Encircle News!

Retro Game Arcade
, , ,

Rackspace internal systems hit by security threat, customer data exposed

TechRadar – All the latest technology news

Rackspace has reportedly suffered a supply chain attack that resulted in some internal monitoring information belonging to its clients being accessed.

Apparently, Rackspace used its own servers to host a monitoring dashboard, built by ScienceLogic, for its customers. ScienceLogic is an IT operations management platform that provides real-time monitoring, automation, and analytics for hybrid IT environments. Bundled with this monitoring dashboard came a piece of software (which ScienceLogic does not want to identify at this time) that contained a zero-day vulnerability.

“We identified a zero-day remote code execution vulnerability within a non-ScienceLogic third-party utility that is delivered with the SL1 package, for which no CVE has been issued,” a spokesperson for ScienceLogic told The Register.

Notifying the users

As it turns out, threat actors found out about this zero-day, and used it to gain access to Rackspace’s servers. There, they grabbed some internal monitoring information belonging to the company’s clients.

The Register also obtained a copy of a letter the company sent to affected customers. In it, Rackspace says that the internal monitoring information included customer account names and numbers, customer usernames, Rackspace internally generated device IDs, names and device information, device IP address, and AES256-encrypted Rackspace internal device agent credentials.

As soon as the company discovered the intrusion, it temporarily shut down its monitoring dashboard for its customers. ScienceLogic came back with a patch, and the vulnerability was fixed. Other than that, there was no additional impact. Customer performance monitoring was left untouched, and no other customer services were disrupted, it was said.

Consequently, customers need not take any action at this time. Still, Rackspace says that “in an abundance of caution”, users should rotate the Rackspace internal device agent credentials. Besides Rackspace, ScielceLogic also notified the customers of the incident.

More from TechRadar Pro

https://www.techradar.com/pro/security/rackspace-internal-systems-hit-by-security-threat

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Featured Posts

October 2024
M T W T F S S
 123456
78910111213
14151617181920
21222324252627
28293031  

About Us

Welcome to encircle News! We are a cutting-edge technology news company that is dedicated to bringing you the latest and greatest in everything tech. From automobiles to drones, software to hardware, we’ve got you covered.

At encircle News, we believe that technology is more than just a tool, it’s a way of life. And we’re here to help you stay on top of all the latest trends and developments in this ever-evolving field. We know that technology is constantly changing, and that can be overwhelming, but we’re here to make it easy for you to keep up.

We’re a team of tech enthusiasts who are passionate about everything tech and love to share our knowledge with others. We believe that technology should be accessible to everyone, and we’re here to make sure it is. Our mission is to provide you with fun, engaging, and informative content that helps you to understand and embrace the latest technologies.

From the newest cars on the road to the latest drones taking to the skies, we’ve got you covered. We also dive deep into the world of software and hardware, bringing you the latest updates on everything from operating systems to processors.

So whether you’re a tech enthusiast, a business professional, or just someone who wants to stay up-to-date on the latest advancements in technology, encircle News is the place for you. Join us on this exciting journey and be a part of shaping the future.

Podcasts

TWiT 999: Bananas and Browsers – CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews This Week in Tech (Audio)

CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews Sam Altman's AI Manifesto News from Meta Connect Gavin Newsom vetoes sweeping AI safety bill, siding with Silicon Valley The Panel discusses CoPilot The Panel debates AGI James Cameron Joins Board of Stability AI in Coup for Tech Firm SAG-AFTRA Calls Strike Against 'League of Legends' Rabbit says only 5,000 people use the R1 daily Orion: True AR Glasses Have Arrived AI smackdown: How a new FTC ruling just protected the free press DoNotPay has to pay $193K for falsely touting untested AI lawyer, FTC says Firefox Review Checker – Ensure review authenticity in your online shopping New California law requires one-click subscription cancellations The DOJ sues Visa for locking out rival payment platforms NIST proposes barring some of the most nonsensical password rules Some Mad Genius Put ChatGPT on a TI-84 Graphing Calculator 23andMe troubles, company recently settled data insecurity suit for $30 mil Host: Leo Laporte Guests: Denise Howell, Parmy Olson, Daniel Rubino, and Henry Laporte Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: lookout.com 1password.com/twit shopify.com/twit veeam.com flashpoint.io
  1. TWiT 999: Bananas and Browsers – CA AI Bill Veto, Meta's Orion, FTC Vs. Fake Reviews
  2. TWiT 998: Artisanal Locally-Sourced Dopamine – Amazon Returns to Office, CA AI Bill, Elon Backs Down
  3. TWiT 997: Put an OLED on it – iPhone Event 2024, $700 PS5, AI in AU
  4. TWiT 996: The Quiet Office Crackdown – Starlink Backtracks, AI Royalty Heist
  5. TWiT 995: The Story of Us – AnandTech Shuts Down, Brazil Bans X, Alexa Revamp