From crn.com
A sophisticated threat actor compromised a Mimecast certificate used to authenticate several of the company’s products to Microsoft 365 Exchange Web Services, Mimecast disclosed Tuesday.
The Lexington, Mass.-based email security vendor said the certificate used to authenticate its Sync and Recover, Continuity Monitor and Internal Email Protect (IEP) products to Microsoft 365 has been compromised. Mimecast said it was recently informed of the compromise by Microsoft.