Zero-day attack caused Rackspace incident

In early December, American cloud computing provider Rackspace suffered a security incident due to a ransomware attack. The breach directly affected the company’s hosted Microsoft Exchange email service, affecting a number of customers. After working with cybersecurity experts to identify the cause of the breach, it has been found that a zero-day exploit in the Microsoft Exchange version used by Rackspace. Using the CVE-2022-41080 vulnerability, attackers entered the company’s environment and deployed ransomware. Officers have named a ransomware group called Play responsible for the attack. In recent days, Rackspace declared they would move all services off the Microsoft Exchange platform.