US Authorities Have Seized 48 Domains That Sold DDoS-for-Hire Services

Read also: Microsoft fixes a Windows zero-day, security researchers detail a way to bypass popular web application firewalls, and more.

US takes down 48 domains that offered DDoS-for-Hire services

The US authorities have seized 48 domains that sold DDoS-for-Hire services also known as “booter” or “stresser” services. According to the US Department of Justice, these domains were used to launch millions of DDoS attacks targeting victims worldwide.

Chinese hackers are actively exploiting Citrix zero-day bug

The US National Security Agency (NSA) has warned that a China-based cyber-espionage group known as APT5 is actively exploiting a zero-day vulnerability (CVE-2022–27518) in Citrix Application Delivery Controller (ADC) and Gateway appliances to take over affected systems.

Uber suffers a data breach after a third-party provider hacked

Uber is investigating a data leak after hackers compromised an AWS backup server belonging to the third-party provider Teqtivity and gained access to customer information stored there.

Microsoft, Apple fix Windows, iOS zero-days

Microsoft has rolled out security updates as part of its monthly Patch Tuesday release designed to address over 50 security vulnerabilities impacting various Windows components and other software, including a zero-day flaw actively exploited in the wild.

Security researchers detail a way to bypass popular web application firewalls

A team of researchers has discovered a new technique that allows to circumvent popular web application firewalls from various makers like Palo Alto Networks, Amazon Web Services, Cloudflare, F5, and Imperva.

Full Story: https://www.immuniweb.com/blog/us-authorities-have-seized-48-domains-that-sold-ddos-for-hire-services.html