Bose Work Remote Promo
Bose Work Remote Mobile Promo
Take Our Survey on Your IoT/Collaboration Plans & You Could Win a 60" 4K UHD Display!
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Downloads
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Network Security, News, Unified Communications

Mimecast: Hackers Compromised A Digital Certificate

Mimecast says a sophisticated cyber actor has compromised a digital certificate used to authenticate connections between its products & Microsoft 365.

January 13, 2021 Zachary Comeau Leave a Comment

Mimecast Certificate Compromised

Cloud-based email security provider Mimecast says a sophisticated cyber actor has compromised a digital certificate it uses to authenticate connections between its products and Microsoft cloud servers.

In a Tuesday post, the company said it was recently informed by Microsoft that “significant threat actor” compromised a certificate it issued to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor and IEP products to Microsoft 365 Exchange Web Services.

Mimecast is now asking its customers to delete the existing connection within their Microsoft 365 tenant and re-establish a new certificate-based connection using the new certificate it had made available.

According to the company, about 10% of its customers use this compromised connection. Further, there are only a “low single digit number” of its customers that were targeted.

Deleting the existing connection and re-establishing a new certificate-based connection won’t impact inbound or outbound mail flow or scanning, the company says.

Read Next: US Department of Justice Says SolarWinds Hackers Viewed Internal Emails

“The security of our customers is always our top priority,” Mimecast’s statement says. “We have engaged a third-party forensics expert to assist in our investigation, and we will work closely with Microsoft and law enforcement as appropriate.”

The company’s four-paragraph statement provided no further details, but new reporting from Reuters suggests that the hackers responsible for the Mimecast compromise could be the same behind the SolarWinds supply chain compromise.

“Three cybersecurity investigators, who spoke on condition of anonymity to discuss details of an ongoing probe, told Reuters they suspected the hackers who compromised Mimecast were the same group that broke into U.S. software maker SolarWinds and a host of sensitive U.S. government agencies,” Reuters reported.

Hackers were able to compromise SolarWinds’ Orion IT management platform with malicious code that gave hackers access to nearly 18,000 of its customers, though the targets of the suspected Russian hacking group are so far highly targeted within government, higher education and technology sectors.

Tagged With: Microsoft, Mimecast

Related Content:

  • Google Vulnerability Researchers Donald Trump, and 15,000 Others, Just Got Hacked…
  • Zoom Hybrid Work Zoom Banks On Its Education Customers, Apps, Zoom…
  • Intelligent Assistant Regional Accent Alexa Amazon’s Alexa Conversations Makes Chatbots More Realistic
  • instagram Live Rooms Instagram’s New Feature Could Help Your Marketing Department

Free downloadable guide you may like:

  • Introducing the IT Pro MBA: Vetting Technology

    At some point in your career there is going to come a time when you are tasked with reviewing and vetting new tech to implement into your company. Sometimes the hardest part of the whole thing is just getting started. In this new series from My TechDecisions, the IT Pro MBA: Vetting Technology guide deep-dives […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Introducing the IT Pro MBA: Vetting Technology

At some point in your career there is going to come a time when you are tasked with reviewing and vetting new tech to implement into your company. ...

9 Technology Products to Help Combat COVID-19 Spread in the Workplace

As the Coronavirus continues on and leads us further into uncertainty, the question remains, “when do we return to the office?” For some the answer...

Top 9 Reasons Enterprise IT Leaders Are Moving Their Video Surveillance to the Eagle Eye Cloud

Working in IT has enough challenges without adding in the complications of surveillance video. Things like total cost of maintenance, how the VMA m...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Terms of Use
  • Privacy Policy
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!

© 2021 Emerald X, LLC. All rights reserved.