Security News > 2021 > January

It wasn't the best of New Year's Day mornings for some Check Point customers; in addition to possible hangovers, those who lagged with their patching had been left with inoperable systems and a tough fix ahead for some. On January 1, 2021, a certificate used for outdated Check Point Remote Access VPN clients and Endpoint services expired.

Thoma Bravo announced the completion of its strategic growth investment in Venafi. "We are thrilled to partner with Thoma Bravo at a time when companies around the world are realizing that the foundation of security for all digital transformation initiatives is a solid machine identity management program," said Jeff Hudson, CEO of Venafi.

Cyble announced that Richard Sands, former IT Security Director of Yum! Brands, will be joining Cyble as the General Manager for the North America region. Richard's addition to Cyble's leadership team is expected to bolster the market reception of its services and add new impetus to the company's growth.

Ticketmaster has agreed to pay a $10 million fine after being charged with illegally accessing computer systems of a competitor repeatedly between 2013 and 2015 in an attempt to "Cut off at the knees." The allegations were first reported in 2017 after CrowdSurge sued Live Nation for antitrust violations, accusing Ticketmaster of accessing confidential business plans, contracts, client lists, and credentials of CrowdSurge tools.

The Banner Bank executive leadership team announced that Janet Brown has joined the bank as Executive Vice President and Chief Information Officer. Brown is replacing Steve Rust who announced his retirement after more than 40 years in information technology, the last 15 years as CIO at Banner Bank.

Apex Laboratory, which provides blood work at home for patients in New York City, Long Island and South Florida, has been hit with a ransomware attack that also resulted in patient data being stolen. "While the typical ransomware business model involves encrypting data in place and then selling the victim decryption capabilities, business models always evolve," Oliver Tavakoli, CTO at Vectra, told Threatpost.

ReCaptcha is Google's name for its own technology and free service that uses image, audio or text challenges to verify that a human is signing into an account. Google recently started charging for larger reCAPTCHA accounts.

The NSA has just declassified and released a redacted version of Military Cryptanalytics, Part III, by Lambros D. Callimahos, October 1977. Parts I and II, by Lambros D. Callimahos and William F. Friedman, were released decades ago - I believe repeatedly, in increasingly unredacted form - and published by the late Wayne Griswold Barker's Agean Park Press.

Leading gaming companies, such as Ubisoft, have become big targets for cybercriminals that aim to turn a profit by selling leaked insider-credentials tied to the top game publishers. More than 500,000 of the leaked credentials pertained to employees of leading game companies, according to the report published Monday.

It is believed that the recently disclosed attack targeting Texas-based IT management solutions provider SolarWinds resulted in threat actors gaining access to the networks of more than 250 organizations, according to reports. The New York Times reported over the weekend that the SolarWinds supply chain attack is believed to have impacted as many as 250 government agencies and businesses.