"Rackspace Hosted Exchange Still Offline Over Security Issue"

Thousands of Rackspace customers worldwide are still experiencing Microsoft Exchange Server outages, which the managed services company attributes to a security incident. Rackspace says it will shut down its hosted Exchange service indefinitely while it investigates the specific problem, which has not yet been identified publicly. Rackspace, based in Texas, is the world's largest managed cloud provider, with over 300,000 customers worldwide, including two-thirds of the world's 100 largest publicly traded companies. Rackspace has advised all affected customers to migrate to Microsoft 365 as a temporary solution and has offered them Microsoft Exchange Plan 1 licenses until further notice at no extra cost. MAPI/RPC, POP, IMAP, SMTP, ActiveSync, and the Outlook Web Access interface used to access Hosted Exchange instances for online email management are among the services impacted by its Hosted Exchange offering remaining offline. While the company has yet to release details about the security incident, British cybersecurity expert Kevin Beaumont believes evidence suggests Rackspace was running Microsoft Exchange servers that were still vulnerable to the two ProxyNotShell flaws. Microsoft patched the pair of Exchange zero-day vulnerabilities in early November, after they were publicly disclosed in late September and were known to be exploited in the wild by a threat actor with Chinese origin indicators. According to Beaumont, research using the Internet of Things (IoT) devices search engine Shodan indicates that Rackspace was using at least some Exchange clusters with build numbers from August, which predate Microsoft's patches. This article continues to discuss Rackspace going offline due to a security incident.

BankInfoSecurity reports "Rackspace Hosted Exchange Still Offline Over Security Issue"