Security News > 2021 > January > Hackers Steal Mimecast Certificate Used to Securely Connect with Microsoft 365

Mimecast said on Tuesday that "a sophisticated threat actor" had compromised a digital certificate it provided to certain customers to securely connect its products to Microsoft 365 Exchange.
The company didn't elaborate on what type of certificate was compromised, but Mimecast offers seven different digital certificates based on the geographical location that must be uploaded to M365 to create a server Connection in Mimecast.
Mimecast is a cloud-based email management service for Microsoft Exchange and Microsoft Office 365, offers users email security and continuity platform to safeguard them from spam, malware, phishing, and targeted attacks.
The compromised certificate is used to verify and authenticate Mimecast Sync and Recover, Continuity Monitor, and Internal Email Protect products to M365 Exchange Web Services.
Mimecast on Tuesday formally confirmed that the attackers behind the SolarWinds hack were responsible for compromising a digital certificate the firm provided to secure connections to Microsoft 365 Exchange.
The credentials are used to establish connections from Mimecast tenants to on-premise and cloud services, such as LDAP, Azure Active Directory, Exchange Web Services, POP3 journaling, and SMTP-authenticated delivery routes.
News URL
Related news
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)