[oldguy1776]

One would think that a large organization such as this would have absolutely the best cyber security around. But I’m not all that surprised. Many company’s skimp on their security and hope they don’t get hit. It happens more than people realize.

[linMcHlp]

Rackspace Hosted Exchange Outage Due to Security Incident
https://www.searchenginejournal.com/rackspace-hosted-exchange-outage-due-to-security-incident/473062/

Excerpted from that info:

These are the two most current vulnerabilities:

CVE-2022-41040
Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability
A Server Side Request Forgery (SSRF) attack allows a hacker to read and change data on the server.

CVE-2022-41082
Microsoft Exchange Server Remote Code Execution Vulnerability
A Remote Code Execution Vulnerability is one in which an attacker is able to run malicious code on a server.

- - -

A recent Techcrunch article:

https://techcrunch.com/2022/12/06/rackspace-blames-ransomware-attack-for-ongoing-exchange-outage/

EXCERPT:

[S]ecurity researcher Kevin Beaumont believes the incident may involve exploitation of the Microsoft Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082, better known as ProxyNotShell. ProxyNotShell first came to light in late September after Vietnamese cybersecurity company GTSC observed it being exploited in the wild. Microsoft confirmed exploitation the following month and linked it to a state-sponsored hacker group.

[zeugma]

One would think that a large organization such as this would have absolutely the best cyber security around.

Pretty much, if you're using Microsoft Exchange, you really don't give a crap about security. What a virus and worm magnet.