12/5/2023 0 Comments Microsoft outlook outage map![]() Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table ("PST") of 27 Hosted Exchange customers. We will be sharing more detailed information with our customers and peers in the security community so that, collectively, we can all better defend against these types of exploits in the future.Īs a reminder, no other Rackspace products, platforms, solutions, or businesses were affected or experienced downtime due to this incident. We urge all organizations and security teams to read the blog CrowdStrike recently published about this exploit and learn how to take action to protect your own organization, available at. ![]() Microsoft disclosed CVE-2022-41080 as a privilege escalation vulnerability and did not include notes for being part of a Remote Code Execution chain that was exploitable. This zero-day exploit is associated with CVE-2022-41080. The forensic investigation determined that the threat actor, known as PLAY, used a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment. We have been diligent about this forensic investigation and prioritizing accuracy and precision in everything we say and do, because our credibility is important to us at Rackspace. While there has been widespread speculation that the root cause of this incident was the result of the ProxyNotShell exploit, we can now definitively state that is not accurate. ![]() We have recently completed our forensic investigation and are now in a position to share more information about the root cause and full scope of the incident. Our Racker team has been hard at work over the holidays and into the New Year to support recovery efforts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |