Tag Archives: cve

Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late August 2023, Cloudflare discovered a zero-day vulnerability developed by an unknown threat actor. The vulnerability exploits the standard HTTP/2 protocol—a fundamental piece to how the Internet and most websites operate. HTTP/2 is responsible for how browsers interact with a … More ? The post Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487) appeared first on Help Net Security .

More here:
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Defending against Windows RDP attacks

In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in people working remotely during the pandemic. With enterprises resorting to making RDP services publicly available, hackers have taken notice. Some DDoS attacks are leveraging RDP servers to amplify their effect, and malware like Trickbot is employing scanners to identify vulnerable open RDP ports. When it comes to remote … More ? The post Defending against Windows RDP attacks appeared first on Help Net Security .

See more here:
Defending against Windows RDP attacks