13 January 2021

Hackers compromised Mimecast certificate to target Microsoft 365 users


Hackers compromised Mimecast certificate to target Microsoft 365 users

Email security provider Mimecast disclosed a security incident involving “a sophisticated threat actor” compromising one of its digital certificates and using it to gain access to some of the company clients' Microsoft 365 accounts.

In a statement posted on its website Mimecast said that the hackers abused one of the certificates the company issued for its customers to safely connect Microsoft 365 Exchange to Mimecast services. The company said that it was informed of the compromise by Microsoft.

“Approximately 10 percent of our customers use this connection. Of those that do, there are indications that a low single digit number of our customers’ M365 tenants were targeted. We have already contacted these customers to remediate the issue,” Mimecast said.

The company did not provide details on when the incident took place, or how the attackers managed to gain access to the compromised certificate.

As a precautionary measure, Mimecast advised its customers using certificate-based connection to immediately delete the existing connection within their M365 tenant and re-establish a new certificate-based connection using the new certificate issued by the company.

“Taking this action does not impact inbound or outbound mail flow or associated security scanning,” Mimecast said.

Back to the list

Latest Posts

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

Cybercriminals use VoIP platforms to target company employees.
19 January 2021
IObit forum hacked in a DeroHE ransomware attack

IObit forum hacked in a DeroHE ransomware attack

It is unknown, how the hackers managed to compromise the forum, but it is possible that they gained access to an administrative account.
19 January 2021
OpenWrt Project discloses data breach

OpenWrt Project discloses data breach

The hackers gained access to an administrator account on the OpenWrt forum and stole a copy of the user list.
19 January 2021
0 дней, 0 часов, 2 минуты, 47 секунд142 дня, 21 час, 21 минута, 18 секунд