Subscribe to Updates

    Get the latest creative news from CRYPTO NOUNCE.

    What's Hot

    Israel stocks higher at close of trade; TA 35 up 1.99% By Investing.com

    March 27, 2023

    Snap exec and head of growth Jacob Andreou heads to Greylock

    March 27, 2023

    First Citizens Buys Silicon Valley Bank

    March 27, 2023
    Facebook Twitter Instagram
    Facebook Twitter Instagram Vimeo
    Cryptonounce.com
    Contact
    • Business
      • Deals
      • investors
      • IPO
      • Startups
      • Wall Street
    • Markets
      • Bonds
      • Commodities & Futures
      • Currencies
      • Funds & ETFs
      • Stocks
    • Crypto
      • Alticoins News
      • Binance News
      • Bitcoins News
      • Blockchain News
      • Ethereum News
      • Token Sales News
      • XRP News
    • Technology
      • Artificial Intelligence
      • Big Data
      • Cloud Computing
      • Cybersecurity
      • Gaming
      • Internet of Things
      • Mobile
      • Social Media
      • Transportation
      • VR & AR
    • FinTech
    • Personal finance
    • Grides
      • Crypto
      • FinTech
      • Investing
      • Personal Finance Guides
      • Techonology
    • Tools
      • Coins
      • ICO List
      • Organigations
      • Events
    Cryptonounce.com
    Home » Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
    Cybersecurity

    Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach

    AdmincryptBy AdmincryptJanuary 6, 2023No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp VKontakte Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Jan 06, 2023Ravie LakshmananCloud Security / Cyber Threat

    Play Ransomware

    Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month’s breach.

    The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment.

    “This zero-day exploit is associated with CVE-2022-41080,” the Texas-based company said. “Microsoft disclosed CVE-2022-41080 as a privilege escalation vulnerability and did not include notes for [it] being part of a remote code execution chain that was exploitable.”

    Rackspace’s forensic investigation found that the threat actor accessed the Personal Storage Table (.PST) of 27 customers out of a total of nearly 30,000 customers on the Hosted Exchange email environment.

    However, the company said there is no evidence the adversary viewed, misused, or distributed the customer’s emails or data from those personal storage folders. It further said it intends to retire its Hosted Exchange platform as part of a planned migration to Microsoft 365.

    It’s not currently not known if Rackspace paid a ransom to the cybercriminals, but the disclosure follows a report from CrowdStrike last month that shed light on the new technique, dubbed OWASSRF, employed by the Play ransomware actors.

    The mechanism targets Exchange servers that are unpatched against the ProxyNotShell vulnerabilities (CVE-2022-41040 and CVE-2022-41082) but have in place URL rewrite mitigations for the Autodiscover endpoint.

    This involves an exploit chain comprising CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution in a manner that bypasses the blocking rules through Outlook Web Access (OWA). The flaws were addressed by Microsoft in November 2022.

    The Windows maker, in a statement shared with The Hacker News, urged customers to prioritize installing its November 2022 Exchange Server updates and noted that the reported method targets vulnerable systems that have not applied the latest fixes.

    Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
    Previous ArticleSamsung’s quarterly profit hits 8-year low amid weak demand for memory chips, smartphones • TechCrunch
    Next Article 1.5M houses could be powered by the energy Texas miners returned
    Admincrypt
    • Website

    Related Posts

    20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison

    March 27, 2023

    Where SSO Falls Short in Protecting SaaS

    March 27, 2023

    New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords

    March 27, 2023

    Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools

    March 27, 2023

    Leave A Reply Cancel Reply

    Our Picks
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    Stocks

    Israel stocks higher at close of trade; TA 35 up 1.99% By Investing.com

    By AdmincryptMarch 27, 20230

    © Omer Mesinger, TASE PR Israel stocks higher at close of trade; TA 35 up…

    Snap exec and head of growth Jacob Andreou heads to Greylock

    March 27, 2023

    First Citizens Buys Silicon Valley Bank

    March 27, 2023

    More layoff misery could be coming to Salesforce

    March 27, 2023

    Subscribe to Updates

    Get the latest creative news from CRYPTO NOUNCE.

    NEWS
    • Business
    • Crypto
    • Blockchain
    • Markets
    • Technology
    FEATURED SECTIONS
    • Coins
    • ICO List
    • Organigations
    • Events
    • Grides
    FEATURED LINKS
    • Story of the day
    • Videos
    • Infographics
    CONNECT WITH US
    • Facebook
    • Twitter
    • Telegram
    • LinkedIn
    • Pinterest
    ABOUT US
    • Contact
    • Advertise
    • Sitemap
    Copyright © 2023 Cryptonounce All rights reserved. Cryptonounce.
    • Home
    • Buy Now

    Type above and press Enter to search. Press Esc to cancel.

    Sign In or Register

    Welcome Back!

    Login to your account below.

    Lost password?