Mimecast Cert Abused to Target Inboxes in “Sophisticated” Attack

Mimecast has disclosed that some of its customers have been targeted by an advanced attack designed to compromise their Microsoft 365 (M365) environments. The security vendor said in a brief statement yesterday that a “sophisticated threat actor” obtained one of its certificates used to authenticate Mimecast Sync and Recover, Continuity Monitor and IEP products to Microsoft 365 Exchange Web Services.

Read full article on Infosecurity