Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Weak Hash vulnerability discovered in crypto-js and crypto-es (CVE-2023-46233 & CVE-2023-46133)

Oct 25, 2023 By Jamie Smith In Snyk

On October 18, security researcher Zemnmez began the process of responsibly disclosing a "Use of Weak Hash" vulnerability that they found in crypto-js, an open source JavaScript library of crypto standards, for which maintenance has been discontinued. The vulnerability also impacts the crypto-es package (for ES6 and TypeScript), and the researcher has opened a similar issue requesting that the maintainers enable private disclosures.

Read Post

CISO Global - Building a Culture of Cybersecurity

Oct 25, 2023 By CISO Global In CISO Global
A leader in cybersecurity and compliance services, CISO Global brings together expert practitioners and thought leaders to provide tailored solutions that drive cyber resilience. The company’s top-tier talent spans geographies, specialties, industries, regulatory frameworks, and focus areas and includes auditors, compliance specialists, certified forensics experts, ethical hackers, security engineers, and around-the-clock analysts.
View Video
kroll

Tackling the 2023 SEC Cybersecurity Rules

Oct 25, 2023 By James McLeary In Kroll

The new rules from the U.S. Securities and Exchange Commission (SEC) on reporting mark a significant shift in the requirements for disclosing cyber breaches, leaving many businesses wondering how their cybersecurity practices will be impacted in the long run. These new rules create significant new disclosure obligations for public companies, requiring timely and detailed disclosures of material cybersecurity incidents and periodic disclosures about cybersecurity risk management and governance.

Read Post
fireblocks

Fireblocks Expands On-Chain Digital Identity and Programmable Compliance Team

Oct 25, 2023 By Fireblocks In Fireblocks

At Fireblocks, a strong commitment to regulatory compliance has always been at the core of our operations. That’s why we’re excited to announce that we’re building out our On-Chain Digital Identity and Programmable Compliance Team, with the strategic appointments of Peter Marton, Director of Digital Identity, and cryptography expert Chaitanya Reddy Konda, Senior Technical Product Manager, Digital Identity and Privacy.

Read Post
netskope

Netskope Threat Coverage: Menorah

Oct 25, 2023 By Ghanashyam Satpathy In Netskope

In October 2023, Netskope analyzed a malicious Word document and the malware it contained, dubbed “Menorah.” The malware was attributed to an advanced persistent threat group APT34, and was reported to be distributed via spear-phishing. The malicious Office file uses dispersed and obfuscated VBA code to evade detection. The advanced persistent threat group targets users of outdated versions of Microsoft Office, since it does not attempt to bypass the mark of the web security check.

Read Post
CalCom

SEC Cybersecurity Disclosure Rules: What You Need to Know

Oct 25, 2023 By John Gates In CalCom
On July 2023, the Securities and Exchange Commission (SEC) implemented a final rule mandating public companies to furnish comprehensive and uniform disclosures pertaining to cybersecurity risk management, strategy, governance, and incidents. We’re going to discuss SEC Cybersecurity Disclosure Rules and What You Need to Know.
Read Post

Hide and Seek: Know Where To Find Your Data | Talk Data To Me

Oct 25, 2023 By Lookout In Lookout
Lack of visibility can create major blind spots that expose your organization to unnecessary data risk. The good news is that mitigating this risk is easier than you might think. In this episode, experts Andy and Steve will touch on the blind spots most organizations don't know about and actionable steps organizations can take to protect their data.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.