Giant security vendors Fidelis, Mimecast, Palo Alto Networks, Qualys confirmed this week that they were impacted by the SolarWinds supply chain attack.
Fidelis confirmed that it had installed a trojaned version of the SolarWinds Orion app in May 2020, as part of a software evaluation.
A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services had been “compromised by a sophisticated threat actor,” the email-protection company announced in mid-January. That caused speculation that the breach was related to SolarWinds, which the firm confirmed in an update this week.
Palo Alto disculsed tha 2 security incidents discovered in September and October 2020 wre linked to SolarWinds software installations.
Qualys said that its compromised certificate as installed only on test systems.
The list of impacted company keeps growing, and at this point includes Cisco, Cox and more.
Read more about it here.