Get Permission
Email security vendor Mimecast confirmed Tuesday that the hackers responsible for the SolarWinds supply chain hack also breached the security firm s network to compromise a digital certificate that encrypts data that moves between some of the firm s products and Microsoft s servers.
When London-based Mimecast first acknowledged the breach earlier this month, the company reported that fewer than 10 of its clients had been targeted by the hackers during the compromise.
The company is urging affected customers in the U.S. and U.K. to break and reestablish their connections to Microsoft products with newly issued keys, according to the update.
A zero-day attack is affecting SonicWall s SMA 100 series gateway products. (Source: SonicWall)
Security vendor SonicWall is investigating what the company calls a coordinated attack against its internal network by threat actors using a zero-day exploit within the company s remote access products.
In a brief statement, SonicWall says it is continuing to investigate the incident and that users of certain versions of its Secure Mobile Access, or SMA, gateway products should apply temporary fixes until a permanent patch is available.
And while SonicWall did not release details about the zero-day attack and the vulnerability, the company stressed that this security incident appears well planned.
Get Permission
The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a limited subset of internal company emails. While Malwarebytes does not use SolarWinds [hacked software], we, like many other companies, were recently targeted by the same threat actor,” Malwarebytes CEO Marcin Kleczynski notes in a blog. The hackers appear to have exploited a dormant email protection tool within the company s Office 365 system to gain access to a subset of the firm s emails, he says.
Malwarebytes was notified about the intrusion on Dec. 15, 2020, by the Microsoft Security Response Center. This was about the same time Microsoft notified security firm CrowdStrike of similar suspicious activity. The attempted intrusion against Crowdstrike was ultimately unsuccessful (see: