Bobinas P4G
  • Login

  • Public

    • Public
    • Groups
    • Popular
    • People

Conversation

Notices

  1. BrianKrebs (briankrebs@infosec.exchange)'s status on Tuesday, 10-Oct-2023 15:14:19 UTC BrianKrebs BrianKrebs

    There's an important vulnerability being disclosed today that allows attackers to massively increase the size of DDoS attacks.

    The flaw is being tracked as CVE-2023-44487, a.k.a. "HTTP/2 Rapid Reset Attack." According to Damian Menscher at Google, the attack "works by sending a request and then immediately cancelling it (a feature of HTTP/2). This lets attackers skip waiting for responses, resulting in a more efficient attack."

    More info:

    https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack

    https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/

    https://aws.amazon.com/security/security-bulletins/AWS-2023-011/

    https://www.cloudflare.com/press-releases/2023/cloudflare-helps-discover-new-online-threat-that-led-to-largest-attack-in/

    In conversation about a year ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosecmediaeu/media_attachments/files/111/210/731/950/524/938/original/f8c7180bf4facbd1.png

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • Privacy
    • Source
    • Version
    • Contact

    Bobinas P4G is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All Bobinas P4G content and data are available under the Creative Commons Attribution 3.0 license.