Security News

Cloudflare says the number of hyper-volumetric HTTP DDoS attacks recorded in the third quarter of 2023 surpasses every previous year, indicating that the threat landscape has entered a new chapter. A Cloudflare report shared with BleepingComputer reveals that, during Q3 2023, the internet company mitigated thousands of hyper volumetric HTTP DDoS attacks.

Find out what security teams should do now, and hear what Cloudflare's CEO has to say about this DDoS. Google, AWS and Cloudflare have reported the exploitation of a zero-day vulnerability named HTTP/2 Rapid Reset and tracked as CVE-2023-44487, which is currently used in the wild to run the largest Distributed Denial of Service attack campaigns ever seen. The HTTP/2 Rapid Reset attack works by leveraging HTTP/2's stream cancellation feature: The attacker sends a request and cancels it immediately.

The method relies on stream multiplexing, a feature of the HTTP/2 protocol that allows multiple HTTP requests to be sent to a server on a single TCP connection. A feature of the protocol's streaming capability is the ability to send a request and soon after cancel that request, an action known as resetting the request's stream.

Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called...

A new DDoS technique named 'HTTP/2 Rapid Reset' has been actively exploited as a zero-day since August, breaking all previous records in magnitude.Since late August, Cloudflare has detected and mitigated over a thousand 'HTTP/2 Rapid Reset' DDoS attacks that surpassed 10 million rps, with 184 breaking the previous 71 million rps record.

The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS tunneling.

"Disable HTTP and HTTPS traffic to MOVEit Transfer," says Progress Software, and the timeframe for doing so is "Immediately", no ifs, no buts. Progress Software is the maker of file-sharing software MOVEit Transfer, and the hosted MOVEit Cloud alternative that's based on it, and this is its third warning in three weeks about hackable vulnerabilities in its product.

The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers' servers. The link between ChamelGang and the new Linux malware is based on a domain previously associated with the threat actor and a custom privilege elevation tool observed by Positive Technologies in past ChamelGang campaigns.

Logowatch Google plans to retire the padlock icon that appears in the Chrome status bar during a secure HTTPS web browsing session because the interface graphic has outlived its usefulness. Today's Chrome lock icon currently oversees a broad portfolio of functions.

In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol. "We redesigned the lock icon in 2016 after our research showed that many users misunderstood what the icon conveyed. Despite our best efforts, our research in 2021 showed that only 11% of study participants correctly understood the precise meaning of the lock icon," the team explained.