Security News > 2021 > January > Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball

Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball
2021-01-28 15:52

The Mimecast certificate compromise reported earlier in January is part of the sprawling SolarWinds supply-chain attack, the security firm has confirmed.

Mimecast joins other cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys in being targeted in the attack.

The SolarWinds espionage attack, which has affected several U.S. government agencies and many others, began with a poisoned software update that delivered the Sunburst backdoor to around 18,000 organizations last spring.

Mimecast joins FireEye in admitting actual damage from the attack.

The attacker targeted and was able to access certain red-team assessment tools that the company uses to test its customers' security.

The company soon confirmed that the attack was part of the SolarWinds supply-chain attack.


News URL

https://threatpost.com/mimecast-solarwinds-hack-security-vendor-victims/163431/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 56 33 103 81 51 268