Monthly Archives: October 2023

HTTP/2 ‘Rapid Reset’ zero-day exploited in biggest DDoS deluge seen yet

Botnet storm drowned last record with 398 million requests per second A zero-day vulnerability in the HTTP/2 protocol was exploited to launch the largest distributed denial-of-service (DDoS) attack on record, according to Cloudflare.…

See the article here:
HTTP/2 ‘Rapid Reset’ zero-day exploited in biggest DDoS deluge seen yet

Mirai reloads exploit arsenal as botnet embarks on another expansion drive

With 13 new payloads it’s the biggest update to the botnet in months The infamous Mirai botnet was spotted by researchers who say it is spinning up again, this time with an “aggressively updated arsenal of exploits.”…

Read More:
Mirai reloads exploit arsenal as botnet embarks on another expansion drive

Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late August 2023, Cloudflare discovered a zero-day vulnerability developed by an unknown threat actor. The vulnerability exploits the standard HTTP/2 protocol—a fundamental piece to how the Internet and most websites operate. HTTP/2 is responsible for how browsers interact with a … More ? The post Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487) appeared first on Help Net Security .

More here:
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Global events fuel DDoS attack campaigns

Cybercriminals launched approximately 7.9 million DDoS attacks in 1H 2023, representing a 31% year-over-year increase, according to NETSCOUT. Global events like the Russia-Ukraine war and NATO bids have driven recent DDoS attack growth. Finland was targeted by pro-Russian hacktivists in 2022 during its bid to join NATO. Turkey and Hungary were targeted with DDoS attacks for opposing Finland’s bid. In 2023, Sweden experienced a similar onslaught around its NATO bid, culminating with a 500 Gbps … More ? The post Global events fuel DDoS attack campaigns appeared first on Help Net Security .

Excerpt from:
Global events fuel DDoS attack campaigns