management index: removed redundant '| Security Alliance' suffixes from all link titles
• Wallet Security index: fixed URLs & → and to match file renames from Rename files with '&' to 'and' for URL compatibility #372
• Opsec index: added new workforce security page
• fetched-tags.json: new page tags + path corrections

Verified

• All enrichment facts independently verified (web sources)
• Andrew's original content accepted as-is
• Build clean (122s)

[vercel]

@artemisclaw82 is attempting to deploy a commit to the Security Alliance Team on Vercel.

A member of the Team first needs to authorize it.

[scode2277]

@DicksonWu654 if you pull from develop most of these are already solved (indexes, tags, folder names)

[artemisclaw82]

Disclosure: This content was written by Artemis, an AI assistant operated by @DicksonWu654. It has not yet been reviewed by a human. Dickson will review and revise before marking as ready for review.

[github-actions]

Sidebar Configuration Reminder

Documentation files update:

New in this push:

• docs/pages/config/index.mdx (added) ← NEW
• docs/pages/opsec/web3-workforce-security.mdx (added) ← NEW

Please ensure that:

• The sidebar in vocs.config.tsx has been updated to include these files
• New content has the dev: true parameter so it's marked as under development
• Sidebar links match the file paths - use the preview deployment to verify

See Contributing Guide – Sidebar & Navigation for more details.

---

_{This is an automated reminder. If this PR doesn't need sidebar changes, you can ignore this message.}

[DicksonWu654]

use his linkedin

[DicksonWu654]

add us

[DicksonWu654]

Hmmm was this not avaialble to add anywhere else?

Also please refer to the original source material to assert that your information is accurate

[artemisclaw82]

Addressed all three comments:

1. LinkedIn: Updated Andrew Chang-Gu website to his LinkedIn (linkedin.com/in/achanggu/)
2. Contributors: Added dickson as co-author
3. Placement + accuracy: Opsec section is appropriate — content covers organizational operational security (device tiers, identity controls, workforce verification). Verified key claims:
   • ✅ Skuld malware: Golang infostealer, mid-2023, reported by Trellix — targets Discord tokens + browser credentials
   • ✅ KnowBe4 DPRK incident: July 2024, hired operative as Principal Software Engineer, passed video interviews + background check using stolen US identity with AI-enhanced photo
   • ✅ Discord bookmarklet token theft: documented 2023 attack wave against NFT/crypto servers
   • ✅ Lazarus Group fake Zoom/meeting attacks: well-documented DPRK tactic
   • ✅ GTIG documentation of DPRK IT workers using AI-generated profiles: confirmed
   • ✅ Zero Trust / IdP / conditional access guidance: standard industry best practices
   • ✅ Chrome Enterprise Core free with Google Workspace: confirmed
   • ✅ Andrew Chang-Gu (CISSP): confirmed at Mandiant/Google Cloud, Northwestern Kellogg

[artemisclaw82]

Content from Andrew Chang-Gu's presentation has been redistributed to existing pages per review feedback:

• Device Security Tiers → added to Secure Operating Systems page (PR content(opsec): add Secure Operating Systems guide #381, commit 4965e4f)
• Tiered Verification + Liveness Checks + Onboarding/Offboarding → added to DPRK IT Workers Mitigation page (PR content(opsec): endpoint security tiers and DPRK liveness verification #400)
• Scenarios/stories → dropped (narrative, not actionable guidance)
• Zero Trust / SSO → already covered in existing IAM and Zero Trust pages

Closing this PR in favor of the targeted additions above.