[ad_1]
Rackspace hosted Change suffered a catastrophic outage starting December 2, 2022 and continues to be ongoing as of 12:37 AM December 4th. Initially described as connectivity and login points, the steerage was finally up to date to announce that they had been coping with a safety incident.
Rackspace Hosted Change Points
The Rackspace system went down within the early morning hours of December 2, 2022. Initially there was no phrase from Rackspace about what the issue was, a lot much less an ETA of when it might be resolved.
Prospects on Twitter reported that Rackspace was not responding to help emails.
This has been fairly the day with #Rackspace. Each hosted change shopper has been down for 14 hours or so. Help is not studying/responding to tickets. Updates are unhelpful.
I’m involved now that they fell sufferer to one thing unhealthy just like the ProxyNotShell PoC hack. https://t.co/jchKsAO3Z7
— Joe Sinkwitz (@CygnusSEO) December 2, 2022
A Rackspace buyer privately messaged me over social media on Friday to narrate their expertise:
“All hosted Change purchasers down over the previous 16 hours.
Unsure what number of firms that’s, but it surely’s vital.
They’re serving a 554 lengthy delay bounce so folks emailing in aren’t conscious of the bounce for a number of hours.”
The official Rackspace standing web page supplied a operating replace of the outage however the preliminary posts had no data aside from there was an outage and it was being investigated.
The primary official replace was on December 2nd at 2:49 AM:
“We’re investigating a difficulty that has effects on our Hosted Change environments. Extra particulars will likely be posted as they develop into obtainable.”
13 minutes later Rackspace started calling it a “connectivity concern.”
“We’re investigating experiences of connectivity points to our Change environments.
Customers might expertise an error upon accessing the Outlook Internet App (Webmail) and syncing their e-mail shopper(s).”
By 6:36 AM the Rackspace updates described the continued drawback as “connectivity and login points” then later that afternoon at 1:54 PM Rackspace introduced they had been nonetheless within the “investigation section” of the outage, nonetheless making an attempt to determine what went flawed.
And they had been nonetheless calling it “connectivity and login points” of their Cloud Workplace environments at 4:51 PM that afternoon.
Rackspace Recommends Migrating to Microsoft 365
4 hours later Rackspace referred to the scenario as a “vital failure”and started providing their prospects free Microsoft Change Plan 1 licenses on Microsoft 365 as a workaround till they understood the issue and will deliver the system again on-line.
The official steerage said:
“We skilled a major failure in our Hosted Change setting. We proactively shut down the setting to keep away from any additional points whereas we proceed work to revive service. As we proceed to work by way of the basis reason behind the difficulty, we’ve got an alternate answer that can re-activate your capability to ship and obtain emails.
Without charge to you, we will likely be offering you entry to Microsoft Change Plan 1 licenses on Microsoft 365 till additional discover.”
Rackspace Hosted Change Safety Incident
It was not till almost 24 hours later at 1:57 AM on December third that Rackspace formally introduced that their hosted Change service was affected by a safety incident.
The announcement additional revealed that the Rackspace technicians had powered down and disconnected the Change setting.
Rackspace posted:
“After additional evaluation, we’ve got decided that it is a safety incident.
The recognized impression is remoted to a portion of our Hosted Change platform. We’re taking obligatory actions to judge and defend our environments.”
Twelve hours later that afternoon they up to date the standing web page with extra data that their safety staff and outdoors specialists had been nonetheless engaged on fixing the outage.
Was Rackspace Service Affected by a Vulnerability?
Rackspace has not launched particulars of the safety occasion.
A safety occasion usually includes a vulnerability and there are two extreme vulnerabilities at present within the wile that had been patched in November 2022.
These are the 2 most present vulnerabilities:
- CVE-2022-41040
Microsoft Change Server Server-Facet Request Forgery (SSRF) Vulnerability
A Server Facet Request Forgery (SSRF) assault permits a hacker to learn and alter information on the server. - CVE-2022-41082
Microsoft Change Server Distant Code Execution Vulnerability
A Distant Code Execution Vulnerability is one wherein an attacker is ready to run malicious code on a server.
An advisory revealed in October 2022 described the impression of the vulnerabilities:
“An authenticated distant attacker can carry out SSRF assaults to escalate privileges and execute arbtirary PowerShell code on susceptible Microsoft Change servers.
Because the assault is focused towards Microsoft Change Mailbox server, the attacker can doubtlessly achieve entry to different assets through lateral motion into Change and Lively Listing environments.”
The Rackspace outage updates haven’t indicated what the precise drawback was, solely that it was a safety incident.
Probably the most present standing replace as of December 4th said that the service continues to be down and prospects are inspired emigrate to the Microsoft 365 service.
Rackspace posted the next on December 4, 2022 at 12:37 AM:
“We proceed to make progress in addressing the incident. The supply of your service and safety of your information is of excessive significance.
We now have dedicated intensive inner assets and engaged world-class exterior experience in our efforts to attenuate adverse impacts to prospects.”
It’s doable that the above famous vulnerabilities are associated to the safety incident affecting the Rackspace Hosted Change service.
There was no announcement of whether or not buyer data has been compromised. This occasion continues to be ongoing.
Featured picture by Shutterstock/Orn Rin
[ad_2]
