Mimecast says ‘a sophisticated threat actor’ has compromised a digital certificate used to authenticate a few of its products to Microsoft 365 Exchange Web Services. The certificate is used to verify and authenticate Internal Email Protect (IEP) products, Mimecast Sync and Recover, and Continuity Monitor.
A compromise means it could result in a man-in-the-middle (MitM) attack, where an adversary could potentially take over the connection and intercept email traffic, and possibly steal sensitive information.
As a precaution to prevent future abuse, Mimecast has asked its customers to delete the existing connection within their M365 tenant with immediate effect and re-establish a new certificate-based connection using the new certificate that it has made available.
To Read More: ThreatPost