www.itnews.com.au
Open in
urlscan Pro
203.176.102.69
Public Scan
URL:
https://www.itnews.com.au/news/http2-zero-day-enabled-record-setting-ddos-attacks-601080
Submission: On October 11 via api from TR — Scanned from AU
Submission: On October 11 via api from TR — Scanned from AU
Form analysis 1 forms found in the DOM
POST /news/http2-zero-day-enabled-record-setting-ddos-attacks-601080
<form id="frm-login" action="/news/http2-zero-day-enabled-record-setting-ddos-attacks-601080" method="post">
<h3 class="section-header"><span>Log In</span></h3>
<div id="login-form-register"><a href="/register">Don't have an account? Register now!</a></div>
<div id="login-validation"></div>
<div id="login-response"></div>
<div class="form-label email-login">Email:</div>
<div class="form-input"><input id="username" name="username" type="text" required=""></div>
<div class="form-label password-login">Password:</div>
<div class="form-input"><input id="password" name="password" type="password" required=""></div>
<div class="row form-checkbox">
<input id="rememberMe" name="rememberMe" type="checkbox"><label for="rememberMe">Remember me</label><span> | <a href="/forgot" title="Forgot your password?">Forgot your password?</a></span>
</div>
</form>Text Content
Latest News APPLE PAY, GOOGLE WALLET FACE RBA REGULATION TELSTRA ACQUIRES VERSENT FOR $267.5 MILLION RAPID RESET AMONG MICROSOFT’S 105 PATCHES FOR OCTOBER HTTP2 ZERO-DAY ENABLED RECORD-SETTING DDOS ATTACKS SPANISH AIRLINE AIR EUROPA HIT BY CREDIT CARD SYSTEM BREACH * Australia Edition * Asia Edition LOG IN SUBSCRIBE Search BUSINESS CLOUD DATA CENTRE EDUCATION FINANCE HARDWARE HEALTHCARE INDUSTRIAL NETWORKING PROJECTS SOFTWARE STORAGE STRATEGY TECHNOLOGY TELCO/ISP State of Security State of Sustainability State of IT Focal Points MEDIA HUB PARTNER CONTENT PARTNER HUBS RESEARCH * NEWS * GOVERNMENT * SECURITY * REPORTS * RESOURCES * PODCAST * BENCHMARKS NEWS BUSINESS CLOUD DATA CENTRE EDUCATION FINANCE HARDWARE HEALTHCARE INDUSTRIAL NETWORKING PROJECTS SOFTWARE STORAGE STRATEGY TECHNOLOGY TELCO/ISP GOVERNMENT SECURITY REPORTS State of Security State of Sustainability State of IT RESOURCES Focal Points MEDIA HUB PARTNER CONTENT PARTNER HUBS RESEARCH PODCAST BENCHMARKS Australia Edition Asia Edition LOG IN Email: Password: Remember me | Forgot password? Don't have an account? Register now! * Home * News * Technology * Security HTTP2 ZERO-DAY ENABLED RECORD-SETTING DDOS ATTACKS By Richard Chirgwin Oct 11 2023 9:53AM VENDORS SCRAMBLE TO PATCH RAPID RESET VULNERABILITY. Web server vendors have been busy responding to an HTTP2 protocol vulnerability which Google said has enabled high-capacity DDoS attacks it has observed since August 2023. Tagged as CVE-2023-44487, what Google and others found is that HTTP2’s ability to support multiple streams in a TCP session is vulnerable to what it’s dubbed a “Rapid Reset” attack. In a blog post, Google said one Rapid Reset attack it observed generated a traffic peak of 398 million requests per second. While Google said its infrastructure was able to withstand the attack, a “coordinated effort” was needed to understand the attack mechanics and mitigations. In a technical blog post, Google described the Rapid Reset problem in detail. In brief: the attacker’s client opens a large number of streams per TCP session to the server, and immediately cancels those requests, which can lead to resource exhaustion in the server. “The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly cancelling the requests, the attacker never exceeds the limit on the number of concurrent open streams," the post states. “In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for cancelled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource.” At the same time, the attacking client needs less capacity: “Cancelling the requests before a response is written reduces downlink (server/proxy to attacker) bandwidth.” Cloudflare has also written up Rapid Reset, adding it was “concerning ... that the attacker was able to generate such an