October 11, 2023 at 08:24AM Tech companies including Cloudflare, AWS, and Google have responded to the HTTP/2 zero-day vulnerability that led to massive distributed denial-of-service attacks. The attacks exploited the HTTP/2 Rapid Reset feature, resulting in servers being taken down. Organizations like CISA, Microsoft, NGINX, F5, Netty, Apache, Swift, and Linux distributions have issued advisories … Read more
October 10, 2023 at 07:58PM Microsoft has released over 100 security updates, including fixes for two bugs that are already being actively exploited. One of the vulnerabilities, known as Rapid Reset, is an HTTP/2 weakness that has been used since August to launch distributed denial of service (DDoS) attacks. Microsoft WordPad also has an information … Read more
October 10, 2023 at 03:35PM A new zero-day attack named “HTTP/2 Rapid Reset” has exploited a security vulnerability, resulting in a record-breaking distributed denial-of-service (DDoS) flood. The attack targeted cloud and Internet infrastructure providers and lasted for minutes. The attack utilized a bug in the HTTP/2 protocol, affecting about 60% of web applications. While mitigation … Read more
October 10, 2023 at 03:10PM Microsoft has released the KB5031356 cumulative update for Windows 10 21H2 and 22H2, containing security updates and fixes for various issues. Users can manually install the update through Windows Update or Microsoft Update Catalog. Notable fixes include improvements to the search box experience on the taskbar and addressing issues with … Read more
October 10, 2023 at 03:03PM Microsoft has released the optional KB5031356 cumulative update for Windows 10 21H2 and 22H2, containing 25 fixes for various issues. Users can install the update through the Windows Update settings or manually from the Microsoft Update Catalog. The update also addresses a new DDoS attack technique and provides steps to … Read more
October 10, 2023 at 11:30AM Amazon Web Services (AWS), Cloudflare, and Google have taken measures to address a new distributed denial-of-service (DDoS) attack technique called HTTP/2 Rapid Reset. The attacks, which exploited a flaw in the HTTP/2 protocol, affected the companies’ cloud infrastructures. The attacks overloaded servers by sending and canceling requests in quick succession, … Read more
October 10, 2023 at 09:54AM A new zero-day vulnerability called ‘HTTP/2 Rapid Reset’ has been exploited by malicious actors to launch massive distributed denial-of-service (DDoS) attacks. Cloudflare, Google, and AWS have all experienced record-breaking attacks, with the largest reaching 398 million requests per second. The attacks leverage a feature in the HTTP/2 protocol and have … Read more