Security News

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare
2023-10-11 13:40

Find out what security teams should do now, and hear what Cloudflare's CEO has to say about this DDoS. Google, AWS and Cloudflare have reported the exploitation of a zero-day vulnerability named HTTP/2 Rapid Reset and tracked as CVE-2023-44487, which is currently used in the wild to run the largest Distributed Denial of Service attack campaigns ever seen. The HTTP/2 Rapid Reset attack works by leveraging HTTP/2's stream cancellation feature: The attacker sends a request and cancels it immediately.

HTTP/2 'Rapid Reset' zero-day exploited in biggest DDoS deluge seen yet
2023-10-10 20:37

The method relies on stream multiplexing, a feature of the HTTP/2 protocol that allows multiple HTTP requests to be sent to a server on a single TCP connection. A feature of the protocol's streaming capability is the ability to send a request and soon after cancel that request, an action known as resetting the request's stream.

Mirai DDoS malware variant expands targets with 13 router exploits
2023-10-10 20:35

A Mirai-based DDoS malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others. IZ1H9 compromises devices to enlist them to its DDoS swarm and then launches DDoS attacks on specified targets, presumably on the order of clients renting its firepower.

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks
2023-10-10 15:24

Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called...

New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records
2023-10-10 14:12

A new DDoS technique named 'HTTP/2 Rapid Reset' has been actively exploited as a zero-day since August, breaking all previous records in magnitude.Since late August, Cloudflare has detected and mitigated over a thousand 'HTTP/2 Rapid Reset' DDoS attacks that surpassed 10 million rps, with 184 breaking the previous 71 million rps record.

Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
2023-10-10 13:18

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Based on Cloudflare's data, several attacks leveraging Rapid Reset were nearly three times larger than the largest DDoS attack in Internet history.

Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection
2023-10-03 09:29

Firewall and distributed denial-of-service (DDoS) attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls, defeating the very purpose of...

Global events fuel DDoS attack campaigns
2023-10-02 03:30

Cybercriminals launched approximately 7.9 million DDoS attacks in 1H 2023, representing a 31% year-over-year increase, according to NETSCOUT. Global events like the Russia-Ukraine war and NATO bids have driven recent DDoS attack growth. In 2023, Sweden experienced a similar onslaught around its NATO bid, culminating with a 500 Gbps DDoS attack in May. Overall, ideologically motivated DDoS attacks have targeted the United States, Ukraine, Finland, Sweden, Russia, and multiple other countries.

Cloudflare DDoS protections ironically bypassed using Cloudflare
2023-09-30 14:16

Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls. Specifically, the analyst identified two vulnerabilities in the system impacting Cloudflare's "Authenticated Origin Pulls" and "Allowlist Cloudflare IP Addresses."

DDoS 2.0: IoT Sparks New DDoS Alert
2023-09-15 10:25

The distributed nature of IoT devices renders them ideal platforms for these attacks, making it difficult to identify and block malicious traffic and thereby compounding the challenges of DDoS mitigation. Let's discuss how IoT DDoS attacks happen and how new IoT devices join the ranks of bots.