SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns


Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.

The discovery associated with a data breach at email service provider Mimecast could show attackers behind the massive SolarWinds incident may have pursued multiple paths to infiltrate target companies, a new report states.  

Earlier this week, Mimecast confirmed an attacker had affected a certificate provided to specific customers to authenticate Mimecast products to Microsoft 365 Exchange Web Services. The tools and methods used in this attack link these operators to those who also recently targeted SolarWinds, The Wall structure Street Journal reports.

The SolarWinds attack affected some 18, 000 public and personal organizations that downloaded infected variations of legitimate updates to its Orion network management software. Nevertheless , the attack on Mimecast shows not all victims had to be SolarWinds customers to end up being targeted.

Mimecast has been a SolarWinds customer in the past but no longer uses the Orion software, an individual familiar with the matter told WSJ. The company has not determined how attackers got in or whether its earlier make use of SolarWinds could have still left it vulnerable.  

As security experts note, Mimecast digital certificates could enable attackers to read data stored upon Microsoft Exchange servers. Mimecast says the particular incident affected about 10% of its customers. It’s asking these who use this certificate-based link to delete the existing connection within their Microsoft 365 tenant plus establish a new certificate-based connection along with a new certificate it provides made available.  

Read the complete report for a lot more details.

Dark Reading’s Quick Hits delivers a short synopsis and summary of the significance of breaking news occasions. For more information from the original source of the news item, please follow the link supplied in this article. View Full Bio

Recommended Reading:

More Information