As most experts predicted last month, the fallout from the SolarWinds supply chain attack is getting bigger as time passes by, and companies had the time to audit internal networks and DNS logs.
This week, four new cyber-security vendors — Mimecast, Palo Alto Networks, Qualys, and Fidelis — have added their names to the list of companies that have installed trojanized versions of the SolarWinds Orion app.
Mimecast hack linked to SolarWinds software
The most important of this week's announcements came from Mimecast, a vendor of email security products.
Two weeks ago, the company disclosed a major security breach[1] during which hackers broke into its network and used digital certificates used by one of its security products to access the Microsoft 365 accounts of some of its customers.
In an update on its blog[2] today, Mimecast said it linked this incident to a trojanized SolarWinds Orion app installed on its network.
The company has now confirmed that the SolarWinds hackers are the ones who abused its certificate to go after Mimecast's customers, one of them believed to be antivirus maker Malwarebytes.
Palo Alto Networks discloses Sep & Oct 2020 incidents
Another major security vendor who came forward to disclose a SolarWinds-related incident was Palo Alto Networks, a vendor of cyber-security software and network equipment.
Speaking to Forbes investigative reporter Thomas Brewster this week, Palo Alto Networks said it detected two security incidents in September and October 2020 that were linked to SolarWinds software.
"Our Security Operation Center [...] immediately isolated the server, initiated an investigation and verified our infrastructure was secure," Palo Alto Networks told Forbes[3] on Monday.
However, the company said it investigated the breaches as separate solitary incidents and didn't detect the broader supply chain attack, which would