wiredmikey writes: A zero-day vulnerability named ‘HTTP/2 Rapid Reset’ has been exploited by malicious actors to launch the largest distributed denial-of-service (DDoS) attacks in internet history. One of the attacks seen by Cloudflare was three times larger than the record-breaking 71 million requests per second (RPS) attack reported by company in February. Specifically, the HTTP/2 Rapid Reset DDoS campaign peaked at 201 million RPS, while Google’s observed a DDoS attack that peaked at 398 million RPS. The new attack method abuses an HTTP/2 feature called ‘stream cancellation’, by repeatedly sending a request and immediately canceling it.

Read more of this story at Slashdot.

Link to original post https://tech.slashdot.org/story/23/10/10/1550210/http2-zero-day-exploited-to-launch-largest-ddos-attacks-in-history?utm_source=rss1.0mainlinkanon&utm_medium=feed from Teknoids News

Read the original story