Now do who.
Cloudflare, Google, and Amazon explain what’s behind the largest DDoS attacks ever
Submitted 1 year ago by throws_lemy@lemmy.nz to technology@lemmy.world
Comments
REdOG@lemmy.world 1 year ago
autotldr@lemmings.world [bot] 1 year ago
This is the best summary I could come up with:
Cloudflare, Google, Microsoft, and Amazon all say they successfully mitigated what two of the companies called the biggest DDoS layer 7 attacks they’ve recorded in August and September, though none said who the attacks were directed against.
The companies say the attacks were possible because of a zero-day vulnerability in the HTTP/2 protocol they’ve named “HTTP/2 Rapid Reset.”
HTTP/2 speeds up page loading by allowing for multiple simultaneous requests to a website over a single connection.
Cloudflare writes that these attacks apparently involved an automated cycle of sending and immediately canceling “hundreds of thousands” of requests to websites that use HTTP/2, overwhelming servers and taking them offline.
Google goes into detail in a blog post about how the attacks worked, so do head over there if you want to roll your sleeves up and read about it.
Update October 10th, 2023, 1:20PM ET: Added that Microsoft has disclosed that its cloud infrastructure was affected as well.
The original article contains 281 words, the summary contains 156 words. Saved 44%. I’m a bot and I’m open source!
Nobilmantis@feddit.it 1 year ago
seaQueue@lemmy.world 1 year ago
Skip straight to the Google security blag if you want actual details, the verge article has none.
…google.com/…/how-it-works-the-novel-http2-rapid-…