• Be chevron_right

    Beyond Chat – multimediale Räume mit Matrix

    debacle · / berlin-xmpp-meetup · Thursday, 1 April, 2021 - 09:45 edit

Beyond Chat – multimediale Räume mit Matrix

This time, we will have two talks!

First, a short howto style about Client Certificate Authentication mit XMPP (XEP-0178) and a longer one Beyond Chat – multimediale Räume mit Matrix with time for discussion.

Probably both talks will be held in de_DE.

When? Wednesday, 2021-04-14 18:00 CEST (always 2ⁿᵈ Wednesday of every month)

Where? Online, via our MUC ( A Jitsi video conference will be announced there.

See you then!

#jabber #xmpp #community #berlin #meetup #chat #federation #pki #certificate #ca #multimedia #matrix

  • Ar chevron_right

    Mimecast says SolarWinds hackers breached its network and spied on customers / ArsTechnica · Tuesday, 16 March, 2021 - 19:47

Breaking in the computer

Enlarge / Breaking in the computer (credit: Getty Images)

Email-management provider Mimecast has confirmed that a network intrusion used to spy on its customers was conducted by the same advanced hackers responsible for the SolarWinds supply chain attack.

The hackers, which US intelligence agencies have said likely have Russian origins, used a backdoored update for SolarWinds Orion software to target a small number of Mimecast customers. Exploiting the Sunburst malware sneaked into the update, the attackers first gained access to part of the Mimecast production-grid environment. They then accessed a Mimecast-issued certificate that some customers use to authenticate various Microsoft 365 Exchange web services.

Tapping Microsoft 365 connections

Working with Microsoft, which first discovered the breach and reported it to Mimecast, company investigators found that the threat actors then used the certificate to “connect to a low single-digit number of our mutual customers’ M365 tenants from non-Mimecast IP address ranges.”

Read 7 remaining paragraphs | Comments