https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63517#M932 <P>How widely used is HTTP2?&nbsp; I think this was the first time I'd heard the term.</P><P>&nbsp;</P><P>Also, Amazon doesn't share much details, but they did <A href="https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/" target="_blank" rel="noopener">write up a response to the event</A>.</P> Wed, 11 Oct 2023 12:22:10 GMT ericgeater 2023-10-11T12:22:10Z https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63512#M931 <P>Hi All</P><P>&nbsp;</P><P>A new DDoS (distributed denial of service) technique named 'HTTP/2 Rapid Reset' has been actively exploited as a zero-day since August, breaking all previous records in magnitude.</P><P>&nbsp;</P><P>News of the zero-day technique comes as a coordinated announcement today between Amazon Web Services, Cloudflare, and Google, who report mitigating attacks reaching 155 million requests per second (Amazon),&nbsp;201 million rps (Cloudflare), and a record-breaking 398 million rps (Google).</P><P>&nbsp;</P><P data-unlink="true">Google says they were able to mitigate&nbsp; these new attacks by adding further capacity on the edge of their network.</P><P data-unlink="true">&nbsp;</P><P data-unlink="true"><A href="https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" target="_blank" rel="noopener">https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/</A></P><P data-unlink="true">&nbsp;</P><P data-unlink="true">Regards</P><P data-unlink="true">&nbsp;</P><P data-unlink="true">Caute_Cautim</P> Tue, 10 Oct 2023 23:53:14 GMT https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63512#M931 Caute_cautim 2023-10-10T23:53:14Z https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63517#M932 <P>How widely used is HTTP2?&nbsp; I think this was the first time I'd heard the term.</P><P>&nbsp;</P><P>Also, Amazon doesn't share much details, but they did <A href="https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/" target="_blank" rel="noopener">write up a response to the event</A>.</P> Wed, 11 Oct 2023 12:22:10 GMT https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63517#M932 ericgeater 2023-10-11T12:22:10Z https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63541#M933 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/136236425">@ericgeater</a>Dark Reading has also issued a follow up too and explanation:&nbsp; Along with CVE details:</P><P>&nbsp;</P><P><A href="https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" target="_blank">https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Wed, 11 Oct 2023 23:15:26 GMT https://community.isc2.org/t5/Threats/HTTP-2-Rapid-Reset-Distributed-Denial-of-Service/m-p/63541#M933 Caute_cautim 2023-10-11T23:15:26Z