Mimecast’s forensic investigation found that SolarWinds hackers accessed limited source code repositories and account details after compromising customers' Microsoft 365 tenants.
The SolarWinds hackers (thought to be backed by Russian intelligence) are up to their old tricks with new cloud providers, and have reportedly already breached a number of companies.
Microsoft disclosed that besides using the trojanized Orion software on its platform, SolarWinds hackers accessed Microsoft source code after compromising internal accounts.
SolarWinds hackers suspected to have breached email security provider Mimecast compromising its Microsoft 365 Exchange connection certificate, and affecting 10% of its customers.
The SolarWinds hackers are back again, this time leveraging the stolen email account of a United States federal agency to run a phishing campaign against 150 government entities in 24 countries.
