MIMECAST SECURITY INCIDENT
A sophisticated threat actor has compromised the certificate used to authenticate Mimecast's Sync
and Recover, Continuity Monitor and Internal Email Protect (IEP) products to Microsoft 365.
Mimecast is an international company that specialises in Microsoft Exchange and Microsoft Office 365 cloud-based email management, including security, archiving, and continuity services to protect business mail. Mimecast provides email security products to provide protection against phishing and malicious emails.
Mimecast said
it is asking 10 percent of its customer base which is almost 36,000 customers to instantly remove the
current connection inside its Microsoft 365 tenant using this
certificate-based connection to Microsoft 365. Customers can then
re-establish a new certificate-based link using, a new certificate which Mimecast has made available.
It is not clear if the attack is launched by the same group of adversaries who compromised Solarwinds . Attack vector of this incident is not clear yet . Mimecast is currently investigating the incident. No comments if this is related to Solwarinds compromise
The stock of Mimecast is down $2.40 per share (4.67 percent) to $49 per share
in pre-market trading Tuesday.
in pre-market trading Tuesday.
Certificate stolen by the attackers can allow them to impersonate users via the Mimecast app to Exchange
No comments:
Post a Comment