Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded.
What are HTTP/2 Rapid Reset attacks?
HTTP/2 Rapid Reset attacks exploit a zero-day vulnerability, allowing attackers to send a large number of requests and then cancel them almost immediately. This method can overwhelm a website's resources, similar to older asymmetric query attacks, but at a much larger scale. For instance, during recent attacks, Cloudflare reported handling about 201 million requests per second.
What is the significance of CVE-2023-44487?
CVE-2023-44487 has a high severity CVSS score of 7.5, indicating its potential impact. It provides threat actors with a powerful tool to launch DDoS attacks at unprecedented scales, surpassing previous records. This vulnerability allows for a high volume of requests to be made with relatively low computational resources.
How do recent DDoS attack statistics compare to previous years?
Recent DDoS attacks have reached record-breaking levels, with peak requests per second exceeding those observed in 2022. For example, AWS recorded a peak of 155 million requests per second during these attacks, indicating a significant increase in the scale and intensity of such threats.
.png "QuattroOne")
Sign in with LinkedIn