Rapid Reset: New DoS Attack Threatens Over 60% of Internet Traffic
April 5, 2024![Rapid Reset: New DoS Attack Threatens Over 60% of Internet Traffic](https://cdn.brief.news/images/stories/f4f6b94ee7b6519a517fea6b84982d9712110e43f55d7bef3d06e60efa87fbb21be864a7675cc3b138bae73171f45b4daf559196056ebc745db92cdced6da154.jpg)
A new DoS attack method, 'HTTP/2 Continuation Flood' or 'Rapid Reset', threatens internet safety by crashing servers with a single TCP connection.
The attack, exploiting HTTP/2 protocol frames, is particularly insidious as it leaves no trace in server logs and is difficult to detect and mitigate.
Over 60% of human internet traffic uses HTTP/2, indicating a significant impact potential for this newly discovered vulnerability.
CERT/CC is coordinating with tech giants and open source projects to responsibly disclose and address the vulnerability.
Immediate action is required from affected entities to upgrade software and libraries to prevent possible DDoS attacks utilizing this exploit.
Summary based on 4 sources
Get a daily email with more Tech stories
Sources
![New HTTP/2 DoS attack can crash web servers with a single connection](https://cdn.brief.news/images/links/f4f6b94ee7b6519a517fea6b84982d9712110e43f55d7bef3d06e60efa87fbb21be864a7675cc3b138bae73171f45b4daf559196056ebc745db92cdced6da154.jpg)
BleepingComputer • Apr 4, 2024
New HTTP/2 DoS attack can crash web servers with a single connection![New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks](https://cdn.brief.news/images/links/da390d1677ccd03421316dc3c48780a41a2fc342920de30a71c527297c15d48ddd78f4717c342363deb6ad28f3355409b8c3465989aea289d43c30f268d7fb91.png)
The Hacker News • Apr 4, 2024
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks![New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset](https://cdn.brief.news/images/links/f64afce3dc6f4522a40b92a013c49643b21e5675b9389b381a63148987c6373f4b2efada43de683af928f4008c5a4d2280faa1889cfc78d2858fdbc96f58129c.jpg)
SecurityWeek • Apr 4, 2024
New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset![HTTP/2 `CONTINUATION` Flood: Technical Details](https://cdn.brief.news/images/links/902a7b9962dd182d24fdcfa14ffde978db93349ebcabf66931c8214ebdf4c61db7caa5a222a867e5edd45e4633ef26466b070fa7a1d56315c8980ef6db6b1ac6.png)
nowotarski.info • Apr 3, 2024
HTTP/2 `CONTINUATION` Flood: Technical Details