attack with a botnet of merely 20,000 machines". Industry response Fixes have already been issued in a large number of affected products (a complete list is at the vulnerability’s CVE entry). Products already patched include Eclipse’s Jetty project; Swift; the NGHTTP2 library; Alibaba’s Tengine; Apache Tomcat; some F5 Big-IP products; Bugzilla’s Proxmox; FreeBSD; Golang; Facebook’s Proxygen; and more. Microsoft and AWS have issued their own advice on how to prevent HTTP2 Rapid Reset attacks. Got a news tip for our journalists? Share it with us anonymously here. Copyright © iTnews.com.au . All rights reserved. Tags: cloudflaregooglehttp2microsoftsecurity RELATED ARTICLES * Rapid Reset among Microsoft’s 105 patches for October * Spanish airline Air Europa hit by credit card system breach * ACT government CISO role elevated to executive level * Home Affairs website hit by DDoS attack PARTNER CONTENT Partner Content Driving down cloud costs during economic volatility with Kloudify Technologies Partner Content Reduced case resolution times and increased victim and witness engagement with Appian case management Partner Content Modern thinking is needed to counter modern security threats Partner Content Robust identity management bolsters security and boosts revenues in higher education SPONSORED WHITEPAPERS How to reach the ‘Holy Grail’ of security and performance with SASE Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards Transforming Your Business The Complete Cloud Security Buyer's Guide The Complete MDR Buyer's Guide EVENTS * Forrester Technology & Innovation APAC 2023 MOST READ ARTICLES NDIA BACKS INFOSEC AFTER INTERNAL REPORT KEPT PRIVATE APPLE MOVES ON KERNEL BUG ATLASSIAN PATCHES UNDER-ATTACK CONFLUENCE ZERO-DAY HOME AFFAIRS WEBSITE HIT BY DDOS ATTACK Please enable JavaScript to view the comments powered by Disqus. DIGITAL NATION Health tech startup Kismet raises $4m in pre-seed funding How eBay uses interaction analytics to improve CX COVER STORY: What AI regulation might look like in Australia More than half of loyalty members concerned about their data State of Security 2023 MOST POPULAR TECH STORIES * STATE OF SECURITY 2023 COVER STORY: SUSTAINABILITY AND AI, A PROMISING PARTNERSHIP OR AN ENVIRONMENTAL GREY AREA? FYAI: WHAT IS AN AI HALLUCINATION AND HOW DOES IT IMPACT BUSINESS LEADERS? CASE STUDY: WARREN AND MAHONEY ADOPTS DIGITAL TOOLS TO REDUCE ITS CARBON FOOTPRINT CRICKET AUSTRALIA AUTOMATES EXPERIENCES FOR FANS AND PLAYERS * THALES $176 MILLION TESSERENT PURCHASE A DONE DEAL ZERO TRUST BECOMING MAINSTREAM, SAYS CYBERCX'S ANDREW BEDFORD CISCO PREDICTS HEALTHY AUSTRALIAN MANAGED SERVICES REVENUE UNTIL 2025 TELSTRA NETWORKS AND TECH CHIEF NIKOS KATINAKIS TO DEPART MICROSOFT DISCLOSES NEW HACKER TACTIC MENACING AZURE CLOUD * RIGHT TO REPAIR: LARGE SCALE IT BUYERS CAN INFLUENCE PRODUCT DESIGN... AND THEY SHOULD SHIVERING IN SUMMER? SWEATING IN WINTER? YOUR BUILDING IS LIVING A LIE BUILDING A MODERN WORKPLACE FOR A REMOTE WORKFORCE VENOM BLACKBOOK ZERO 15 PHANTOM HOW LONG WILL A UPS KEEP YOUR COMPUTERS ON IF THE LIGHTS GO OUT? * SAMSUNG, WHIRLPOOL BANK ON SMART FRIDGE RENAISSANCE WHEN MINUTES SAVE LIVES: IOT DELIVERS EARLIER FLOOD WARNINGS ANNOUNCING THE 2022-23 IOT AWARDS FINALISTS A SELF-MANAGING SMART BIN FOR EWASTE HOW SYDNEY OLYMPIC PARK IS SETTING THE PACE ON DIGITAL TRANSPARENCY Contact Us About Us Feedback Advertise Newsletter Archive Site Map RSS © 2023 nextmedia Pty Ltd. OTHER TECH SITES: BIT | CRN Australia | Digital Nation | IoT Hub All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation. Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions. Powered By Accept By using our site you accept that we use and share cookies and similar technologies to perform analytics and provide content and ads tailored to your interests. By continuing to use our site, you consent to this. Please see our Cookie Policy for more information. Close LOG IN Don't have an account? Register now! Email: Password: Remember me | Forgot your password? Log InCancel