"Dangerous Vulnerability Can Be Exploited to Carry Out Massive DDoS Attacks"
"Dangerous Vulnerability Can Be Exploited to Carry Out Massive DDoS Attacks"
Cloudflare, Google, and Amazon AWS have disclosed that a zero-day vulnerability called HTTP/2 Rapid Reset in the HTTP/2 protocol has been exploited to launch massive, high-volume Distributed Denial-of-Service (DDoS) attacks. Cloudflare discovered the zero-day vulnerability developed by an unknown threat actor in August 2023. The vulnerability exploits the standard HTTP/2 protocol, a crucial component of the Internet and most websites. This new attack works by making hundreds of thousands of "requests" that are then promptly canceled.