Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded.
What are HTTP/2 Rapid Reset attacks?
HTTP/2 Rapid Reset attacks exploit a zero-day vulnerability, allowing attackers to send a large number of requests and then cancel them almost immediately. This method can overwhelm a web server with requests, significantly more than older attack techniques like asymmetric query attacks. The recent attacks have reached unprecedented levels, with Cloudflare reporting peaks of about 201 million requests per second.
What is the significance of CVE-2023-44487?
CVE-2023-44487 has a high severity CVSS score of 7.5, indicating its potential impact. It provides threat actors with a powerful tool to launch distributed denial of service attacks at a scale that has not been seen before, allowing them to generate hundreds of thousands of requests that can overwhelm targeted sites.
How are major cloud providers responding to these attacks?
Google, AWS, and Cloudflare have issued warnings about the scale of the HTTP/2 Rapid Reset attacks and are actively monitoring and mitigating these threats. They have observed varying peak requests per second during these attacks, indicating a coordinated effort to address the vulnerabilities and protect their users from these unprecedented levels of DDoS activity.