131
Cloudflare, Google, and Amazon explain what’s behind the largest DDoS attacks ever
(www.theverge.com)
this post was submitted on 12 Oct 2023
131 points (97.8% liked)
Technology
58431 readers
4299 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This is the best summary I could come up with:
Cloudflare, Google, Microsoft, and Amazon all say they successfully mitigated what two of the companies called the biggest DDoS layer 7 attacks they’ve recorded in August and September, though none said who the attacks were directed against.
The companies say the attacks were possible because of a zero-day vulnerability in the HTTP/2 protocol they’ve named “HTTP/2 Rapid Reset.”
HTTP/2 speeds up page loading by allowing for multiple simultaneous requests to a website over a single connection.
Cloudflare writes that these attacks apparently involved an automated cycle of sending and immediately canceling “hundreds of thousands” of requests to websites that use HTTP/2, overwhelming servers and taking them offline.
Google goes into detail in a blog post about how the attacks worked, so do head over there if you want to roll your sleeves up and read about it.
Update October 10th, 2023, 1:20PM ET: Added that Microsoft has disclosed that its cloud infrastructure was affected as well.
The original article contains 281 words, the summary contains 156 words. Saved 44%. I'm a bot and I'm open source!