The SolarWinds hackers are back again, this time leveraging the stolen email account of a United States federal agency to run a phishing campaign against 150 government entities in 24 countries.
Mimecast’s forensic investigation found that SolarWinds hackers accessed limited source code repositories and account details after compromising customers' Microsoft 365 tenants.
SolarWinds hackers suspected to have breached email security provider Mimecast compromising its Microsoft 365 Exchange connection certificate, and affecting 10% of its customers.
Microsoft disclosed that besides using the trojanized Orion software on its platform, SolarWinds hackers accessed Microsoft source code after compromising internal accounts.
