CVE-2022-41080

Tools allow attackers to harvest data typically locked by the operating system.

Posted: 19 Apr, 20236 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinPlay Ransomware Group Using New Custom Data-Gathering ToolsTools allow attackers to harvest data typically locked by the operating system.The Play ransomware group is using two new, custom-developed tools that allow it to enumerate all users and computers on a compromised network, and copy files from the Volume Shadow Copy Service (VSS) that are normally locked by the operati...

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Play gang blamed, ProxyNotShell cleared and hosted Exchange doomed

Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack. Rackspace said "more than half" of its customers who lost their hosted email service last month now have "some or all of their data available to them for download," in its latest and final status update, posted today. But customers aren't exactly...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources And that's not counting the incoming lawsuits

Rackspace's costs from last year's ransomware infection continue to mount: the cloud hosting biz told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million – so far. The extortionware raid on the IT provider, initially described as a "security incident," hit Rackspace's hosted Microsoft Exchange on December 2, 2022, shutting down email services to thousands of customers, most of whom were small and mid-sized businesses. Four days ...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources And that's not counting the incoming lawsuits. Thank goodness for insurance, eh?

Rackspace's costs from last year's ransomware infection continue to mount. The cloud hosting biz has told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have now reached about $11 million, though insurance has helped cover half of that. The extortionware raid on the IT provider, initially described as a "security incident," hit Rackspace's hosted Microsoft Exchange on December 2, 2022, shutting down email services to thousands of customers, most of w...