Back in mid-January 2021, representatives of Mimecast warned that an unknown hacker had one of its digital certificates. The attacker then abused it to gain access to some Microsoft 365 customer accounts.

The compromised certificate was used by several of the company’s products (Mimecast Sync and Recover, Continuity Monitor, and IEP) to connect to Microsoft’s infrastructure.

At the same time, it was reported that only 10% of customers used the above products [...]

Last year, it became known that SolarWinds, which develops software for enterprises to help manage their networks, systems and infrastructure, has been compromised. This attack on the supply chain has been attributed to a supposedly Russian-speaking hack group that cybersecurity experts track under the names StellarParticle (CrowdStrike), UNC2452 (FireEye) and Dark Halo (Volexity).

After infiltrating the SolarWinds network, the attackers provided Orion’s centralized monitoring and control platform with a malicious [...]

Thus, the list of companies affected by hackers who compromised SolarWinds continues to grow.

Let me remind you that the attack on SolarWinds is attributed to a Russian-speaking hack group that information security experts track under the names StellarParticle (CrowdStrike), UNC2452 (FireEye) and Dark Halo (Volexity). Russian government hackers also attacked FireEye, the largest provider of information security [...]