image credit: Garrett Heath / Flickr

Rackspace Hosted Email Flaw Actively Exploited by Attackers

November 5, 2020

Attackers have been actively exploiting a flaw in Rackspace’s hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams.

So warns 7 Elements, an IT security testing consultancy based in Edinburgh, Scotland, which says that attackers have been using what it’s dubbed as an “SMTP Multipass” attack – SMTP refers to simple mail transfer protocol – since it’s designed to subvert multiple accounts and bypass DNS-based defenses against spoofed emails. All organizations that use Rackspace’s hosted email services appear to have been vulnerable to having their email domains get misused in this manner.

Read More on DataBreach Today