In an email sent to customers and seen by The Register, Rackspace warned that the hackers exploited the zero-day to gain access to web servers and steal limited customer monitoring data, including customer account names and numbers, customer usernames, Rackspace internally generated device IDs, device name and information, IP addresses, and AES256 encrypted Rackspace internal device agent credentials. Cloud hosting provider Rackspace suffered a data breach exposing "limited" customer monitoring data after threat actors exploited a zero-day vulnerability in a third-party tool used by the ScienceLogic SL1 platform. "Oopsie, a zero-day remote code execution vulnerability was exploited ... third-party ScienceLogic application used by Rackspace," an account named ynezz shared on X. "We identified a zero-day remote code execution vulnerability within a non-ScienceLogic third-party utility that is delivered with the SL1 package," explained a statement from Jessica Lindberg, Vice President at ScienceLogic.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 01 Oct 2024 19:30:26 +0000