HTTP/2 Protocol Exploited in Largest DDoS Attack Ever
Google, Cloudflare, and Amazon Web Services have revealed a new zero-day vulnerability known as “HTTP/2 Rapid Reset.”
Attacks exploiting the vulnerability targeted cloud and Internet infrastructure providers and peaked in August. “These attacks were significantly larger than any previously reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second,” Google says.
The attack used a novel “Rapid Reset” technique leveraging the stream multiplexing feature of the widely implemented HTTP/2 protocol.
See further analysis at Google Cloud.
10/12/2023
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.