A Mimecast-issued certificate provided to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services has been compromised by a sophisticated threat actor. In a notice, Mimecast said approximately 10% of customers use this connection, and “there are  indications that a low single digit number of our customers’ M365 tenants were targeted.”
Read full article on Security Magazine