A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor,” the company has announced. Mimecast provides email security services that customers can apply to their Microsoft 365 accounts by establishing a connection to Mimecast’s servers. The certificate in question is used to verify and authenticate those connections made to Mimecast’s Sync and Recover (backups for mailbox folder structure, calendar content and contacts from Exchange On-Premises or Microsoft 365 mailboxes), Continuity Monitor (looks for disruptions in email traffic) and Internal Email Protect (IEP) (inspects internally generated emails for malicious links, attachments or for sensitive content). A compromise means that cyberattackers could take over the connection, though which inbound and outbound mail flows, researchers said. It would be possible to intercept that traffic, or possibly to infiltrate customers’ Microsoft 365 Exchange Web Services and steal information. “The certificates that were compromised were used by Mimecast email security products,” Terence Jackson, CISO at Thycotic, told Threatpost. “These products would access customers Microsoft 365 exchange servers in order for them to provide security services (backup, spam and phishing protection). Since these certificates were legit, an adversary would have been able to connect without raising suspicions to eavesdrop and…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-01-12 13:35:002021-01-12 13:35:00Mimecast Certificate Hacked in Supply-Chain Attack
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com