LEXINGTON, Mass., Feb. 03, 2021 (GLOBE NEWSWIRE) -- Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced financial results for the third fiscal quarter ended December 31, 2020. Fast forward to present day, and Bauer sounds confident that the company’s response has been effective — though the investigation is ongoing. When Mimecast initially announced the incident on 13 January, it said it had been informed by Microsoft that a certificate it issued for authentication of Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services had been compromised. Mimecast on Tuesday made a three-page incident report available to the public. An email-security breach has been reported in which sophisticated threat actors have gained access to an email certificate from the Mimecast ® e-mail security company -- specifically certificates for Mimecast Sync and Recover, Continuity Monitor, and IEP products. According to Mimecast's security incident disclosure, published on March 16, a … Mimecast does not protect against all email threat types. Brand impersonation attacks put organizations at risk through phishing schemes aimed at end users and by destroying trust in the brand itself. Although Mimecast did not associate the breach with the state-sponsored SolarWinds hackers, three cybersecurity investigators knowledgeable on the matter and speaking on the condition of anonymity confirmed the link to Reuters.. Additionally, the techniques and procedures used to breach the email security firm were consistent with SolarWinds hackers’ activity. Recommendations The NJCCIC urges Mimecast customers using the compromised certificate to follow guidance put forth in the Mimecast blog post and immediately delete the existing connection within their Microsoft 365 tenant. Mimecast says the compromised certificate encrypts data exchanged between the security firm's Sync and Recover, Continuity Monitor and … ; Solid execution of multi-product … Initially, it was discovered that attackers have stolen a subset of Mimecast customers’ email addresses and other contact information, as well as several encrypted credentials. In this blog we see that attackers are now going beyond spoofing known software vendors like Microsoft by even going after the domains of known email security vendors. Mimecast, a company that makes cloud email management software, disclosed a security incident today, alerting customers that "a sophisticated threat actor" has obtained one of its digital certificates and abused it to gain access to some of its clients' Microsoft 365 accounts. Mimecast released an incident response report on their internal investigation of the SolarWinds supply chain attack. MIMECAST BLOG POST . Only Barracuda protects you against all 13 threat types to give you the industry’s most complete protection against today’s email-borne threats. Mimecast, a company that makes cloud email management software, disclosed a security incident today, alerting customers that "a sophisticated threat … Over the last several months, our system has been identifying BEC attempts against our clients on an hourly basis. In brief Email security biz Mimecast not only fell victim to the SolarWinds hackers, leading to its own customers being attacked, it is also trimming its workforce amid healthy profits.. Last month Mimecast revealed that one of its cryptographic certificates was purloined by the same team that smuggled a hidden backdoor into SolarWinds' Orion network monitoring software. A several month-long process, which included an initial audit of the legacy system, review of all tags, migration to the new system as well as further goal and action build-out within the new Tag Manager. Mimecast said that Microsoft’s security experts notified the company of “a sophisticated threat actor” who hijacked its certificates used to connect to Mimecast customers’ Microsoft 365 Exchange products. Mimecast’s products include anti-phishing email security tools capable of detecting malicious links and fake identities. Overall Highlights. The investigation was supported by third-party forensics and cyber incident response experts at Mandiant, a division of FireEye, and in coordination with law enforcement to aid their investigation into this threat actor. Mimecast Links Solar Winds Perpetrator to Recent Security Incident Earlier this month, Mimecast alerted customers that a certificate used to authenticate services … Report on Our Security Incident Investigation . Email security biz Mimecast has dumped SolarWinds' network monitoring tool in favour of Cisco's Netflow product after falling victim to the infamous December supply chain attack. Dan and his team are responsible for uncovering deep customer and market insight to build compelling security products and services that address key customer needs. Tag Management. MIMECAST BLOG POST Report on Our Security Incident Investigation In January, Mimecast became aware of a security incident later determined to be conducted by the same sophisticated threat actor responsible for the SolarWinds supply chain attack. LEXINGTON, Mass., May 11, 2021 (GLOBE NEWSWIRE) -- Mimecast Limited (NASDAQ: MIME), a leading global provider of next generation cloud security and risk management services for email and corporate information, today announced financial results for the fourth fiscal quarter and fiscal year ended March 31, 2021. Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. This Mimecast certificate provides verification and authentication between a company’s emails and Microsoft ® 365 … Report on Our Security Incident Investigation | Mimecast Blog Mimecast maintains an up-to-date incident response plan that includes responsibilities, how information security events are assessed and classified as incidents and response plans and procedures. Mimecast has revealed the theft of its source code in a cyberattack linked to the SolarWinds breach. Email security firm Mimecast has admitted that the compromise of a certificate it had issued for some Microsoft services is connected to the SolarWinds supply chain incident. Dan works closely with product, sales, customer advocacy and the wider marketing team to position and communicate the value of Mimecast’s security and cyber resilience services. Exhibit 99.1 . Mimecast is one of many big tech firms to be implicated in the hacking campaign, which has also exploited bugged software made by SolarWinds, a Texas-based federal contractor. The investigation was supported by third-party forensics and cyber incident response experts at Mandiant, a division of FireEye, and in coordination with law enforcement to aid their investigation into this threat actor. The attack […] The attackers have viewed Microsoft’s source code and stolen the red-team tools that security firm FireEye uses to test clients’ defenses. Key Points: Brand impersonation attacks rose significantly during the COVID-19 pandemic, as attackers preyed on customers’ sudden work-from-home statu…. < Mimecast Blog Microsoft recently informed us that a Mimecast-issued certificate provided to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services has been compromised by a sophisticated threat actor. BEC attacks are on the rise. Mimecast has confirmed that a recent security incident which saw users’ Microsoft 365 accounts breached was carried out by the same threat actors responsible for the SolarWinds hack. Mimecast Limited (NASDAQ:MIME) Q3 2021 Earnings Conference Call February 3, 2021 08:30 AM ET Company Participants Robert Sanders - Director of Investor Relations Peter Bauer - … Additionally, the techniques and procedures used to breach the email security firm were consistent with SolarWinds hackers’ activity. Mimecast said that Microsoft’s security experts notified the company of “a sophisticated threat actor” who hijacked its certificates used to connect to Mimecast customers’ Microsoft 365 Exchange products. In January, Mimecast became aware of a security incident later determined to be conducted by the same sophisticated threat actor responsible for the SolarWinds supply chain attack. Mimecast regularly tests its incident response plan with “table-top” exercises and learns from tests and potential incidents t 2. Approximately 10 percent of our customers use this connection. Microsoft Defender for Office 365 vs Mimecast. In January, Mimecast became aware of a security incident later … Overdrive managed Mimecast’s tag management system including migration from one legacy system to another. The company claims to have over 36,000 customers across more than 100 countries, but the incident is believed to have impacted only “a low single digit number” of its customers’ Microsoft 365 tenants. | January 26, 2021 at 05:21 PM. I want to thank the team of engineers, technical folks, leaders, and others at Mimecast who have worked diligently and tirelessly on the security incident over the last few weeks. Mimecast offers detection only, and limited or no enforcement for … Mimecast has confirmed that a recent security incident which saw users’ Microsoft 365 accounts breached was carried out by the same threat actors … Total revenue of $129.6 million grew 18% year-over-year on a GAAP basis and 17% in constant currency. Mimecast did say that roughly 10 percent of its customers used the impacted connection. Mimecast on Tuesday formally confirmed that the attackers behind the SolarWinds hack were responsible for compromising a digital certificate the firm provided to secure connections to Microsoft 365 (M365) Exchange. An Incident Report published by Mimecast recently revealed the company has been the victim of a source code theft in a cyberattack connected to the SolarWinds breach.. Mimecast Security Incident FYI - I know this is a few days late, but I am just finding out about it through mimecast. This blog looks at an Australian logistics company that had Mimecast operating in its Microsoft 365 environment, but moved to an autonomous approach to email security when a malicious email — deemed benign by all other tools — was detected by Darktrace’s AI. At a high level, Mimecast’s Secure Email Gateway and Microsoft Defender for Office 365 may seem similar. Mimecast certificate hacked: How the Microsoft 365 email attack impacts users Written by Aaron Kraus Mimecast, a provider of email security products and services, posted an announcement on January 12, 2021, regarding a security breach potentially affecting roughly 10% of their customers. Read More >. Earlier this month, Mimecast alerted customers that a certificate used to authenticate services like Continuity Monitor and Sync and Recover to Microsoft 365 Exchange Web Services had been compromised. Mimecast will also bring together its product management and engineering organizations into a fully integrated team, led by a chief technology and product officer. Investigators have not disclosed any connection to the SolarWinds incident at the time of this writing. Mimecast: Security Incident Investigation Status Update Meanwhile, Mimecast disclosed a certificate compromise in mid-January, 2021. GFiuui45fg Mimecast released an incident response report on their internal investigation of the SolarWinds supply chain attack. Mimecast : Report on Our Security Incident Investigation. Coretelligent’s Response to the Mimecast Certificate Security Incident January 15, 2021 During the week of January 11, 2021, it was brought to our attention there was a security incident involving a Mimecast SSL certificate that is used to secure communications between Mimecast services and Microsoft 365 programs. Fourth Quarter 2021 Highlights. I mostly watch this page for stuff like this and either I missed it or it was never mentioned. Both offer the protection features you would expect: Anti-phishing, Anti-malware, Anti-spam, URL and attachment protection and so forth.